[Snyk] Upgrade mocha from 10.8.2 to 11.7.5

[Dargon789]

Snyk has created this PR to upgrade mocha from 10.8.2 to 11.7.5.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 18 versions ahead of your current version.

• The recommended version was released 2 months ago.

Release notes

Package name: mocha

• 11.7.5 - 2025-11-05
  

  11.7.5 (2025-11-04)

  🩹 Fixes

  • swallow more require errors from *ts files (#5498) (d89dbaf)

  🧹 Chores

  • run tests on PRs for and pushes to v11.x (#5525) (8b21b38)
  • setup release-please for v11 (#5522) (663fff4)
• 11.7.4 - 2025-10-01
  

  11.7.4 (2025-10-01)

  🩹 Fixes

  • watch mode using chokidar v4 (#5379) (c2667c3)

  📚 Documentation

  • migrate remaining legacy wiki pages to main documentation (#5465) (bff9166)

  🧹 Chores

  • remove trailing spaces (#5475) (7f68e5c)
• 11.7.3 - 2025-09-30
  

  11.7.3 (2025-09-30)

  🩹 Fixes

  • use original require() error for TS files if ERR_UNKNOWN_FILE_EXTENSION (#5408) (ebdbc48)

  📚 Documentation

  • add security escalation policy (#5466) (4122c7d)
  • fix duplicate global leak documentation (#5461) (1164b9d)
  • migrate third party UIs wiki page to docs (#5434) (6654704)
  • update maintainer release notes for release-please (#5453) (185ae1e)

  🤖 Automation

  • deps: bump actions/setup-node in the github-actions group (#5459) (48c6f40)
• 11.7.2 - 2025-09-01
  

  11.7.2 (2025-09-01)

  🩹 Fixes

  • fail with an informative error message on a file with a broken default import (#5413) (b0e6135)
  • load mjs files correctly (#5429) (a947b9b)

  📚 Documentation

  • add banner from old site to new site, link from new to old (#5414) (dedef11)
  • add info on spies to legacy docs (#5421) (21f5544)
  • explain node import swallowing error (#5401) (09f5b2c)
  • fix links in new site (#5416) (b2bc769)
  • migrate assertion libraries wiki link to main docs (#5442) (95f3ca8)
  • migrate count assertions wiki page to docs (#5438) (02a306c)
  • migrate shared behaviours to docs-next (#5432) (1dc4aa9)
  • migrate Spies wiki page to explainers (#5420) (cbcf007)
  • Migrate tagging wiki page to docs (#5435) (876247a)
  • migrate third party reporters wiki page to docs (#5433) (f70764c)
  • migrate to global leak wiki page to docs (#5437) (8a6fdca)
  • update /next bug report link to be docs issue template (#5424) (668cb66)

  🧹 Chores

  • add issue form for ⚡️ Performance (#5406) (a908b3b)
  • add test for -R import-only-loader (#5391) (6ee5b48)
  • also test Node.js 24 in CI (#5405) (15f5980)
  • bump CI to use 20.19.4, 22.18.0, 24.6.0 (#5430) (ace5eb4)
  • bump Knip to 5.61.2 (#5394) (f3d7430)
  • cleanup references of --opts (#5402) (1096b37)
  • enabled ESLint's no-unused-vars (#5399) (d4168ae)
  • move callback and object typedefs to a new types.d.ts (#5351) (3300d21)
  • rewrite base path instead of copy-pasting (#5431) (c6c6740)
  • unify caught errors as err (#5439) (d4912e7)
  • Update experimental module detection test and pin exact Node versions (#5417) (2489090)

  🤖 Automation

  • deps: bump actions/checkout in the github-actions group (#5419) (03ac2d0)
• 11.7.1 - 2025-06-24
  

  11.7.1 (2025-06-24)

  🩹 Fixes

  • always fallback to import() if require() fails (#5384) (295c168)

  🧹 Chores

  • add esm loader test (#5383) (f58e49f)
• 11.7.0 - 2025-06-18
  

  11.7.0 (2025-06-18)

  🌟 Features

  • use require to load esm (#5366) (41e24a2)
• 11.6.0 - 2025-06-09
  

  11.6.0 (2025-06-09)

  🌟 Features

  • bump workerpool from ^6.5.1 to ^9.2.0 (#5350) (581a3c5)
• 11.5.0 - 2025-05-23
  

  11.5.0 (2025-05-22)

  🌟 Features

  • bump mimimatch from ^5.1.6 to ^9.0.5 (#5349) (a3dea85)
• 11.4.0 - 2025-05-19
  

  11.4.0 (2025-05-19)

  🌟 Features

  • bump diff from ^5.2.0 to ^7.0.0 (#5348) (554d6bb)

  📚 Documentation

  • added CHANGELOG.md note around 11.1 yargs-parser update (#5362) (618415d)
• 11.3.0 - 2025-05-16
  

  11.3.0 (2025-05-16)

  🌟 Features

  • add option to use posix exit code upon fatal signal (#4989) (91bbf85)

  📚 Documentation

  • Deploy new site alongside old one (#5360) (6c96545)
  • mention explicit browser support range (#5354) (c514c0b)
  • update Node.js version requirements for 11.x (#5329) (abf3dd9)

  🧹 Chores

  • remove prerelease setting in release-please config (#5363) (8878f22)
• 11.2.2 - 2025-04-10
• 11.2.1 - 2025-04-10
• 11.2.0 - 2025-03-17
• 11.1.0 - 2025-01-02
• 11.0.2 - 2024-12-09
• 11.0.1 - 2024-12-02
• 11.0.0 - 2024-11-11
• 11.0.0-beta - 2024-11-23
• 10.8.2 - 2024-10-30

from mocha GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Review	Updated (UTC)
hardhat	Ready	Preview, Comment	Dec 24, 2025 3:01pm

1 Skipped Deployment

Project	Deployment	Review	Updated (UTC)
hardhat-hardhat-ignition-ui	Skipped		Dec 24, 2025 3:01pm

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[gemini-code-assist]

Summary of Changes

Hello @Dargon789, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request, automatically generated by Snyk, aims to update the mocha testing framework to its latest stable version, 11.7.5. The upgrade from 10.8.2 is intended to keep project dependencies current, which is vital for security, stability, and leveraging the newest features. Given the substantial version jump, it is crucial to carefully assess the changes for any potential compatibility issues or breaking changes that might affect the existing codebase.

Highlights

• Dependency Upgrade: The mocha testing framework has been upgraded from version 10.8.2 to 11.7.5.
• Major Version Bump: This upgrade spans 18 versions of mocha, indicating a significant update that includes numerous fixes, features, and improvements across the 11.x release series.
• Potential Breaking Change: Snyk has identified this as a major version upgrade and warns that it may introduce breaking changes, necessitating thorough review and testing.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request, automatically generated by Snyk, upgrades mocha from version 10 to 11 in the hardhat-truffle5 package. While keeping dependencies up-to-date is important, this major version upgrade is incomplete. I've left a comment detailing the necessary additional changes, which include updating @types/mocha, upgrading mocha across all packages in the monorepo for consistency, and updating the pnpm-lock.yaml file. It would be best to address these points together to ensure a safe and consistent upgrade.