2 months ago
"Your vulnerability scanner keeps detecting next@15.2.2 and next@15.2.6 in my pnpm-lock.yaml but I removed next.js weeks ago. My GitHub repo at HOALoans/HOA-Loan-Services has no next.js in it. The scanner appears stuck on a cached version of my lockfile. Please clear your build cache for my project."
1 Replies
2 months ago
We don't run a vulnerability scanner on your dependencies or lockfiles, so the alerts you're seeing are likely from a third-party tool such as GitHub's Dependabot scanning your repository. That said, if you want to ensure your Railway builds start completely fresh without any cached layers, you can set the NO_CACHE=1 environment variable on your service as described in our build configuration docs. Your "hoa" service is currently in a FAILED state, so you may want to check that deployment as well.
Status changed to Awaiting User Response Railway • about 2 months ago
a month ago
This thread has been marked as solved automatically due to a lack of recent activity. Please re-open this thread or create a new one if you require further assistance. Thank you!
Status changed to Solved Railway • about 1 month ago