I am trying to install Chai on my Ubuntu 18.04 system. I did the following:
:~$ npm install --save-dev chai>
npm WARN read-shrinkwrap This version of npm is compatible with lockfileVersion@1, but package-lock.json was generated for lockfileVersion@2. I'll try to do my best with it!
npm WARN zulfi No description
npm WARN zulfi No repository field.
npm WARN zulfi No license field.
chai@4.2.0
added 7 packages from 20 contributors and audited 359 packages in 2.933s
41 packages are looking for funding
run npm fund for details
found 1 low severity vulnerability
run npm audit fix to fix them, or npm audit for details
zulfi@lc2530hz:~$ npm audit fix
npm WARN zulfi No description
npm WARN zulfi No repository field.
npm WARN zulfi No license field.
up to date in 0.99s
41 packages are looking for funding
run npm fund for details
fixed 0 of 1 vulnerability in 359 scanned packages
1 vulnerability required manual review and could not be updated
I getting the error "1 vulnerability required manual review and could not be updated"
Somebody please guide me how to solve this problem.
I didn’t get any vulnerabilities installing chai.
$ npm install --save-dev chai
npm notice created a lockfile as package-lock.json. You should commit this file.
npm WARN zak@1.0.0 No description
npm WARN zak@1.0.0 No repository field.
+ chai@4.2.0
added 7 packages from 20 contributors and audited 7 packages in 1.275s
found 0 vulnerabilities
$ node --version
v10.22.1
What version of node are you using?
You may want to try installing in a new project to see if it is chai or another package reporting the vulnerability. You can then check the package’s GitHub repository to see if there is already an issue for this vulnerability telling you the impact.
He suggested you to try installing chai in a new “clean” project, to check whether the problem is with chai itself or a conflict with other installed package in your current project.
He suggested you to try installing chai in a new “clean” project, to check whether the problem is with chai itself or a conflict with other installed package in your current project.
@zak100 I suggest you seek help in a broader development community like Stack Overflow, OpenZeppelin’s community is about ethereum smart contract development.