Skip to content
Latchkey

How to Cache Dependencies in GitHub Actions (Every Ecosystem)

Caching dependencies is the highest-leverage CI speedup. Here are the correct keys and paths per ecosystem.

Use actions/cache (or the built-in cache in setup-* actions) with a key that changes only when your lockfile changes, and a restore-key fallback.

The pattern

.github/workflows/ci.yml
- uses: actions/cache@v4
  with:
    path: ~/.npm
    key: npm-${{ hashFiles('**/package-lock.json') }}
    restore-keys: npm-

Paths by ecosystem

EcosystemCache pathKey on
npm~/.npmpackage-lock.json
yarn~/.cache/yarnyarn.lock
pnpm~/.local/share/pnpm/storepnpm-lock.yaml
pip~/.cache/piprequirements*.txt
Maven~/.m2/repositorypom.xml
Gradle~/.gradle/caches*.gradle*
Go~/go/pkg/modgo.sum
Cargo~/.cargo + targetCargo.lock
Bundlervendor/bundleGemfile.lock

Tip: setup-* actions cache for you

Many setup-node, setup-python, etc. actions have a cache: input that handles this automatically - prefer it when available.

Key takeaways

  • Key on the lockfile hash; add a restore-key prefix.
  • Cache the download/store dir, not the rebuilt output.
  • Prefer the built-in cache in setup-* actions.

Related guides

Run this faster and cheaper on Latchkey managed runners. Start free →