HOWEVER, if you manipulate permission/role data directly in the database instead of calling the supplied methods, then you will not see the changes reflected in the application unless you manually reset the cache.
Additionally, because the Role and Permission models are Eloquent models which implement the RefreshesPermissionCache trait, creating and deleting Roles and Permissions will automatically clear the cache. If you have created your own models which do not extend the default models then you will need to implement the trait yourself.
Laravel Tip: If you are leveraging a caching service such as redis or memcached and there are other sites running on your server, you could run into cache clashes between apps.
To prevent other applications from accidentally using/changing your cached data, it is prudent to set your own cache prefix in Laravel's /config/cache.php to something unique for each application which shares the same caching service.
Most multi-tenant "packages" take care of this for you when switching tenants.
Setting 'cache.store' => 'array' in config/permission.php will effectively disable caching by this package between requests (it will only cache in-memory until the current request is completed processing, never persisting it).
Alternatively, in development mode you can bypass ALL of Laravel's caching between visits by setting CACHE_DRIVER=array in .env. You can see an example of this in the default phpunit.xml file that comes with a new Laravel install. Of course, don't do this in production though!