From c8b44df5fb488326a3cec8192b7779e3f56b1a3f Mon Sep 17 00:00:00 2001
From: Patrick Insinger <patrickinsinger@gmail.com>
Date: Tue, 26 Dec 2017 18:18:37 -0500
Subject: [PATCH] Update handlebars and remove cookie-parser

Old handlebars version had a CVE, GitHub was loud. Removing
cookie-parser because we don't use cookies.
---
 app.js       | 2 --
 package.json | 3 +--
 2 files changed, 1 insertion(+), 4 deletions(-)

diff --git a/app.js b/app.js
index a0ebe0f16..b4f23e03f 100644
--- a/app.js
+++ b/app.js
@@ -7,7 +7,6 @@ var express         = require('express');
 var bodyParser      = require('body-parser');
 var methodOverride  = require('method-override');
 var morgan          = require('morgan');
-var cookieParser    = require('cookie-parser');
 
 var mongoose        = require('mongoose');
 var port            = process.env.PORT || 3000;
@@ -22,7 +21,6 @@ var app             = express();
 mongoose.connect(database);
 
 app.use(morgan('dev'));
-app.use(cookieParser());
 
 app.use(bodyParser.urlencoded({
   extended: true
diff --git a/package.json b/package.json
index 8c2ba41b5..4358af629 100644
--- a/package.json
+++ b/package.json
@@ -8,7 +8,6 @@
     "bcrypt-nodejs": "0.0.3",
     "body-parser": "^1.8.4",
     "bower": "^1.8.0",
-    "cookie-parser": "~1.3.2",
     "dotenv": "^1.2.0",
     "email-templates": "^2.0.1",
     "express": "^4.9.8",
@@ -20,7 +19,7 @@
     "gulp-sass": "^2.3.2",
     "gulp-sourcemaps": "^1.12.0",
     "gulp-uglify": "^1.5.4",
-    "handlebars": "^3.0.3",
+    "handlebars": "^4.0.11",
     "jsonwebtoken": "5.0.4",
     "method-override": "^2.3.5",
     "moment": "^2.10.3",