Long-overdue deps update

This finally addresses all the pending dependency updates and matching vulnerabilities.

Major is due to several dep majors being upgraded, even if only for dev.

Dependency security fix

CVE-2018-16469 alerted us to a vuln in merge pre-1.2.1, which was required transitively in dev through the Jest packages. We upgraded using good ol' npm audit fix so contributors have nothing to fear!

The quality booster

Infrastructure & Tooling

• Full VS Code, EditorConfig, ESLint and Prettier setup for contributors to have an easier way to follow the coding style we adhere to, with automatic commit/push hooks as safeguards
• Husky / CommitLint / Conventional-Changelog linter for commit messages
• Custom homepage (GH Pages derivation)
• Although we still report coverage to CodeClimate, we also report it to CodeCov now for a number of reasons. The badge now reflects CodeCov.

Documentation

The Contributing guide was updated to reflect this new tooling and infrastructure.

Updates

• All dependencies were updated to their latest versions. (Greenkeeper incorrectly detected they broke the build, although it was a package-lock refusal due to npm ci runs…?)

The end of all FIXMEs 🎉

Fixes

• null values on PII fields do not break anything anymore

New features

• Data migration utility (when you have existing, unprotected data you need to start from)

Documentation

• Complete README docs, including detailed badges for code coverage and code quality / maintainability
• Formal code of conduct and contributing guidelines

Let's not publish too much in the package

• Strip test coverage and Travis config from the published npm package 🤦‍♂️

API docs!

• Full API documentation in the README
• Test fixing for sneaky random failures due to undetected reliance on promise sequencing
• Travis CI setup
• Greenkeeper setup
• Various badges in the README