[WS-2021-0638][Security] bump mocha to 10.1.0

In our current repo, most mocha tests have been changed to jest in this issue: #215 The fix for the above issue (mochajs/mocha@61b4b92) is only released in the latest version v10.1.0: https://github.com/mochajs/mocha/blob/5f96d511dbf913f135b92198aab721a27f6b44fe/lib/utils.js#L79 Though it is a bump from 7.2.0 to 10.1.0, I don't see breaking changes for plugins or users. Issue Resolved: #2269 Signed-off-by: Anan Zhuang <ananzh@amazon.com>
opensearch-project · Nov 1, 2022 · c89f6b4 · c89f6b4
1 parent 57fdef6
commit c89f6b4
Show file tree

Hide file tree

Showing 3 changed files with 171 additions and 266 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -48,7 +48,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 - [Multi DataSource] Address UX comments on index pattern management stack ([#2611](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2611))
 - [Multi DataSource] Apply get indices error handling in step index pattern ([#2652](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2652))
 - [Vis Builder] Last Updated Timestamp for visbuilder savedobject is getting Generated ([#2628](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2628))
-- Removed Leftover X Pack references ([#2638](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2638)) 
+- Removed Leftover X Pack references ([#2638](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2638))
 
 ### 🚞 Infrastructure
 
@@ -83,6 +83,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 - Resolve sub-dependent d3-color version and potential security issue ([#2454](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2454))
 - [CVE-2022-3517] Bumps minimatch from 3.0.4 to 3.0.5 and [IBM X-Force ID: 220063] unset-value from 1.0.1 to 2.0.1 ([#2640](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2640))
 - [CVE-2022-37601] Bump loader-utils to 2.0.3 ([#2689](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2689))
+- [WS-2021-0638][Security] bump mocha to 10.1.0 ([#2711](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/2711))
 
 ### 📈 Features/Enhancements
 

diff --git a/package.json b/package.json
@@ -407,7 +407,7 @@
     "load-grunt-config": "^4.0.1",
     "load-json-file": "^6.2.0",
     "markdown-it": "^12.3.2",
-    "mocha": "^7.2.0",
+    "mocha": "10.1.0",
     "mock-fs": "^4.12.0",
     "monaco-editor": "~0.17.0",
     "ms-chromium-edge-driver": "^0.4.3",