Fix serialize-javascript vulnerability

Ahhhh, here we go again.

This time, we need to bump the webpack CompressionPlugin to get rid of the audit warnings, which caused a breaking change: the default for the cache option is now set to true. Since we use this plugin for production builds and it is mostly done in CI, I chose to explicitly set it back to false.