Upgrade mocha to fix security issues

[Clement134]

Hello,

At the moment this project uses version 2.5.3 of mocha. This version is vulnerable to 3 following vulnerabilities:

Low Regular Expression Denial of Service
Package debug
Dependency of mocha
Path mocha > debug
More info https://nodesecurity.io/advisories/534

High Regular Expression Denial of Service
Package minimatch
Dependency of mocha
Path mocha > glob > minimatch
More info https://nodesecurity.io/advisories/118

Critical Command Injection
Package growl
Dependency of mocha
Path mocha > growl
More info https://nodesecurity.io/advisories/146

An upgrade to [email protected] would solve this issues.
I have tried to run the tests in order to upgrade mocha, but it seems that it needs a 1&1 token (which I don't have).

[Clement134]

Hi @alibazlamit , could we have any feedback on this issue?
The fact that tests are run with a real oneandone server, make contributions to this project very difficult (even to keep dependencies up to date).

[tcrowe]

This was fixed but the module was not re-published to npm.

npm info liboneandone --registry registry.npmjs.com