Fix security alert has occurred.

[yossan]

The npm install command emits the following error:

$ npm install
npm WARN deprecated [email protected]: This module is no longer maintained, try this instead:
npm WARN deprecated   npm i nyc
npm WARN deprecated Visit https://istanbul.js.org/integrations for other alternatives.
npm WARN deprecated [email protected]: Please note that v5.0.1+ of superagent removes User-Agent header by default, therefore you may need to add it yourself (e.g. GitHub blocks requests without a User-Agent header).  This notice will go away with v5.0.2+ once it is released.
npm WARN deprecated [email protected]: Jade has been renamed to pug, please install the latest version of pug instead of jade
npm WARN deprecated [email protected]: Please update to minimatch 3.0.2 or higher to avoid a RegExp DoS issue
npm WARN deprecated [email protected]: please upgrade to graceful-fs 4 for compatibility with current and future versions of Node.js
npm notice created a lockfile as package-lock.json. You should commit this file.
added 88 packages from 160 contributors and audited 114 packages in 3.748s
found 8 vulnerabilities (3 low, 3 moderate, 1 high, 1 critical)
  run `npm audit fix` to fix them, or `npm audit` for details

These errors were resolved with the npm audit --force command, and I confirmed that the test passed.

[dougwilson]

The dev dependencies are needed for the old Node.js versions; they are never installed by anyone so do not matter.

The handlebars dependency you changes has no security issue. GitHub has an error they have not fixed still #166