actions-rs
install
TypeScript

⏩ GitHub Action for a faster binary crates installation

Last updated Sep 12, 2025
57
Stars
11
Forks
11
Issues
0
Stars/day
Attention Score
8
Language breakdown
No language data available.
Files click to expand
README

cargo-install Action

Sponsoring MIT licensed Gitter Continuous integration Dependabot enabled

This GitHub Action provides faster version of the cargo install command.

⚠ ️NOTE: This is an experimental Action.

Table of Contents

* Security considerations

Why?

If you are using binary crates (such as cargo-audit, grcov, cargo-geiger and so on) in your CI workflows, you might have noticed that compiling these crates each time is irritatingly slow.

This Action speeds up the crates installation with some tricks, leading to a much faster job execution; crates are expected to be installed in a couple seconds.

How does it work?

Before calling your usual cargo install command, this Action attempts to download pre-build binary crate file from the binary crates cache. See Security considerations to read more about potential caveats and usage policy.

If requested crate does not exist in the crates cache storage, this Action will fall back to the usual cargo install.\ As soon as actions-rs/meta#21 will be implemented, this Action will also cache compiled binary in the GitHub cache.

Example workflow

on: [push]

name: build

jobs: check: name: Rust project runs-on: ubuntu-latest steps: - uses: actions/checkout@v2 - uses: actions-rs/install@v0.1 with: crate: cargo-audit version: latest - run: cargo audit

Inputs

| Name | Required | Description | Type | Default | | ---------------- | :------: | ------------------------------------------------ | ------ | --------| | crate | ✓ | Binary crate name | string | | | version | | Crate version to install | string | latest | | use-tool-cache | | Use pre-compiled crates to speed-up installation | bool | false |

Tool cache

As it was mentioned in How does it work? section, this Action can use external pre-compiled crates cache.

In order to enable this functionaliy, you need to explicitly enable use-tool-cache input:

- uses: actions-rs/install@v0.1
  with:
    crate: cargo-audit
    version: latest
    use-tool-cache: true

Before enabling this input, you should acknowledge security risks of executing binaries compiled for you by a third party in your CI workflows.

Security considerations

Check the tool-cache repo to understand how binary crates are built, signed and uploaded into the external cache.

This Action downloads both binary file and its signature. Signature validation is proceeded by openssl by using public key of the same certificate used for signing files at tool-cache repo.\ Public key is stored in this repository at public.pem.

If signature validation fails, binary file is removed immediately, warning issued and fall back to the cargo install call happens.

License

This Action is distributed under the terms of the MIT license, see LICENSE for details.

Contribute and support

Any contributions are welcomed!

If you want to report a bug or have a feature request, check the Contributing guide.

You can also support author by funding the ongoing project work, see Sponsoring.

🔗 More in this category

© 2026 GitRepoTrend · actions-rs/install · Updated daily from GitHub