chore(deps): bump @actions/cache to 6.2.0#1128
Merged
Merged
Conversation
Bump @actions/cache from ^6.1.0 to ^6.2.0 and rebuild the vendored dist/ bundles. 6.2.0 honors ACTIONS_CACHE_MODE to skip restore/save when the effective cache-mode disallows it, and surfaces a core.warning (instead of failing the run) when the cache service denies a read/write due to token scopes. Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com> Copilot-Session: 0046a2b8-0238-4ac6-93f6-70c4e60b5630
Refresh the cached licensed dependency record so the version matches the bumped @actions/cache 6.2.0. License text, summary, and homepage are unchanged; only the version field was stale, which failed the "Check licenses" CI job. Co-authored-by: Copilot App <223556219+Copilot@users.noreply.github.com> Copilot-Session: 0046a2b8-0238-4ac6-93f6-70c4e60b5630
Contributor
There was a problem hiding this comment.
Pull request overview
This PR updates the action’s vendored dependency graph to ship @actions/cache@6.2.0 (and its new runtime behaviors) by bumping the npm dependency and rebuilding the committed dist/ bundles.
Changes:
- Bump
@actions/cachefrom^6.1.0to^6.2.0inpackage.jsonand lock it inpackage-lock.json. - Rebuild
dist/setupanddist/cleanupbundles to vendor the updated cache client implementation. - Update the Licensed dependency record for
@actions/cacheto match the new version.
Show a summary per file
| File | Description |
|---|---|
| package.json | Updates the declared @actions/cache dependency to ^6.2.0. |
| package-lock.json | Locks @actions/cache resolution to 6.2.0 and updates lockfile metadata accordingly. |
| dist/setup/index.js | Vendors updated @actions/cache runtime logic, but currently introduces a runtime ReferenceError in the save path (see comments). |
| dist/cleanup/index.js | Vendors updated @actions/cache runtime logic, but currently includes broken identifiers for read-denied handling (see comments). |
| .licenses/npm/@actions/cache.dep.yml | Updates Licensed record to @actions/cache@6.2.0. |
Review details
Tip
Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
- Files reviewed: 2/5 changed files
- Comments generated: 0
- Review effort level: Low
brunoborges
approved these changes
Jul 15, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description:
Bumps
@actions/cachefrom^6.1.0to^6.2.0(the 6.x ESM line this action already uses) and rebuilds the vendoreddist/bundles so the new client behavior ships with the action.Logical changes:
@actions/cachedependency inpackage.jsonto^6.2.0.package-lock.json(resolves@actions/cacheto6.2.0).dist/setupanddist/cleanupbundles via ncc to embed the 6.2.0 client code.New client behaviors that ship transparently with 6.2.0:
ACTIONS_CACHE_MODEenv var to skip restore/save when the effective cache-mode disallows it.core.warning(instead of failing the run) when the cache service denies a read/write due to token scopes.Upstream change: published as
@actions/cache6.2.0, from actions/toolkit PR actions/toolkit#2447.Related issue:
N/A
Check list:
npm run checklocally (format, lint, build, test) and all checks pass.