Tooling Suggestion Checklist

• I have tried restarting my IDE and the issue persists.
• I have pulled the latest master branch of the repository.
• I have read and agree to Mocha's Code of Conduct and Contributing Guidelines
• I have searched for related issues and issues with the faq label, but none matched my issue.
• I want to provide a PR to resolve this

Overview

There are quite a few issues on this repo right now tracking out-of-date packages. We're going to enable Renovate to automatically create PRs to update packages.

Notes from @boneskull:

Looks reasonable. The only thing I’d suggest with the automated tooling (something like Renovate, yeah?) is to have a human in the loop for production dependency upgrades—check them closely. Mocha has been bitten several times due to semver violations in its dependency tree. I would also recommend using https://socket.dev/ as well (should be free for OSS). While Mocha hasn’t been hit by a malicious dep (to my knowledge), historical performance is not a guarantee of future results. 😄

Additional Info

No response