Update package version in express-cli.js

pug, less-middleware, and hbs
SEMVER WARNING: Recommended action is a potentially breaking change
  Low             Regular Expression Denial of Service
  Package         clean-css
  Dependency of   pug
  Path            pug > pug-filters > clean-css
  More info       https://npmjs.com/advisories/785

                                 Manual Review
             Some vulnerabilities require your attention to resolve
          Visit https://go.npm.me/audit-guide for additional guidance

  Moderate        Prototype Pollution
  Package         hoek
  Patched in      > 4.2.0 < 5.0.0 || >= 5.0.3
  Dependency of   less-middleware
  Path            less-middleware > less > request > hawk > boom > hoek
  More info       https://npmjs.com/advisories/566

  Moderate        Prototype Pollution
  Package         hoek
  Patched in      > 4.2.0 < 5.0.0 || >= 5.0.3
  Dependency of   less-middleware
  Path            less-middleware > less > request > hawk > cryptiles > boom >
                  hoek
  More info       https://npmjs.com/advisories/566

  Moderate        Prototype Pollution
  Package         hoek
  Patched in      > 4.2.0 < 5.0.0 || >= 5.0.3
  Dependency of   less-middleware
  Path            less-middleware > less > request > hawk > hoek
  More info       https://npmjs.com/advisories/566

  Moderate        Prototype Pollution
  Package         hoek
  Patched in      > 4.2.0 < 5.0.0 || >= 5.0.3
  Dependency of   less-middleware
  Path            less-middleware > less > request > hawk > sntp > hoek
  More info       https://npmjs.com/advisories/566

  High            Insufficient Entropy
  Package         cryptiles
  Patched in      >=4.1.2
  Dependency of   less-middleware
  Path            less-middleware > less > request > hawk > cryptiles
  More info       https://npmjs.com/advisories/1464

# Run  npm install hbs@4.1.1  to resolve 5 vulnerabilities

  Low             Prototype Pollution
  Package         minimist
  Dependency of   hbs
  Path            hbs > handlebars > optimist > minimist
  More info       https://npmjs.com/advisories/1179

  Moderate        Denial of Service
  Package         handlebars
  Dependency of   hbs
  Path            hbs > handlebars
  More info       https://npmjs.com/advisories/1300

  High            Arbitrary Code Execution
  Package         handlebars
  Dependency of   hbs
  Path            hbs > handlebars
  More info       https://npmjs.com/advisories/1316

  High            Arbitrary Code Execution
  Package         handlebars
  Dependency of   hbs
  Path            hbs > handlebars
  More info       https://npmjs.com/advisories/1324

  High            Prototype Pollution
  Package         handlebars
  Dependency of   hbs
  Path            hbs > handlebars
  More info       https://npmjs.com/advisories/1325
expressjs / generator

Update package version in express-cli.js #288
