Tell us what’s happening:
I’m unable to get a Replit Live App URL due to issues with npm install:
--> npm install
npm WARN deprecated request-promise-native@1.0.9: request-promise-native has been deprecated because it extends the now deprecated request package, see https://github.com/request/request/issues/3142
npm WARN deprecated har-validator@5.1.5: this library is no longer supported
npm WARN deprecated left-pad@1.3.0: use String.prototype.padStart()
npm WARN deprecated formidable@1.2.2: Please upgrade to latest, formidable@v2 or formidable@v3! Check these notes: https://bit.ly/2ZEqIau
npm WARN deprecated uuid@3.4.0: Please upgrade to version 7 or higher. Older versions may use Math.random() in certain circumstances, which is known to be problematic. See https://v8.dev/blog/math-random for details.
npm WARN deprecated request@2.88.2: request has been deprecated, see https://github.com/request/request/issues/3142
npm WARN deprecated superagent@3.8.3: Please upgrade to v7.0.2+ of superagent. We have fixed numerous issues with streams, form-data, attach(), filesystem errors not bubbling up (ENOENT on attach()), and all tests are now passing. See the releases tab for more information at <https://github.com/visionmedia/superagent/releases>.
npm WARN deprecated core-js@2.6.12: core-js@<3.23.3 is no longer maintained and not recommended for usage due to the number of issues. Because of the V8 engine whims, feature detection in old core-js versions could cause a slowdown up to 100x even if nothing is polyfilled. Some versions have web compatibility issues. Please, upgrade your dependencies to the actual version of core-js.
added 271 packages, removed 6 packages, changed 1 package, and audited 273 packages in 24s
20 packages are looking for funding
run `npm fund` for details
20 vulnerabilities (9 moderate, 7 high, 4 critical)
To address issues that do not require attention, run:
npm audit fix
To address all issues possible, run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
Run `npm audit` for details.
=================================================================
~/boilerplate-mochachai$ npm audit fix
removed 4 packages, changed 11 packages, and audited 269 packages in 7s
20 packages are looking for funding
run `npm fund` for details
# npm audit report
jsdom <=16.5.3
Severity: moderate
Insufficient Granularity of Access Control in JSDom - https://github.com/advisories/GHSA-f4c9-cqv8-9v98
Depends on vulnerable versions of request
Depends on vulnerable versions of request-promise-native
Depends on vulnerable versions of tough-cookie
No fix available
node_modules/jsdom
zombie *
Depends on vulnerable versions of jsdom
Depends on vulnerable versions of request
Depends on vulnerable versions of tough-cookie
node_modules/zombie
minimatch <3.0.5
Severity: high
minimatch ReDoS vulnerability - https://github.com/advisories/GHSA-f8q6-p94x-37v3
fix available via `npm audit fix --force`
Will install mocha@9.2.2, which is outside the stated dependency range
node_modules/minimatch
mocha 5.1.0 - 9.2.1
Depends on vulnerable versions of minimatch
Depends on vulnerable versions of nanoid
node_modules/mocha
nanoid 3.0.0 - 3.1.30
Severity: moderate
Exposure of Sensitive Information to an Unauthorized Actor in nanoid - https://github.com/advisories/GHSA-qrpm-p2h7-hrv2
fix available via `npm audit fix --force`
Will install mocha@9.2.2, which is outside the stated dependency range
node_modules/nanoid
qs 6.7.0 - 6.7.2
Severity: high
qs vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-hrpp-h998-j3pp
fix available via `npm audit fix --force`
Will install express@4.18.2, which is outside the stated dependency range
node_modules/qs
body-parser 1.19.0
Depends on vulnerable versions of qs
node_modules/body-parser
express 4.17.0 - 4.17.1 || 5.0.0-alpha.1 - 5.0.0-alpha.8
Depends on vulnerable versions of body-parser
Depends on vulnerable versions of qs
node_modules/express
request *
Severity: moderate
Server-Side Request Forgery in Request - https://github.com/advisories/GHSA-p8p7-x288-28g6
Depends on vulnerable versions of tough-cookie
No fix available
node_modules/request
request-promise-core *
Depends on vulnerable versions of request
node_modules/request-promise-core
request-promise-native >=1.0.0
Depends on vulnerable versions of request
Depends on vulnerable versions of request-promise-core
Depends on vulnerable versions of tough-cookie
node_modules/request-promise-native
tough-cookie <4.1.3
Severity: moderate
tough-cookie Prototype Pollution vulnerability - https://github.com/advisories/GHSA-72xf-g2v4-qvf3
No fix available
node_modules/tough-cookie
12 vulnerabilities (7 moderate, 5 high)
To address all issues possible, run:
npm audit fix --force
Some issues need review, and may require choosing
a different dependency.
Your code so far
// #1
test('#isNull, #isNotNull', function () {
assert.isNull(null, 'This is an optional error description - e.g. null is null');
assert.isNotNull(1, '1 is not null');
});
Your browser information:
User Agent is: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36
Challenge Information:
Quality Assurance and Testing with Chai - Learn How JavaScript Assertions Work
