Chai v4 dependencies have security vulnerabilities

[testinnplayin]

For those of us who still are on the v4 of Chai and cannot upgrade to v5 easily, there are several high and critical vulnerabilities in the packages.

Maybe you have dropped support of v4, but the fact that v5 requires handling imports/exports of an entire project in a different manner, in some contexts upgrading is still difficult or not feasible.

As of today, we have:

Could we please update the dependencies to fix the well-known CVE's?

[testinnplayin]

NOTE: I am more than happy to propose the PR to fix this since it won't take long or break the current functioning of Chai v4.

[43081j]

We can look into producing a 4.x release 👍

You are probably right and it shouldn't be too difficult to solve

[testinnplayin]

Thank you @43081j for your reply.

I have opened a small PR here: #1685

I don't feel good asking for something without fixing it.

I did notice that there are other dependencies to update, but they could cause breaking changes so I did not update those.