[Snyk] Upgrade mocha from 9.2.2 to 10.7.3

[nerds-github]

Snyk has created this PR to upgrade mocha from 9.2.2 to 10.7.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 13 versions ahead of your current version.

• The recommended version was released on 2 months ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	265	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOCHA-2863123	265	No Known Exploit
	Prototype Poisoning SNYK-JS-QS-3153490	265	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	265	Proof of Concept
	Improper Handling of Extra Parameters SNYK-JS-FOLLOWREDIRECTS-6141137	265	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GETFUNCNAME-5923417	265	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	265	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	265	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	265	No Known Exploit
	Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	265	No Known Exploit
	Uncontrolled resource consumption SNYK-JS-BRACES-6838727	265	Proof of Concept
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	265	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	265	No Known Exploit
	Denial of Service (DoS) SNYK-JS-WS-7266574	265	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	265	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	265	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	265	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	265	Proof of Concept
	Improper Input Validation SNYK-JS-POSTCSS-5926692	265	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	265	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-3244450	265	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	265	No Known Exploit
	Improper Control of Dynamically-Managed Code Resources SNYK-JS-EJS-6689533	265	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	265	Proof of Concept
	Prototype Pollution SNYK-JS-MINIMIST-2429795	265	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	265	No Known Exploit

Release notes

Package name: mocha

• 10.7.3 - 2024-08-09
  

  10.7.3 (2024-08-09)

  🩹 Fixes

  • make release-please build work (#5194) (afd66ef)
• 10.7.0 - 2024-07-20
  

  What's Changed

  • feat: add option to not fail on failing test suite by @ ilgonmic in #4771

  New Contributors

  • @ ilgonmic made their first contribution in #4771

  Full Changelog: v10.6.1...v10.7.0

• 10.6.1 - 2024-07-20
  

  What's Changed

  • fix: do not exit when only unref'd timer is present in test code by @ boneskull in #3825
  • fix: support canonical module by @ JacobLey in #5040

  Full Changelog: v10.6.0...v10.6.1

• 10.6.0 - 2024-07-02
  

  What's Changed

  • feat: allow ^ versions for character encoding packages by @ JoshuaKGoldberg in #5150
  • feat: allow ^ versions for yargs packages by @ JoshuaKGoldberg in #5152
  • feat: allow ^ versions for file matching packages by @ JoshuaKGoldberg in #5151
  • feat: allow ^ versions for data serialization packages by @ JoshuaKGoldberg in #5153
  • feat: allow ^ versions for miscellaneous packages by @ JoshuaKGoldberg in #5154

  Full Changelog: v10.5.2...v10.6.0

• 10.5.2 - 2024-06-26
  

  What's Changed

  • fix: better tracking of seen objects in error serialization by @ sam-super in #5032

  New Contributors

  • @ sam-super made their first contribution in #5032

  Full Changelog: v10.5.1...v10.5.2

• 10.5.1 - 2024-06-25
  

  What's Changed

  • fix: Add error handling for nonexistent file case with --file option by @ khoaHyh in #5086

  New Contributors

  • @ khoaHyh made their first contribution in #5086

  Full Changelog: v10.5.0...v10.5.1

• 10.5.0 - 2024-06-24
  

  🎉 Enhancements

  • #5015 feat: use <progress> and <svg> for browser progress indicator instead of <canvas> (@ yourWaifu)
  • #5143 feat: allow using any 3.x chokidar dependencies (@ simhnna)
  • #4835 feat: add MOCHA_OPTIONS env variable (@ icholy)

  🐛 Fixes

  • #5107 fix: include stack in browser uncaught error reporting (@ JoshuaKGoldberg)

  🔩 Other

  • #5110 chore: switch two-column list styles to be opt-in (@ marjys)
  • #5135 chore: fix some typos in comments (@ StevenMia)
  • #5130 chore: rename 'master' to 'main' in docs and tooling (@ JoshuaKGoldberg)
• 10.4.0 - 2024-03-26
  

  10.4.0 / 2024-03-26

  🎉 Enhancements

  • #4829 feat: include .cause stacks in the error stack traces (@ voxpelli)
  • #4985 feat: add file path to xunit reporter (@ bmish)

  🐛 Fixes

  • #5074 fix: harden error handling in lib/cli/run.js (@ stalet)

  🔩 Other

  • #5077 chore: add mtfoley/pr-compliance-action (@ JoshuaKGoldberg)
  • #5060 chore: migrate ESLint config to flat config (@ JoshuaKGoldberg)
  • #5095 chore: revert #5069 to restore Netlify builds (@ voxpelli)
  • #5097 docs: add sponsored to sponsorship link rels (@ JoshuaKGoldberg)
  • #5093 chore: add 'status: in triage' label to issue templates and docs (@ JoshuaKGoldberg)
  • #5083 docs: fix CHANGELOG.md headings to start with a root-level h1 (@ JoshuaKGoldberg)
  • #5100 chore: fix header generation and production build crashes (@ JoshuaKGoldberg)
  • #5104 chore: bump ESLint ecmaVersion to 2020 (@ JoshuaKGoldberg)
  • #5116 fix: eleventy template builds crash with 'unexpected token at ": string, msg..."' (@ LcsK)
  • #4869 docs: fix documentation concerning glob expansion on UNIX (@ binki)
  • #5122 test: fix xunit integration test (@ voxpelli)
  • #5123 chore: activate dependabot for workflows (@ voxpelli)
  • #5125 build(deps): bump the github-actions group with 2 updates (@ dependabot)
• 10.3.0 - 2024-02-08
• 10.3.0-preminor.0 - 2024-01-30
• 10.2.0 - 2022-12-11
• 10.1.0 - 2022-10-15
• 10.0.0 - 2022-05-01
• 9.2.2 - 2022-03-11

from mocha GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs