hanchao/cache
1
0
Fork 0
mirror of https://github.com/actions/cache.git synced 2026-05-13 13:28:06 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

Add note on pull_request_target exception for actions/cache usage

Browse Source
This commit is contained in:
Jesse Houwing 2026-05-12 09:03:28 +02:00
parent 8eb11f09c5
commit 9b5580e861
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -179,6 +179,8 @@ jobs:
> **Note**
> You must use the `cache` or `restore` action in your workflow before you need to use the files that might be restored from the cache. If the provided `key` matches an existing cache, a new cache is not created and if the provided `key` doesn't match an existing cache, a new cache is automatically created provided the job completes successfully.
>
> **`pull_request_target` exception:** When `actions/cache` is used in a `pull_request_target` workflow, the automatic post-step save is **skipped**. This is a security measure to prevent untrusted pull request code from poisoning caches accessible to privileged workflows. If really you need to save a cache in a trusted `pull_request_target` context (e.g., after validating the PR source), use [`actions/cache/save`](./save/README.md) explicitly with an appropriate `if` condition.
## Caching Strategies