[Snyk] Upgrade handlebars from 4.0.11 to 4.7.8

[hashim21223445]

Snyk has created this PR to upgrade handlebars from 4.0.11 to 4.7.8.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 36 versions ahead of your current version.

• The recommended version was released on a year ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ISMYJSONVALID-597165	160	Proof of Concept
	Prototype Pollution SNYK-JS-Y18N-1021887	160	Proof of Concept
	Prototype Pollution npm:extend:20180424	160	No Known Exploit
	Arbitrary Code Execution SNYK-JS-GRUNT-597546	160	No Known Exploit
	Prototype Pollution SNYK-JS-AWSSDK-1059424	160	Proof of Concept
	Prototype Pollution SNYK-JS-HANDLEBARS-173692	160	No Known Exploit
	Prototype Pollution SNYK-JS-HANDLEBARS-173692	160	No Known Exploit
	Prototype Pollution SNYK-JS-HANDLEBARS-174183	160	No Known Exploit
	Prototype Pollution SNYK-JS-HANDLEBARS-174183	160	No Known Exploit
	Prototype Pollution SNYK-JS-INI-1048974	160	Proof of Concept
	Server-side Request Forgery (SSRF) SNYK-JS-IP-6240864	160	Proof of Concept
	Prototype Pollution SNYK-JS-GETOBJECT-1054932	160	No Known Exploit
	Arbitrary Code Execution SNYK-JS-ISMYJSONVALID-597167	160	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	160	No Known Exploit
	Prototype Pollution SNYK-JS-HANDLEBARS-173692	160	No Known Exploit
	Prototype Pollution SNYK-JS-HANDLEBARS-174183	160	No Known Exploit
	Prototype Poisoning SNYK-JS-QS-3153490	160	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	160	Proof of Concept
	Prototype Poisoning SNYK-JS-QS-3153490	160	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:underscore.string:20170908	160	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	160	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	160	Proof of Concept
	Directory Traversal SNYK-JS-MOMENT-2440688	160	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-MOMENT-2944238	160	Proof of Concept
	Arbitrary Command Injection npm:open:20180512	160	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-PUGCODEGEN-1082232	160	Proof of Concept
	Insecure Randomness npm:crypto-browserify:20140722	160	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:sshpk:20180409	160	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:brace-expansion:20170302	160	No Known Exploit
	Directory Traversal SNYK-JS-GRUNT-2635969	160	Proof of Concept
	Race Condition SNYK-JS-GRUNT-2813632	160	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	160	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	160	Proof of Concept
	Open Redirect SNYK-JS-EXPRESS-6474509	160	No Known Exploit
	Prototype Pollution SNYK-JS-JSONPOINTER-1577288	160	Proof of Concept
	Regular Expression Denial of Service (ReDoS) npm:is-my-json-valid:20180214	160	Mature
	Prototype Pollution SNYK-JS-JSONPOINTER-598804	160	Proof of Concept
	Prototype Pollution SNYK-JS-XML2JS-5414874	160	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	160	Proof of Concept
	Arbitrary Code Injection SNYK-JS-MORGAN-72579	160	Proof of Concept
	Uninitialized Memory Exposure npm:stringstream:20180511	160	Mature
	Regular Expression Denial of Service (ReDoS) npm:moment:20170905	160	No Known Exploit
	Arbitrary Code Injection SNYK-JS-OPEN-174041	160	No Known Exploit
	Insecure Randomness npm:cryptiles:20180710	160	No Known Exploit
	Regular Expression Denial of Service (ReDoS) npm:clean-css:20180306	160	Proof of Concept
	Sandbox Bypass npm:constantinople:20180421	160	No Known Exploit

Release notes

Package name: handlebars

• 4.7.8 - 2023-08-01
  
  • Make library compatible with workers (#1894) - 3d3796c
  • Don't rely on Node.js global object (#1776) - 2954e7e
  • Fix compiling of each block params in strict mode (#1855) - 30dbf04
  • Fix rollup warning when importing Handlebars as ESM - 03d387b
  • Fix bundler issue with webpack 5 (#1862) - c6c6bbb
  • Use https instead of git for mustache submodule - 88ac068

  Commits

• 4.7.7 - 2021-02-15
  

  v4.7.7

• 4.7.6 - 2020-04-03
  

  v4.7.6

• 4.7.5 - 2020-04-02
  

  v4.7.5

• 4.7.4 - 2020-04-01
  

  v4.7.4

• 4.7.3 - 2020-02-05
  

  v4.7.3

• 4.7.2 - 2020-01-13
  

  v4.7.2

• 4.7.1 - 2020-01-12
  

  v4.7.1

• 4.7.0 - 2020-01-10
  

  v4.7.0

• 4.6.0 - 2020-01-08
• 4.5.3 - 2019-11-18
• 4.5.2 - 2019-11-13
• 4.5.1 - 2019-10-29
• 4.5.0 - 2019-10-28
• 4.4.5 - 2019-10-20
• 4.4.4 - 2019-10-20
• 4.4.3 - 2019-10-08
• 4.4.2 - 2019-10-02
• 4.4.1 - 2019-10-02
• 4.4.0 - 2019-09-29
• 4.3.5 - 2019-10-02
• 4.3.4 - 2019-09-28
• 4.3.3 - 2019-09-27
• 4.3.2 - 2019-09-26
• 4.3.1 - 2019-09-24
• 4.3.0 - 2019-09-24
• 4.2.2 - 2019-10-02
• 4.2.1 - 2019-09-20
• 4.2.0 - 2019-09-03
• 4.1.2 - 2019-04-13
• 4.1.2-0 - 2019-08-25
• 4.1.1 - 2019-03-16
• 4.1.0 - 2019-02-07
• 4.0.14 - 2019-04-13
• 4.0.13 - 2019-02-07
• 4.0.12 - 2018-09-04
• 4.0.11 - 2017-10-17

from handlebars GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs