[Snyk] Upgrade mocha from 9.2.2 to 11.2.0

[nerdy-tech-com-gitub]

Snyk has created this PR to upgrade mocha from 9.2.2 to 11.2.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 22 versions ahead of your current version.

• The recommended version was released a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Denial of Service (DoS) SNYK-JS-DECODEURICOMPONENT-3149970	159	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-SHELLQUOTE-1766506	159	No Known Exploit
	Symlink Attack SNYK-JS-TARFS-9535930	159	No Known Exploit
	Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	159	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	159	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	159	Proof of Concept
	Improper Handling of Extra Parameters SNYK-JS-FOLLOWREDIRECTS-6141137	159	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GETFUNCNAME-5923417	159	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	159	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	159	Proof of Concept
	Denial of Service (DoS) SNYK-JS-WS-7266574	159	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	159	No Known Exploit
	Inefficient Regular Expression Complexity SNYK-JS-MICROMATCH-6838728	159	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOCHA-2863123	159	No Known Exploit
	Excessive Platform Resource Consumption within a Loop SNYK-JS-BRACES-6838727	159	Proof of Concept
	Improper Control of Dynamically-Managed Code Resources SNYK-JS-EJS-6689533	159	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2332181	159	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UAPARSERJS-3244450	159	Proof of Concept
	Improper Input Validation SNYK-JS-NANOID-8492085	159	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-BABELHELPERS-9397697	159	Proof of Concept
	Improper Input Validation SNYK-JS-NANOID-8492085	159	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-OCTOKITENDPOINT-8730856	159	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-OCTOKITREQUESTERROR-8730854	159	Proof of Concept
	Cross-site Scripting (XSS) SNYK-JS-ROLLUP-8073097	159	Proof of Concept
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	159	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	159	Proof of Concept
	Improper Input Validation SNYK-JS-POSTCSS-5926692	159	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3042992	159	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LOADERUTILS-3105943	159	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	159	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	159	No Known Exploit
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-2396346	159	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	159	Proof of Concept

Release notes

Package name: mocha

• 11.2.0 - 2025-03-17
  

  11.2.0 (2025-03-17)

  🌟 Features

  • enable reporters to show relative paths of tests (#5292) (81ea666)

  📚 Documentation

  • add instructions for API docs (#5287) (b720ec1)
  • add new website using Astro Starlight (#5246) (b1f1cb7)
  • improve third-party reporter docs (#5285) (c5a0ef5)

  🧹 Chores

  • enabled eslint-plugin-n (#5280) (945d6e3)
  • pin node-lts tests to 22.11.0 (#5279) (664e1f4)
  • replace fs-extra with newer fs built-ins (#5284) (75dcf8c)
• 11.1.0 - 2025-01-02
  

  11.1.0 (2025-01-02)

  🌟 Features

  • bump yargs to 17 (#5165) (8f1c8d8)
• 11.0.2 - 2024-12-09
  

  11.0.2 (2024-12-09)

  🩹 Fixes

  • catch exceptions setting Error.stackTraceLimit (#5254) (259f8f8)
  • error handling for unexpected numeric arguments passed to cli (#5263) (210d658)

  📚 Documentation

  • correct outdated status: accepting prs link (#5268) (f729cd0)
  • replace "New in" with "Since" in version annotations (#5262) (6f10d12)
• 11.0.1 - 2024-12-02
  

  11.0.1 (2024-12-02)

  🌟 Features

  • bumped glob dependency from 8 to 10 (#5250) (43c3157)

  📚 Documentation

  • fix examples for linkPartialObjects methods (#5255) (34e0e52)
• 11.0.0 - 2024-11-11
  

  11.0.0 (2024-11-11)

  ⚠ BREAKING CHANGES

  • adapt new engine range for Mocha 11 (#5216)

  🌟 Features

  • allow calling hook methods (#5231) (e3da641)

  🩹 Fixes

  • adapt new engine range for Mocha 11 (#5216) (80da25a)

  📚 Documentation

  • downgrade example/tests chai to 4.5.0 (#5245) (eac87e1)
• 11.0.0-beta - 2024-11-23
• 10.8.2 - 2024-10-30
  

  10.8.2 (2024-10-30)

  🩹 Fixes

  • support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
  • test link in html reporter (#5224) (f054acc)

  📚 Documentation

  • indicate 'exports' interface does not work in browsers (#5181) (14e640e)

  🧹 Chores

  • fix docs builds by re-adding eleventy and ignoring gitignore again (#5240) (881e3b0)

  🤖 Automation

  • deps: bump the github-actions group with 1 update (#5132) (e536ab2)
• 10.8.1 - 2024-10-29
  

  10.8.1 (2024-10-29)

  🩹 Fixes

  • handle case of invalid package.json with no explicit config (#5198) (f72bc17)
  • Typos on mochajs.org (#5237) (d8ca270)
  • use accurate test links in HTML reporter (#5228) (68803b6)
• 10.8.0 - 2024-10-29
  

  10.8.0 (2024-10-29)

  🌟 Features

  • highlight browser failures (#5222) (8ff4845)

  🩹 Fixes

  • remove :is() from mocha.css to support older browsers (#5225) (#5227) (0a24b58)

  📚 Documentation

  • add SECURITY.md pointing to Tidelift (#5210) (bd7e63a)
  • adopt Collective Funds Guidelines 0.1 (#5199) (2b03d86)
  • update README, LICENSE and fix outdated (#5197) (1203e0e)

  🧹 Chores

  • fix npm scripts on windows (#5219) (1173da0)
  • remove trailing whitespace in SECURITY.md (7563e59)
• 10.7.3 - 2024-08-09
  

  10.7.3 (2024-08-09)

  🩹 Fixes

  • make release-please build work (#5194) (afd66ef)
• 10.7.0 - 2024-07-20
• 10.6.1 - 2024-07-20
• 10.6.0 - 2024-07-02
• 10.5.2 - 2024-06-26
• 10.5.1 - 2024-06-25
• 10.5.0 - 2024-06-24
• 10.4.0 - 2024-03-26
• 10.3.0 - 2024-02-08
• 10.3.0-preminor.0 - 2024-01-30
• 10.2.0 - 2022-12-11
• 10.1.0 - 2022-10-15
• 10.0.0 - 2022-05-01
• 9.2.2 - 2022-03-11

from mocha GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Summary by Sourcery

Chores:

• Upgrade mocha dependency to 11.2.0.

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request upgrades the mocha dependency from version 9.2.2 to 11.2.0 to address several reported vulnerabilities. This is a major version upgrade and may introduce breaking changes.

No diagrams generated as the changes look simple and do not need a visual representation.

File-Level Changes

Change	Details	Files
Upgrade mocha dependency	Updated mocha version from 9.2.2 to 11.2.0 in package.json.	package.json

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

We have skipped reviewing this pull request. Here's why:

• It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
• We don't review packaging changes - Let us know if you'd like us to change this.