chore: upgrade selfsigned dependency for node-forge security patch

[katelovescode]

• This is a bugfix
• This is a feature
• This is a code refactor
• This is a test update
• This is a docs update
• This is a metadata update
• This is a dependency update

For Bugs and Features; did you add new tests?

N/A

Motivation / Use-Case

Security vulnerability in a dependency of selfsigned; they bumped a version to patch it, so this updates webpack-dev-server's dependency to the patched version.

Breaking Changes

N/A

Additional Info

N/A

[jsf-clabot]

All committers have signed the CLA.

[codecov]

Codecov Report

Merging #2740 (460e66a) into master (4ab1f21) will decrease coverage by 0.22%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master    #2740      +/-   ##
==========================================
- Coverage   93.77%   93.54%   -0.23%     
==========================================
  Files          34       34              
  Lines        1333     1333              
  Branches      381      381              
==========================================
- Hits         1250     1247       -3     
- Misses         81       84       +3     
  Partials        2        2              

Impacted Files	Coverage Δ
lib/utils/updateCompiler.js	97.14% <0.00%> (-2.86%)	⬇️
lib/Server.js	96.36% <0.00%> (-0.43%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4ab1f21...460e66a. Read the comment docs.

[TheLarkInn]

@katelovescode Thank you so much for your first time contribution here!! 😍 I re-ran tests because it looked flakey but once we get tests passing I'll ask @evilebottnawi double check w/ me if they fail again.

Otherwise. LGTM!

[pardoman]

Could someone look into the automation failures and get the PR merged? It would be super helpful. Thank you.

[katelovescode]

@TheLarkInn I'm investigating the test suites that failed; the linting failed because of my second commit message, which I'll fix when I squash and repush.

The Node 8 instances all seem to be running for a very long time and throwing lots of BigInt is not defined

These tests all pass on my local: OSX 10.15.7, Node 12.14.1

Test failures on

• Linux Node 14, 12, 10, 10-canary
• Mac Node 14, 12, 10, 10-canary
• Windows Node 12, 10, 10-canary

FAIL test/cli/cli.test.js (35.699s)
  ● CLI › --sockPath

    expect(received).toEqual(expected) // deep equality

    Expected: true
    Received: false

      91 |         expect(
      92 |           /http:\/\/localhost:[0-9]+&sockPath=\/mysockPath/.test(output.stdout)
    > 93 |         ).toEqual(true);
         |           ^
      94 |         done();
      95 |       })
      96 |       .catch(done);

      at test/cli/cli.test.js:93:11


Test Suites: 1 failed, 66 passed, 67 total

Error/syntax error on Linux, Mac and Windows Node 6 (there are cascading failures about ports not being available, etc., seems like Node 6 might have some compatibility issues with the code as-is):

> webpack-dev-server@3.11.0 test:coverage /home/vsts/work/1/s
> npm run test:only -- --coverage "--ci" "--reporters=default" "--reporters=jest-junit"


> webpack-dev-server@3.11.0 test:only /home/vsts/work/1/s
> jest --forceExit "--coverage" "--ci" "--reporters=default" "--reporters=jest-junit"

[BABEL] Note: The code generator has deoptimised the styling of /home/vsts/work/1/s/node_modules/lodash/lodash.js as it exceeds the max of 500KB.
FAIL test/e2e/Client.test.js (19.545s)
  ● reload › hot with default transportMode.client (sockjs) › on browser client › should reload without page refresh

    Jest encountered an unexpected token

    This usually means that you are trying to import a file which Jest cannot parse, e.g. it's not plain JavaScript.

Test failures on Windows Node 14:

Summary of all failing tests
FAIL test/cli/cli.test.js (64.484s)
  ● CLI › --sockPath

    expect(received).toEqual(expected) // deep equality

    Expected: true
    Received: false

      91 |         expect(
      92 |           /http:\/\/localhost:[0-9]+&sockPath=\/mysockPath/.test(output.stdout)
    > 93 |         ).toEqual(true);
         |           ^
      94 |         done();
      95 |       })
      96 |       .catch(done);

      at test/cli/cli.test.js:93:11

FAIL test/server/contentBasePublicPath-option.test.js (64.206s)
  ● contentBasePublicPath option › to directory › Request to index

    Timeout - Async callback was not invoked within the 60000ms timeout specified by jest.setTimeout.Error: Timeout - Async callback was not invoked within the 60000ms timeout specified by jest.setTimeout.

      at mapper (node_modules/jest-jasmine2/build/queueRunner.js:25:45)
          at runMicrotasks (<anonymous>)

  ● contentBasePublicPath option › to directory › Request to other file

    Timeout - Async callback was not invoked within the 60000ms timeout specified by jest.setTimeout.Error: Timeout - Async callback was not invoked within the 60000ms timeout specified by jest.setTimeout.

      at mapper (node_modules/jest-jasmine2/build/queueRunner.js:25:45)
          at runMicrotasks (<anonymous>)

If you've got configuration for those Azure pipelines documented somewhere public, I wouldn't mind looking into it a little more.

[alexander-akait]

We are preparing v4 with updated deps, anyway you can update your deps locally, no need to do release