chore: force resolution of tap-mocha-reporter (#7823)

We inherit a transitive dependency on diff@1.4.0 which has been
flagged as having a security vulnerability (all versions <3.5.0 are
vulnerable).

This dependency is coming in via nodeunit → node-tap →
tap-mocha-reporter → diff.

Only the absolute latest release, 5.0.1 as of this commit, of
tap-mocha-reporter has upgraded to use diff@4.0.1.
Hence, forcing resolution to use tap-mocha-reporter@5.0.1 so we get rid
of the old version of diff.

The longer term plan is to move away from nodeunit (which is
deprecated) and use jest. This would prune out the offending
dependency subtree.

Internal ref: t.corp/V198831592

Author: Niranjan Jayakar

package.json

@@ -24,6 +24,10 @@
     "graceful-fs": "^4.2.4",
     "typescript": "~3.8.3"
   },
+  "resolutions-comment": "should be removed or reviewed when nodeunit dependency is dropped or adjusted",
+  "resolutions": {
+    "tap-mocha-reporter": "^5.0.1"
+  },
   "repository": {
     "type": "git",
     "url": "git://github.com/aws/aws-cdk"