Bump mocha from 5.0.0 to 5.0.4

[dependabot-preview]

Bumps mocha from 5.0.0 to 5.0.4.

Release notes

Sourced from mocha's releases.

v5.0.4

5.0.4 / 2018-03-07

🐛 Fixes

• #3265: Fixes regression in "watch" functionality introduced in v5.0.2 ([outsideris])

[outsideris]: https://github.com/outsideris

v5.0.3

5.0.3 / 2018-03-06

This patch features a fix to address a potential "low severity" ReDoS vulnerability in the diff package (a dependency of Mocha).

🔒 Security Fixes

• #3266: Bump diff to v3.5.0 ([anishkny])

🔩 Other

• #3011: Expose generateDiff() in Base reporter ([harrysarson])

[anishkny]: https://github.com/anishkny
[harrysarson]: https://github.com/harrysarson

v5.0.2

5.0.2 / 2018-03-05

This release fixes a class of tests which report as false positives. Certain tests will now break, though they would have previously been reported as passing. Details below. Sorry for the inconvenience!

🐛 Fixes

• [#3226]: Do not swallow errors that are thrown asynchronously from passing tests ([boneskull]). Example:

  it('should actually fail, sorry!', function (done) {
    // passing assertion
    assert(true === true);
  
    // test complete & is marked as passing
    done();
  
    // ...but something evil lurks within
    setTimeout(() => {
      throw new Error('chaos!');
    }, 100);

... (truncated)

Changelog

Sourced from mocha's changelog.

5.0.4 / 2018-03-07

🐛 Fixes

• #3265: Fixes regression in "watch" functionality introduced in v5.0.2 ([outsideris])

5.0.3 / 2018-03-06

This patch features a fix to address a potential "low severity" ReDoS vulnerability in the diff package (a dependency of Mocha).

🔒 Security Fixes

• #3266: Bump diff to v3.5.0 ([anishkny])

🔩 Other

• #3011: Expose generateDiff() in Base reporter ([harrysarson])

[anishkny]: https://github.com/anishkny
[harrysarson]: https://github.com/harrysarson

5.0.2 / 2018-03-05

This release fixes a class of tests which report as false positives. Certain tests will now break, though they would have previously been reported as passing. Details below. Sorry for the inconvenience!

🐛 Fixes

• [#3226]: Do not swallow errors that are thrown asynchronously from passing tests ([boneskull]). Example:

  it('should actually fail, sorry!', function (done) {
    // passing assertion
    assert(true === true);
  
    // test complete & is marked as passing
    done();
  
    // ...but something evil lurks within
    setTimeout(() => {
      throw new Error('chaos!');
    }, 100);
  });

  Previously to this version, Mocha would have silently swallowed the chaos! exception, and you wouldn't know. Well, now you know. Mocha cannot recover from this gracefully, so it will exit with a nonzero code.
  ... (truncated)

Commits

• 851ad29 Release v5.0.4
• 868830a update CHANGELOG.md for v5.0.4 [ci skip]
• eb09421 restore removed methods which still used
• da6e5c9 Release v5.0.3
• 70d9262 update CHANGELOG.md for v5.0.3 [ci skip]
• aaaa5ab fix: ReDoS vuln in mocha@5.0.2 › diff@3.3.1 (#3266)
• 8df5727 Tidies up code after review
• 660bccc adds unit tests covering Base.generateDiff
• bdcb3c3 exposes generateDiff function from base reporter
• f2ee53c Release v5.0.2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

If you'd like to skip this version, you can just close this PR. If you have any feedback just mention @dependabot in the comments below.

---

Note: This repo was added to Dependabot recently, so you'll receive a maximum of 5 PRs for your first few update runs. Once an update run creates fewer than 5 PRs we'll remove that limit.

You can always request more updates by clicking Bump now in your Dependabot dashboard.