[Snyk] Upgrade mocha from 8.4.0 to 10.2.0

[snyk-bot]

Snyk has created this PR to upgrade mocha from 8.4.0 to 10.2.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 15 versions ahead of your current version.
• The recommended version was released 2 months ago, on 2022-12-11.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOCHA-2863123	589/1000 Why? Has a fix available, CVSS 7.5	No Known Exploit
	Information Exposure SNYK-JS-NANOID-2332193	589/1000 Why? Has a fix available, CVSS 7.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: mocha

• 10.2.0 - 2022-12-11
  

  10.2.0 / 2022-12-11

  🎉 Enhancements

  • #4945: API: add possibility to decorate ESM name before import (@ j0tunn)

  🐛 Fixes

  • #4946: Browser: color of failed test icon (@ kleisauke)

  📖 Documentation

  • #4944: Remove duplicated header (@ PauloGoncalvesBH)
• 10.1.0 - 2022-10-15
  

  10.1.0 / 2022-10-16

  🎉 Enhancements

  • #4896: Browser: add support for prefers-color-scheme: dark (@ greggman)

  🔩 Other

  • #4912: Browser: increase contrast for replay buttons (@ JoshuaKGoldberg)
  • #4905: Use standard Promise.allSettled instead of polyfill (@ outsideris)
  • #4899: Upgrade official GitHub actions to latest (@ ddzz)
  • #4770: Fix regex in function clean(@ yetingli)
• 10.0.0 - 2022-05-01
  

  10.0.0 / 2022-05-01

  💥 Breaking Changes

  • #4845: Drop Node.js v12.x support (@ juergba)

  • #4848: Drop Internet-Explorer-11 support (@ juergba)

  • #4857: Drop AMD/RequireJS support (@ juergba)

  • #4866: Drop Growl notification support (@ juergba)

  • #4863: Rename executable bin/mocha to bin/mocha.js (@ juergba)

  • #4865: --ignore option in Windows: upgrade Minimatch (@ juergba)

  • #4861: Remove deprecated Runner signature (@ juergba)

  🔩 Other

  • #4878: Update production dependencies (@ juergba)

  • #4876: Add Node.js v18 to CI test matrix (@ outsideris)

  • #4852: Replace deprecated String.prototype.substr() (@ CommanderRoot)

  Also thanks to @ ea2305 and @ SukkaW for improvements to our documentation.

• 9.2.2 - 2022-03-11
  

  9.2.2 / 2022-03-11

  Please also note our announcements.

  🐛 Fixes

  • #4842: Loading of reporter throws wrong error (@ juergba)

  • #4839: dry-run: prevent potential call-stack crash (@ juergba)

  🔩 Other

  • #4843: Update production dependencies (@ juergba)
• 9.2.1 - 2022-02-19
  

  9.2.1 / 2022-02-19

  Please also note our announcements.

  🐛 Fixes

  • #4832: Loading of config files throws wrong error (@ juergba)

  • #4799: Reporter: configurable maxDiffSize reporter-option (@ norla)

• 9.2.0 - 2022-01-24
  

  9.2.0 / 2022-01-24

  Please also note our announcements.

  🎉 Enhancements

  • #4813: Parallel: assign each worker a worker-id (@ forty)

  🔩 Other

  • #4818: Update production dependencies (@ juergba)
• 9.1.4 - 2022-01-14
  

  9.1.4 / 2022-01-14

  Please also note our announcements.

  🐛 Fixes

  • #4807: import throws wrong error if loader is used (@ giltayar)

  🔩 Other

  • #4777: Add Node v17 to CI test matrix (@ outsideris)
• 9.1.3 - 2021-10-15
  

  9.1.3 / 2021-10-15

  Please also note our announcements.

  🐛 Fixes

  • #4769: Browser: re-enable bdd ES6 style import (@ juergba)

  🔩 Other

  • #4764: Revert deprecation of EVENT_SUITE_ADD_* events (@ beatfactor)
• 9.1.2 - 2021-09-25
  

  9.1.2 / 2021-09-25

  Please also note our announcements.

  🐛 Fixes

  • #4746: Browser: stop using all global vars in browser-entry.js (@ PaperStrike)

  🔩 Other

  • #4754: Remove dependency wide-align (@ juergba)
  • #4736: ESM: remove code for Node versions <10 (@ juergba)
• 9.1.1 - 2021-08-28
  

  9.1.1 / 2021-08-28

  Please also note our announcements.

  🐛 Fixes

  • #4623: XUNIT and JSON reporter crash in parallel mode (@ curtisman)
• 9.1.0 - 2021-08-20
• 9.0.3 - 2021-07-25
• 9.0.2 - 2021-07-03
• 9.0.1 - 2021-06-18
• 9.0.0 - 2021-06-07
• 8.4.0 - 2021-05-07

from mocha GitHub release notes

Commit messages

Package name: mocha

• 202e9b8 build(v10.2.0): release
• 6782d6d build(v10.2.0): update CHANGELOG
• 73bb819 feat(esm): ability to decorate ESM module name before importing it (#4945)
• fc4ac58 chore(devDeps): remove unused depedencies (#4949)
• 0a10ddc docs: remove duplicated header (#4944)
• b0a0fb8 fix(browser): failed test icon color (#4946)
• 3cc9cac ci: update stale action (#4931)
• 8f3c37b chore(ci): workaround for firefox error (#4933)
• 5f96d51 build(v10.1.0): release
• ed74f16 build(v10.1.0): update CHANGELOG
• 51d4746 chore(devDeps): update 'ESLint' to v8 (#4926)
• 4e06a6f fix(browser): increase contrast for replay buttons (#4912)
• 41567df Support prefers-color-scheme: dark (#4896)
• 61b4b92 fix the regular expression for function `clean` in `utils.js` (#4770)
• 77c18d2 chore: use standard 'Promise.allSettled' instead of polyfill (#4905)
• 84b2f84 chore(ci): upgrade GH actions to latest versions (#4899)
• 023f548 build(v10.0.0): release
• 62b1566 build(v10.0.0): update CHANGELOG
• fbe7a24 chore: update dependencies (#4878)
• 2b98521 docs: replace 'git.io' short links (#4877) [ci skip]
• 007fa65 chore(ci): add Node v18 to test matrix (#4876)
• f6695f0 chore(esm): remove code for Node v12 (#4874)
• 59f6192 chore(ci): conditionally skip 'push' event (#4872)
• b863359 docs: fix 'fgrep' url (#4873)

Compare

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[coveralls]

coverage: 100.0%. remained the same
when pulling 04ee6d6 on snyk-upgrade-ee528bfb415f19b3a6a80732ebbbec24
into ceb141d on main.