Please upgrade mocha to latest version to fix vulnerability issues

[VitaliiShpital]

To Reproduce

Step by step instructions to reproduce the behavior:

1. run npm install in this repo
2. run npm audit in this repo

Expected behavior

no deps vulnerability issues

Describe the bug

vitalii:~/Work/sanitize-html(main)$ npm audit
# npm audit report

flat  <5.0.1
Severity: critical
flat vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-2j2x-2gpw-g8fm
fix available via `npm audit fix --force`
Will install mocha@10.2.0, which is a breaking change
node_modules/flat
  yargs-unparser  <=1.6.3
  Depends on vulnerable versions of flat
  node_modules/yargs-unparser
    mocha  5.1.0 - 9.2.1
    Depends on vulnerable versions of minimatch
    Depends on vulnerable versions of yargs-unparser
    node_modules/mocha

minimatch  <3.0.5
Severity: high
minimatch ReDoS vulnerability - https://github.com/advisories/GHSA-f8q6-p94x-37v3
fix available via `npm audit fix --force`
Will install mocha@10.2.0, which is a breaking change
node_modules/mocha/node_modules/minimatch
  mocha  5.1.0 - 9.2.1
  Depends on vulnerable versions of minimatch
  Depends on vulnerable versions of yargs-unparser
  node_modules/mocha

4 vulnerabilities (1 high, 3 critical)

To address all issues (including breaking changes), run:
  npm audit fix --force

Details

node - 16.14.2

[VitaliiShpital]

nothing special here. I just cloned this repo to run some tests and realised that there is such an issue

[boutell]

This is a devDependency, installed only for running the tests, never present in projects, therefore there is no vulnerability in practice.

But updating mocha and retesting is a reasonable thing to do. Would you like to do that, test the result and submit a PR?

[VitaliiShpital]

sure. Here you go!
#611