step-security
diff --git a/‎README.md‎
Lines changed: 10 additions & 8 deletions b/‎README.md‎
Lines changed: 10 additions & 8 deletions
diff --git a/‎action.yml‎
Lines changed: 9 additions & 1 deletion b/‎action.yml‎
Lines changed: 9 additions & 1 deletion
diff --git a/‎dist/index.js‎
Lines changed: 9 additions & 7 deletions b/‎dist/index.js‎
Lines changed: 9 additions & 7 deletions
diff --git a/‎package.json‎
Lines changed: 4 additions & 2 deletions b/‎package.json‎
Lines changed: 4 additions & 2 deletions
@@ -38,6 +38,14 @@ If `run_install` is a YAML string representation of either an object or an array
 
 **Optional** (_type:_ `string[]`) Additional arguments after `pnpm [recursive] install`, e.g. `[--ignore-scripts, --strict-peer-dependencies]`.
 
+### `cache`
+
+**Optional** (_type:_ `boolean`, _default:_ `false`) Whether to cache the pnpm store directory.
+
+### `cache_dependency_path`
+
+**Optional** (_type:_ `string|string[]`, _default:_ `pnpm-lock.yaml`) File path to the pnpm lockfile, which contents hash will be used as a cache key.
+
 ### `package_json_file`
 
 **Optional** (_type:_ `string`, _default:_ `package.json`) File path to the `package.json`/[`package.yaml`](https://github.com/pnpm/pnpm/pull/1799) to read "packageManager" configuration.
@@ -113,7 +121,7 @@ jobs:
       - uses: step-security/action-setup@v4
         with:
           version: 10
-          run_install:
+          run_install: |
             - recursive: true
               args: [--strict-peer-dependencies]
             - args: [--global, gulp, prettier, typescript]
@@ -138,13 +146,7 @@ jobs:
         name: Install pnpm
         with:
           version: 10
-          run_install: false
-
-      - name: Install Node.js
-        uses: actions/setup-node@v4
-        with:
-          node-version: 20
-          cache: 'pnpm'
+          cache: true
 
       - name: Install dependencies
         run: pnpm install
 
@@ -15,8 +15,16 @@ inputs:
     description: If specified, run `pnpm install`
     required: false
     default: 'null'
+  cache:
+    description: Whether to cache the pnpm store directory
+    required: false
+    default: 'false'
+  cache_dependency_path:
+    description: File path to the pnpm lockfile, which contents hash will be used as a cache key
+    required: false
+    default: 'pnpm-lock.yaml'
   package_json_file:
-    description: File path to the package.json to read "packageManager" configuration
+    description: File path to the package.json to read "packageManager" configuration. This path must be relative to the repository root (GITHUB_WORKSPACE).
     required: false
     default: 'package.json'
   standalone:
 
@@ -7,17 +7,19 @@
     "update-pnpm-dist": "pnpm install && cp ./node_modules/pnpm/dist/pnpm.cjs ./dist/pnpm.cjs && cp ./node_modules/pnpm/dist/worker.js ./dist/worker.js"
   },
   "dependencies": {
+    "@actions/cache": "^4.1.0",
     "@actions/core": "^1.11.1",
+    "@actions/exec": "^1.1.1",
+    "@actions/glob": "^0.5.0",
     "@types/expand-tilde": "^2.0.2",
     "@types/node": "^20.11.5",
-    "@types/node-fetch": "^2.6.13",
     "axios": "^1.12.0",
     "expand-tilde": "^2.0.2",
     "yaml": "^2.3.4",
     "zod": "^3.22.4"
   },
   "devDependencies": {
-    "@vercel/ncc": "^0.38.1",
+    "@vercel/ncc": "^0.38.4",
     "pnpm": "^10.28.2",
     "typescript": "^5.3.3"
   }