Missing dependency cache

Rule ID	caching_missing
Category	energy
Severity	high

No cache action detected for package manager (pip, npm, gradle, cargo, etc.). Caching dependencies dramatically reduces build time and runner energy consumption.

Detection

pattern_matching — Regex or keyword matching on string field values.

Examples

Non-compliant:

jobs:
  build:
    steps:
      - uses: actions/setup-node@v4
        with:
          node-version: 20
      - run: npm install

Compliant:

jobs:
  build:
    steps:
      - uses: actions/setup-node@v4
        with:
          node-version: 20
          cache: npm
      - run: npm install

Fix: Enable caching on the setup action (e.g. cache: npm on actions/setup-node) or add an explicit actions/cache step before the install step.