Add warning about using Handlebars < 4.0.

Warning will disappear when express-handlebars update bumping handlebars dependency is released, provided that the new express-handlebars isn't a major version bump (since our dep is ^2.0.0)

lib/hooks/views/layoutshim.js

@@ -3,7 +3,7 @@
  */
 
 var path = require('path');
-
+var semver = require('semver');
 
 /**
  * Implement EJS layouts (a la Express 2)
@@ -44,6 +44,21 @@ module.exports = function layoutshim (sails, cb) {
 
 			else if (engineName === 'handlebars') {
 				var exphbs = require('express-handlebars');
+        var handlebarsMajorVersion;
+        try {
+          handlebarsMajorVersion = semver.major(require('express-handlebars/node_modules/handlebars').VERSION);
+        } catch (e) {
+          try {
+            handlebarsMajorVersion = semver.major(require('handlebars').VERSION);
+          }
+          catch (e2) {
+            handlebarsVersion = null;
+          }
+        }
+        if (!handlebarsMajorVersion) {sails.log.warn('Could not determine Handlebars version; versions < 4.0.0 may introduce security risks (see https://snyk.io/test/npm/handlebars/3)');}
+        else if (handlebarsMajorVersion < 4) {
+          sails.log.warn('Using Handlebars v' + handlebarsMajorVersion + '.x; Versions < 4.0.0 may introduce security risks (see https://snyk.io/test/npm/handlebars/3).');
+          sails.log.warn('When an updated version becomes available, you should be able to install it by updating your copy of Sails with `npm update`.');}
 				return sails.after('hook:http:loaded', function() {
 					sails.log.verbose('Overriding handlebars engine with express-handlebars to implement layout support...');
 					var hbs = exphbs.create({