housekeeping: bump argparse dependency to ^1.0.10

[shockey]

Fixes #310; concurrent with PRs #312, #323, #327.

I started on a fresh branch to keep things simple.

• Adds a simple unit test for the CLI.
• Introduces a package-lock.json for contributors, in line with best practices for libraries.
  • If there's dissent on this, let's just drop the lockfile here and hash it out in another PR.
• Existing local and CI tests look good.
• Manual testing of the Remarkable binary and the specsplit support script reveal no breaking changes.

npm audit is now showing a clean slate for production dependencies:

➜ npm audit --json | jq '.advisories | map(.findings) | flatten | map(select(.dev == false))'
[]

This PR is clean and narrow only because of @TrySound's efforts around getting CI working again. Hat tip to @DarrenMack-OD who put a lot of effort into #323, which would've achieved the same end.

---

Per @jonschlinkert:

argparse should have released a patch to fix this. An issue should be created with that library, it shouldn't require a bump here.

Further, let's acknowledge that npm audit is lighting up Remarkable for something that isn't even a serious vulnerability to the library in the first place.

All that said... this has been a bother since February so let's just put it to bed 😄

[coveralls]

Coverage decreased (-0.6%) to 98.584% when pulling 27a1b4d on bug/310 into 4240559 on master.

[coveralls]

Coverage remained the same at 99.139% when pulling 76df13b on bug/310 into 4240559 on master.

[TrySound]

Hi, I already started using yarn in this project. Could you please remove package-lock and use yarn instead?