chore(@quasar/app-webpack): update express to ^4.20.0

[hazzik]

This is to fix GHSA-qw6h-vgh9-j6wx

Also use caret version for express and @types/express to remove a need to update version in the future.

What kind of change does this PR introduce?

• Bugfix
• Feature
• Documentation
• Code style update
• Refactor
• Build-related changes
• Other, please describe:

Does this PR introduce a breaking change?

• Yes
• No

The PR fulfills these requirements:

• It's submitted to the dev branch (or v[X] branch)
• When resolving a specific issue, it's referenced in the PR's title (e.g. fix: #xxx[,#xxx], where "xxx" is the issue number)
• It's been tested on a Cordova (iOS, Android) app
• It's been tested on an Electron app
• Any necessary documentation has been added or updated in the docs or explained in the PR's description.

If adding a new feature, the PR's description includes:

• A convincing reason for adding this feature (to avoid wasting your time, it's best to start a new feature discussion first and wait for approval before working on it)

Other information:

[rstoenescu]

Hi,

Using the caret seems like a good idea. However we've had tremendous problems in the past with things getting broken (even Vue itself). What we want to achieve is a setup that works all the time. Regardless, thank you for contributing!