diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 017f52c..0120f56 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -1,68 +1,96 @@
 name: Release
 
 on:
-    release:
-        types: [ created ]
+  release:
+    types: [ created ]
 
 # See https://stackoverflow.com/a/72408109
 concurrency:
-    group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
-    cancel-in-progress: true
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
 
 jobs:
-    build-phar:
-        runs-on: ubuntu-latest
-        name: Build PHAR
-        steps:
-            -   name: Checkout
-                uses: actions/checkout@v4
-                with:
-                    fetch-depth: 0
+  build-phar:
+    runs-on: ubuntu-latest
+    name: Build PHAR
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
 
-            -   name: Setup PHP
-                uses: shivammathur/setup-php@v2
-                with:
-                    php-version: 8.2
-                    ini-values: phar.readonly=0
-                    tools: composer
-                    coverage: none
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: 8.2
+          ini-values: phar.readonly=0
+          tools: composer
+          coverage: none
 
-            -   name: Install Composer dependencies
-                uses: ramsey/composer-install@v3
-                with:
-                    composer-options: '--no-dev'
+      - name: Cache Composer packages
+        id: composer-cache
+        uses: actions/cache@v4
+        with:
+          path: vendor
+          key: "os-${{ runner.os }}-php-${{ runner.php-version }}-composer-${{ hashFiles('**/composer.lock') }}"
+          restore-keys: "os-${{ runner.os }}-php-${{ runner.php-version }}-composer-"
 
-            -   name: Build PHAR
-                run: composer build
+      - name: Install Composer dependencies
+        uses: ramsey/composer-install@v3
+        with:
+          composer-options: '--no-dev'
 
-            # Smoke test.
-            # It is recommended ot have some sorts of tests for your PHAR.
-            #-   name: Ensure the PHAR works
-            #    run: pcsf-baseline.phar --version
+      - name: Cache tools installed with PHIVE
+        uses: actions/cache@v4
+        with:
+          path: "${{ runner.temp }}/.phive"
+          key: "os-${{ runner.os }}-php-${{ runner.php-version }}-phive-${{ hashFiles('**/.phive/phars.xml', '**/.phive/trust-gpg-keys.txt') }}"
+          restore-keys: "os-${{ runner.os }}-php-${{ runner.php-version }}-phive-"
 
-            # The following section is done only for releases
-            -   name: Import GPG key
-                if: github.event_name == 'release'
-                uses: crazy-max/ghaction-import-gpg@v5
-                with:
-                    gpg_private_key: ${{ secrets.GPG_KEY_83F9945BC33EC39E9710206C8B4927076BA50A83 }}
-                    passphrase: "${{ secrets.GPG_KEY_83F9945BC33EC39E9710206C8B4927076BA50A83_PASSPHRASE }}"
+      - name: Install PHIVE
+        uses: szepeviktor/phive@v1
+        with:
+          home: "${{ runner.temp }}/.phive"
+          binPath: "${{ github.workspace }}/tools/phive"
 
-            -   name: Sign the PHAR
-                if: github.event_name == 'release'
-                run: |
-                    gpg --local-user 83F9945BC33EC39E9710206C8B4927076BA50A83 \
-                        --batch \
-                        --yes \
-                        --passphrase="${{ secrets.GPG_KEY_83F9945BC33EC39E9710206C8B4927076BA50A83_PASSPHRASE }}" \
-                        --detach-sign \
-                        --output pcsf-baseline.phar.asc \
-                        pcsf-baseline.phar
+      - name: Install PHP tools by PHIVE
+        uses: szepeviktor/phive-install@v1
+        with:
+          home: "${{ runner.temp }}/.phive"
+          binPath: "${{ github.workspace }}/tools/phive"
+          trustGpgKeys: '$(cat ./.phive/trust-gpg-keys.txt)'
 
-            -   name: Upload PHAR to the release
-                uses: softprops/action-gh-release@v2
-                with:
-                    token: ${{ secrets.GITHUB_TOKEN }}
-                    files: |
-                        pcsf-baseline.phar
-                        pcsf-baseline.phar.asc
+      - name: Build PHAR
+        run: composer build
+
+      # Smoke test.
+      # It is recommended ot have some sorts of tests for your PHAR.
+      #- name: Ensure the PHAR works
+      #  run: pcsf-baseline.phar --version
+
+      # The following section is done only for releases
+      - name: Import GPG key
+        if: github.event_name == 'release'
+        uses: crazy-max/ghaction-import-gpg@v5
+        with:
+          gpg_private_key: ${{ secrets.GPG_KEY_83F9945BC33EC39E9710206C8B4927076BA50A83 }}
+          passphrase: "${{ secrets.GPG_KEY_83F9945BC33EC39E9710206C8B4927076BA50A83_PASSPHRASE }}"
+
+      - name: Sign the PHAR
+        if: github.event_name == 'release'
+        run: |
+          gpg --local-user 83F9945BC33EC39E9710206C8B4927076BA50A83 \
+              --batch \
+              --yes \
+              --passphrase="${{ secrets.GPG_KEY_83F9945BC33EC39E9710206C8B4927076BA50A83_PASSPHRASE }}" \
+              --detach-sign \
+              --output pcsf-baseline.phar.asc \
+              pcsf-baseline.phar
+
+      - name: Upload PHAR to the release
+        uses: softprops/action-gh-release@v2
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          files: |
+            pcsf-baseline.phar
+            pcsf-baseline.phar.asc