Upgrade webpack-dev-server to avoid security vulnerability

[mxxk]

Frankly, this vulnerability is not an issue for this repo because:

1. The code is public anyway (you're reading it!)
2. The vulnerable dependency, webpack-dev-server, is only used for development and not hosting the Quip Live App in production

But, it's a quick fix and will make this warning alert go away:

[mxxk]

Currently blocked on quip/quip-apps#36 since webpack-dev-server is pulled in as a dependency of quip-apps-webpack-config: https://github.com/toastmasters-dev/quip-toastmasters/blob/ed4848cd900593f7c83b3cf2e4504406e1140dc9/package.json#L12