Basic node and express: vulnerability for module fcc-express-bground with no fix

I wanted to repeat the basic node and express class and got stuck on the first class.
I work locally on VS code.
After installing nodemon, Terminal gave me the following message:

PS C:\Users\Karel\Documents\Programeren\VisualBasic\FCC6_Back End Development and APIs\Class 2 again> npm i nodemon -D

added 94 packages, and audited 95 packages in 7s

  run `npm fund` for details

9 vulnerabilities (4 low, 5 high)

To address issues that do not require attention, run:
  npm audit fix

Some issues need review, and may require choosing
a different dependency.

Run `npm audit` for details.

Then i ran npm audit fix as suggested by the Terminal:

PS C:\Users\Karel\Documents\Programeren\VisualBasic\FCC6_Back End Development and APIs\Class 2 again> npm audit fix

added 14 packages, removed 5 packages, changed 18 packages, and audited 104 packages in 11s

19 packages are looking for funding
  run `npm fund` for details

# npm audit report

ip  *
ip SSRF improper categorization in isPublic - https://github.com/advisories/GHSA-2p57-rm9w-gvfp
No fix available
node_modules/ip
  fcc-express-bground
  Depends on vulnerable versions of ip
  node_modules/fcc-express-bground
2 high severity vulnerabilities

Some issues need review, and may require choosing
a different dependency.

Is this an issue from FCC side (fcc-express-bground) which makes me not pass the first class? Or am I missing something?

The code hasn’t changed much from the boilerplate on gitpod (GitHub - freeCodeCamp/boilerplate-express: A boilerplate for the freeCodeCamp curriculum.)

As asked I added the console.log to myApp.js:

let express = require('express');
let app = express();

console.log("Hello World");

And I added nodemon to the scripts in package.json:

{
  "name": "fcc-learn-node-with-express",
  "version": "0.1.0",
  "dependencies": {
    "body-parser": "^1.15.2",
    "cookie-parser": "^1.4.3",
    "dotenv": "^16.0.1",
    "express": "^4.14.0",
    "fcc-express-bground": "https://github.com/freeCodeCamp/fcc-express-bground-pkg.git"
  },
  "main": "server.js",
  "scripts": {
    "start": "node server.js",
    "dev": "nodemon server.js"
  },
  "devDependencies": {
    "nodemon": "^3.1.10"
  }
}

Based on the result in Terminal, I think I should pass the test (besides the vulnerabilities given installing Nodemon.

PS C:\Users\Karel\Documents\Programeren\VisualBasic\FCC6_Back End Development and APIs\Class 2 again> npm run dev

> fcc-learn-node-with-express@0.1.0 dev
> nodemon server.js

[nodemon] 3.1.10
[nodemon] to restart at any time, enter `rs`
[nodemon] watching path(s): *.*
[nodemon] watching extensions: js,mjs,cjs,json
[nodemon] starting `node server.js`
Hello World
Node is listening on port 3000...

The link I use to post is: http://127.0.0.1:3000/

I don’t think that the issue was the warning after installing the packages. In most projects, that warning always appears because there’s always some outdated library. In fact, I find that running npm audit fix may break a project.

Thanks for your answer. So if I can undo the changes made by the audit fix, I should be able to pass the test? Do I understand correctly that I can do this by uninstalling node and reinstalling it?
(I did try to restart the class from scratch last week, but it failed again for the same reason)

Running npm audit fix doesn’t break anything on this challenge step for me (so no, that isn’t the issue with your code). But I would advise against updating boilerplate dependencies beyond minor/patch versions (do not do major version updates).

Do you still have the export module.exports = app; at the bottom of the myApp.js file?

Yes, I do have at the bottom of the myApp.js file.

There is nothing about the process you did, or your code, that should make it fail the test. Can you post a repo with your code?

Maybe it is something locally to your network (something blocking your localhost submission). Maybe try the same code on some online site like Gitpod.

Does http://localhost:3000 work?

I just did another try, and I passed the test, without changing anything to my code…
Thank you for your time looking into this.
It is a bit frustrating for me not understanding where the issue lies and having to ask help/time from you for this…
Anyway, thanks again!