Advanced Node and Express - Set up Passport - Step 3

I am running the tests locally after cloning the repository from github.
The instruction tell to set up Express app with following option

app.use(session({
  secret: process.env.SESSION_SECRET,
  resave: true,
  saveUninitialized: true,
  cookie: { secure: false }
}));

But after run server.js on the console appear that messagge :
express-session deprecated req.secret; provide secret option
After opening the page it throw an Error: secret option required for sessions.

It seems that the key secret of the session accepts only explicit value.
If I write secret: "abdc" the server runs correctly, but
#test 4 - Session and session secret should be correctly set up fails

To pass the test I created a copy of server.js, with “secret: process.env.SESSION_SECRET” as requested in the instructions and passed this new file instead of server.js into fctesting.js.

Are you saying that this block of code is taking place of server.js and what is fctesting.js?

I am saying that writing server: process.env.SESSION_SECRET as stated in the instructions will cause server.js to crash. Writing server: "something" will make it work fine but will fail test #4.
fctesting.js is the test file in the boilerplate repository.

Oh ok, try npm audit fix or force fix if applicable. Also can you post the link to this project?