🚀 Feature: upgrade serialize-javascript dependency to address CVE-2026-34043

### Feature Request Checklist

- [x] I have read and agree to Mocha's [Code of Conduct](https://github.com/mochajs/mocha/blob/main/.github/CODE_OF_CONDUCT.md) and [Contributing Guidelines](https://github.com/mochajs/mocha/blob/main/.github/CONTRIBUTING.md)
- [x] I have searched for [related issues](https://github.com/mochajs/mocha/issues?q=is%3Aissue) and [issues with the `faq` label](https://github.com/mochajs/mocha/issues?utf8=%E2%9C%93&q=is%3Aissue%20label%3Afaq%20), but none matched my issue.
- [x] I want to provide a PR to resolve this

### Overview

According to [CVE-2026-34043](https://github.com/advisories/GHSA-qj8w-gfj5-8c6v) `serialize-javascript` < 7.0.5 is vulnerable to CPU Exhaustion Denial of Service via crafted array-like objects. 

### Suggested Solution

Upgrade the dependency `serialize-javascript` to version 7.0.5.

### Alternatives

1. remove the dependency, finding an alternative for it's provided functionality
2. upgrade the dependency `serialize-javascript` to a version greater than 7.0.5

### Additional Info

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

🚀 Feature: upgrade serialize-javascript dependency to address CVE-2026-34043 #5872

Feature Request Checklist

Overview

Suggested Solution

Alternatives

Additional Info

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

🚀 Feature: upgrade serialize-javascript dependency to address CVE-2026-34043 #5872

Description

Feature Request Checklist

Overview

Suggested Solution

Alternatives

Additional Info

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions