chore: Update update-notifier

Fixes serverless#7486

Bump update-notifier to the current version to resolve security alerts.
However, don't load in Node.js 6 because the current version is only
supported in Node.js 8 and above. The serverless package will still work
in Node.js 6, but it will not alert people when an upgrade is available.

lib/Serverless.js

@@ -5,7 +5,11 @@ const BbPromise = require('bluebird');
 const os = require('os');
 const chalk = require('chalk');
 const ensureString = require('type/string/ensure');
-const updateNotifier = require('update-notifier');
+
+// Only load update-notifier in Node.js 8 and above. The version used here may
+// not work in Node.js 6 and the versions that do work result in security
+// alerts.
+const updateNotifier = +process.versions.node.split('.')[0] < 8 ? null : require('update-notifier');
 const pkg = require('../package.json');
 const CLI = require('./classes/CLI');
 const Config = require('./classes/Config');
@@ -79,7 +83,10 @@ class Serverless {
         this.pluginManager.setCliOptions(this.processedInput.options);
         this.pluginManager.setCliCommands(this.processedInput.commands);
 
-        if (!installationMaintananceCommands.has(this.processedInput.commands[0])) {
+        if (
+          updateNotifier &&
+          !installationMaintananceCommands.has(this.processedInput.commands[0])
+        ) {
           // Check if update is available
           const notifier = updateNotifier({ pkg });
           notifier.notify({

package.json

@@ -72,7 +72,7 @@
     "tabtab": "^3.0.2",
     "type": "^2.0.0",
     "untildify": "^3.0.3",
-    "update-notifier": "^2.5.0",
+    "update-notifier": "^4.1.0",
     "uuid": "^3.4.0",
     "write-file-atomic": "^2.4.3",
     "yaml-ast-parser": "0.0.43",