Skip to content
Latchkey

How to Build a Cache Key With hashFiles in GitHub Actions

hashFiles returns a single SHA over every file that matches the given glob patterns, ideal for a content-addressed cache key.

hashFiles('pattern', ...) computes one hash across all matching files. Put it in your cache key so the key only changes when a matched file changes, and unchanged dependencies keep hitting the cache.

Steps

  • Pass one or more globs to hashFiles().
  • Combine the result with a stable prefix and runner.os.
  • Match every file whose change should invalidate the cache.

Workflow

.github/workflows/ci.yml
- uses: actions/cache@v4
  with:
    path: ~/.npm
    key: deps-${{ runner.os }}-${{ hashFiles('**/package-lock.json', '**/pnpm-lock.yaml') }}

Gotchas

  • hashFiles returns an empty string when nothing matches, which can produce a constant key.
  • Patterns are relative to GITHUB_WORKSPACE; a bad path silently matches nothing.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →