Security: Update mocha dependency

[TigerC10]

The mocha package depends on growl. In mocha 3.5.0, it uses growl 1.9.2 which is susceptible to command injection.

https://nodesecurity.io/advisories/146

Need to get growl up to 1.10.2. Updating mocha to 5.1.1 will satisfy.

[rkusa]

Interesting that this warning is not covered with Github's new security alerts. Thanks for taking care of it in #114 !

[TigerC10]

I know that npm v6.0.0 has its new audit feature, but since that was just released I suppose Github's security alerts haven't integrated it yet? All I know is that when I forked the project to fix #113 I ran the npm install and it gave me the npm audit warning. ¯_(ツ)_/¯

If Github's security alerts have included npm's new audit feature, then perhaps because it's a devDependency they let it slide?