Quality Assurance and Testing with Chai -

Tell us what’s happening:

I’m unable to get a Replit Live App URL due to issues with npm install:

--> npm install
npm WARN deprecated request-promise-native@1.0.9: request-promise-native has been deprecated because it extends the now deprecated request package, see https://github.com/request/request/issues/3142
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated left-pad@1.3.0: use String.prototype.padStart()
npm WARN deprecated formidable@1.2.2: Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau
npm WARN deprecated uuid@3.4.0: Please upgrade  to version 7 or higher.  Older versions may use Math.random() in certain circumstances, which is known to be problematic.  See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated superagent@3.8.3: Please upgrade to v7.0.2+ of superagent.  We have fixed numerous issues with streams, form-data, attach(), filesystem errors not bubbling up (ENOENT on attach()), and all tests are now passing.  See the releases tab for more information at <https://github.com/visionmedia/superagent/releases>.
npm WARN deprecated core-js@2.6.12: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.

added 271 packages, removed 6 packages, changed 1 package, and audited 273 packages in 24s

20 packages are looking for funding
  run `npm fund` for details

20 vulnerabilities (9 moderate, 7 high, 4 critical)

To address issues that do not require attention, run:
  npm audit fix

To address all issues possible, run:
  npm audit fix --force

Some issues need review, and may require choosing
a different dependency.

Run `npm audit` for details.



=================================================================



~/boilerplate-mochachai$ npm audit fix

removed 4 packages, changed 11 packages, and audited 269 packages in 7s

20 packages are looking for funding
  run `npm fund` for details

# npm audit report

jsdom  <=16.5.3
Severity: moderate
Insufficient Granularity of Access Control in JSDom - https://github.com/advisories/GHSA-f4c9-cqv8-9v98
Depends on vulnerable versions of request
Depends on vulnerable versions of request-promise-native
Depends on vulnerable versions of tough-cookie
No fix available
node_modules/jsdom
  zombie  *
  Depends on vulnerable versions of jsdom
  Depends on vulnerable versions of request
  Depends on vulnerable versions of tough-cookie
  node_modules/zombie

minimatch  <3.0.5
Severity: high
minimatch ReDoS vulnerability - https://github.com/advisories/GHSA-f8q6-p94x-37v3
fix available via `npm audit fix --force`
Will install mocha@9.2.2, which is outside the stated dependency range
node_modules/minimatch
  mocha  5.1.0 - 9.2.1
  Depends on vulnerable versions of minimatch
  Depends on vulnerable versions of nanoid
  node_modules/mocha

nanoid  3.0.0 - 3.1.30
Severity: moderate
Exposure of Sensitive Information to an Unauthorized Actor in nanoid - https://github.com/advisories/GHSA-qrpm-p2h7-hrv2
fix available via `npm audit fix --force`
Will install mocha@9.2.2, which is outside the stated dependency range
node_modules/nanoid

qs  6.7.0 - 6.7.2
Severity: high
qs vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-hrpp-h998-j3pp
fix available via `npm audit fix --force`
Will install express@4.18.2, which is outside the stated dependency range
node_modules/qs
  body-parser  1.19.0
  Depends on vulnerable versions of qs
  node_modules/body-parser
  express  4.17.0 - 4.17.1 || 5.0.0-alpha.1 - 5.0.0-alpha.8
  Depends on vulnerable versions of body-parser
  Depends on vulnerable versions of qs
  node_modules/express

request  *
Severity: moderate
Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6
Depends on vulnerable versions of tough-cookie
No fix available
node_modules/request
  request-promise-core  *
  Depends on vulnerable versions of request
  node_modules/request-promise-core
    request-promise-native  >=1.0.0
    Depends on vulnerable versions of request
    Depends on vulnerable versions of request-promise-core
    Depends on vulnerable versions of tough-cookie
    node_modules/request-promise-native

tough-cookie  <4.1.3
Severity: moderate
tough-cookie Prototype Pollution vulnerability - https://github.com/advisories/GHSA-72xf-g2v4-qvf3
No fix available
node_modules/tough-cookie

12 vulnerabilities (7 moderate, 5 high)

To address all issues possible, run:
  npm audit fix --force

Some issues need review, and may require choosing
a different dependency.

Your code so far

// #1
test('#isNull, #isNotNull', function () {
  assert.isNull(null, 'This is an optional error description - e.g. null is null');
  assert.isNotNull(1, '1 is not null');
});

Your browser information:

User Agent is: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36

Challenge Information:

Quality Assurance and Testing with Chai - Learn How JavaScript Assertions Work

Welcome,

Please note that info about deprecated packages is a warning, not an error. NPM successfully installed all the packages. There is no need to run npm audit.

Hope this clarifies

2 Likes

Thanks for the response. I do find that the app runs, however I’m still unable to get a Live App URL:

Is this an issue that I need to take to Replit help?

1 Like

That is odd. Do you not get one if you click New tab?

Here is what I get in the new tab:

I do see the link, but it seems to be broken.

1 Like

If you open a new tab, the full url is displayed. I don’t know why repls have started showing like that recently in the WebView window, but I noticed that too. Perhaps it’s a deliberate decision?

I notice that you have a ‘browser is not defined’ error however… we’d need to see your code to see why that might be. Do you have a link to your repl please?

EDIT: ‘browser not defined’ error not relevant at this stage.

Submitting the url I got above, the project is not passing:

I’m confident my code should pass, and I checked it is identical to the Solution, but I think this is caused by the broken link. To me it now looks like this issue is with Replit rather than anything with FCC.

Do you have a link to your repl code please?

Your code is passing for me, both from your live link and from forking your code… I don’t know why it wouldn’t pass for you.

It’s passing now for me with no changes… I’m not sure what happened but it looks like the issue resolved itself. Thanks for the help.

This topic was automatically closed 182 days after the last reply. New replies are no longer allowed.