[Snyk] Upgrade mocha from 6.2.3 to 11.0.2 #2

snyk-io · 2025-01-02T08:05:55Z

Snyk has created this PR to upgrade mocha from 6.2.3 to 11.0.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

The recommended version is 51 versions ahead of your current version.
The recommended version was released 24 days ago.

Issues fixed by the recommended upgrade:

Issue	Score	Exploit Maturity
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	79	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	79	Proof of Concept
Asymmetric Resource Consumption (Amplification) SNYK-JS-BODYPARSER-7926860	79	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MOCHA-2863123	79	No Known Exploit
Prototype Poisoning SNYK-JS-QS-3153490	79	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	79	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	79	Proof of Concept
Cross-site Scripting (XSS) SNYK-JS-COOKIE-8163060	79	No Known Exploit
Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	79	No Known Exploit
Open Redirect SNYK-JS-EXPRESS-6474509	79	No Known Exploit
Cross-site Scripting SNYK-JS-EXPRESS-7926867	79	No Known Exploit
Prototype Pollution SNYK-JS-FLAT-596927	79	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-7925106	79	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHTOREGEXP-8482416	79	Proof of Concept
Cross-site Scripting SNYK-JS-SEND-7926862	79	No Known Exploit
Cross-site Scripting SNYK-JS-SERVESTATIC-7926865	79	No Known Exploit
Incomplete List of Disallowed Inputs SNYK-JS-BABELTRAVERSE-5962462	79	Proof of Concept
Regular Expression Denial of Service (ReDoS) SNYK-JS-WORDWRAP-3149973	79	Proof of Concept
Regular Expression Denial of Service (ReDoS) npm:debug:20170905	79	Proof of Concept
Regular Expression Denial of Service (ReDoS) npm:debug:20170905	79	Proof of Concept
Prototype Pollution SNYK-JS-MINIMIST-2429795	79	Proof of Concept

Release notes

Package name: mocha

11.0.2 - 2024-12-09
11.0.2 (2024-12-09)

🩹 Fixes
- catch exceptions setting Error.stackTraceLimit (#5254) (259f8f8)
- error handling for unexpected numeric arguments passed to cli (#5263) (210d658)
📚 Documentation
- correct outdated status: accepting prs link (#5268) (f729cd0)
- replace "New in" with "Since" in version annotations (#5262) (6f10d12)
11.0.1 - 2024-12-02
11.0.1 (2024-12-02)

🌟 Features
- bumped glob dependency from 8 to 10 (#5250) (43c3157)
📚 Documentation
- fix examples for linkPartialObjects methods (#5255) (34e0e52)
11.0.0 - 2024-11-11
11.0.0 (2024-11-11)

⚠ BREAKING CHANGES
- adapt new engine range for Mocha 11 (#5216)
🌟 Features
- allow calling hook methods (#5231) (e3da641)
🩹 Fixes
- adapt new engine range for Mocha 11 (#5216) (80da25a)
📚 Documentation
- downgrade example/tests chai to 4.5.0 (#5245) (eac87e1)
11.0.0-beta - 2024-11-23
10.8.2 - 2024-10-30
10.8.2 (2024-10-30)

🩹 Fixes
- support errors with circular dependencies in object values with --parallel (#5212) (ba0fefe)
- test link in html reporter (#5224) (f054acc)
📚 Documentation
- indicate 'exports' interface does not work in browsers (#5181) (14e640e)
🧹 Chores
- fix docs builds by re-adding eleventy and ignoring gitignore again (#5240) (881e3b0)
🤖 Automation
- deps: bump the github-actions group with 1 update (#5132) (e536ab2)
10.8.1 - 2024-10-29
10.8.1 (2024-10-29)

🩹 Fixes
- handle case of invalid package.json with no explicit config (#5198) (f72bc17)
- Typos on mochajs.org (#5237) (d8ca270)
- use accurate test links in HTML reporter (#5228) (68803b6)
10.8.0 - 2024-10-29
10.8.0 (2024-10-29)

🌟 Features
- highlight browser failures (#5222) (8ff4845)
🩹 Fixes
- remove :is() from mocha.css to support older browsers (#5225) (#5227) (0a24b58)
📚 Documentation
- add SECURITY.md pointing to Tidelift (#5210) (bd7e63a)
- adopt Collective Funds Guidelines 0.1 (#5199) (2b03d86)
- update README, LICENSE and fix outdated (#5197) (1203e0e)
🧹 Chores
- fix npm scripts on windows (#5219) (1173da0)
- remove trailing whitespace in SECURITY.md (7563e59)
10.7.3 - 2024-08-09
10.7.3 (2024-08-09)

🩹 Fixes
- make release-please build work (#5194) (afd66ef)
10.7.0 - 2024-07-20
What's Changed
- feat: add option to not fail on failing test suite by @ ilgonmic in #4771
New Contributors
- @ ilgonmic made their first contribution in #4771
Full Changelog: v10.6.1...v10.7.0
10.6.1 - 2024-07-20
10.6.0 - 2024-07-02
10.5.2 - 2024-06-26
10.5.1 - 2024-06-25
10.5.0 - 2024-06-24
10.4.0 - 2024-03-26
10.3.0 - 2024-02-08
10.3.0-preminor.0 - 2024-01-30
10.2.0 - 2022-12-11
10.1.0 - 2022-10-15
10.0.0 - 2022-05-01
9.2.2 - 2022-03-11
9.2.1 - 2022-02-19
9.2.0 - 2022-01-24
9.1.4 - 2022-01-14
9.1.3 - 2021-10-15
9.1.2 - 2021-09-25
9.1.1 - 2021-08-28
9.1.0 - 2021-08-20
9.0.3 - 2021-07-25
9.0.2 - 2021-07-03
9.0.1 - 2021-06-18
9.0.0 - 2021-06-07
8.4.0 - 2021-05-07
8.3.2 - 2021-03-12
8.3.1 - 2021-03-06
8.3.0 - 2021-02-11
8.2.1 - 2020-11-02
8.2.0 - 2020-10-16
8.1.3 - 2020-08-28
8.1.2 - 2020-08-25
8.1.1 - 2020-08-04
8.1.0 - 2020-07-30
8.0.1 - 2020-06-10
8.0.0 - 2020-06-10
7.2.0 - 2020-05-23
7.1.2 - 2020-04-26
7.1.1 - 2020-03-18
7.1.0 - 2020-02-26
7.0.1 - 2020-01-26
7.0.0 - 2020-01-04
7.0.0-esm1 - 2020-01-12
6.2.3 - 2020-03-25

from mocha GitHub release notes

Important

Warning: This PR contains a major version upgrade, and may be a breaking change.
Check the changes in this PR to ensure they won't cause issues with your project.
This PR was automatically created by Snyk using the credentials of a real user.
Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

📜 Customise PR templates

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Snyk has created this PR to upgrade mocha from 6.2.3 to 11.0.2. See this package in npm: mocha See this project in Snyk: https://app.snyk.io/org/hashim21223445/project/ecfdb2b8-a8c0-400d-a888-0509cb09b83e?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr

semanticdiff-com · 2025-01-02T08:05:58Z

Review changes with

Changed Files

File	Status
package.json	0% smaller

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Upgrade mocha from 6.2.3 to 11.0.2 #2

[Snyk] Upgrade mocha from 6.2.3 to 11.0.2 #2

snyk-io bot commented Jan 2, 2025

11.0.2 (2024-12-09)

🩹 Fixes

📚 Documentation

11.0.1 (2024-12-02)

🌟 Features

📚 Documentation

11.0.0 (2024-11-11)

⚠ BREAKING CHANGES

🌟 Features

🩹 Fixes

📚 Documentation

10.8.2 (2024-10-30)

🩹 Fixes

📚 Documentation

🧹 Chores

🤖 Automation

10.8.1 (2024-10-29)

🩹 Fixes

10.8.0 (2024-10-29)

🌟 Features

🩹 Fixes

📚 Documentation

🧹 Chores

10.7.3 (2024-08-09)

🩹 Fixes

What's Changed

New Contributors

semanticdiff-com bot commented Jan 2, 2025 •

edited

Loading

[Snyk] Upgrade mocha from 6.2.3 to 11.0.2 #2

Are you sure you want to change the base?

[Snyk] Upgrade mocha from 6.2.3 to 11.0.2 #2

Conversation

snyk-io bot commented Jan 2, 2025

Snyk has created this PR to upgrade mocha from 6.2.3 to 11.0.2.

Issues fixed by the recommended upgrade:

11.0.2 (2024-12-09)

🩹 Fixes

📚 Documentation

11.0.1 (2024-12-02)

🌟 Features

📚 Documentation

11.0.0 (2024-11-11)

⚠ BREAKING CHANGES

🌟 Features

🩹 Fixes

📚 Documentation

10.8.2 (2024-10-30)

🩹 Fixes

📚 Documentation

🧹 Chores

🤖 Automation

10.8.1 (2024-10-29)

🩹 Fixes

10.8.0 (2024-10-29)

🌟 Features

🩹 Fixes

📚 Documentation

🧹 Chores

10.7.3 (2024-08-09)

🩹 Fixes

What's Changed

New Contributors

semanticdiff-com bot commented Jan 2, 2025 • edited Loading

semanticdiff-com bot commented Jan 2, 2025 •

edited

Loading