chore(deps): force mocha to use serialize-javascript@7.0.5 from override (#2422)

The serialize-javascript ^7.0.5 override in package.json wasn't being
applied to mocha's nested copy because the lockfile retained a stale
node_modules/mocha/node_modules/serialize-javascript@6.0.2 entry from
before the override was added. npm install preserves existing nested
entries even when an override is added afterwards.

Removing the stale lockfile entry lets npm re-resolve mocha's
serialize-javascript dependency under the override; it now points at
the hoisted top-level serialize-javascript@7.0.5.

Resolves Dependabot alert #174 (GHSA-5c6j-r48x-rmvq, RCE in
serialize-javascript via RegExp.flags / Date.prototype.toISOString).

Author: rocketstack-matt