Add automated release process and fix tslint errors

[theoludwig]

Hey @RobinBuschmann, hopefully everything is fine for you! ❤️
Just wanted to know, what is the current state for adding colaborators to the project and how is going with the automated release process via GitHub as discussed in #856.

If you need some help to maintain sequelize-typescript, I would be happy to do so. 😃

What changes this PR introduce ?

• Update dependencies to the latest version so it fixes vulnerabilities
• Delete the package-lock.json file since packages on npm doesn't have lockfiles (I added a rule for that in .npmrc).
• Add .github/dependabot.yml
• Fix ts-lint errors since the current build on master is failing
• Delete .travis.yml file and instead use GitHub Actions as it is better integrated with GitHub and they change their pricing model, see: blog post
• Create a GitHub Action to automatically release the package on npm when someone create a new release on GitHub (see .github/workflows/npm-publish.yml)
  You will need to set a new secret NPM_TOKEN on the repo so it could works as it is explained there.

[RobinBuschmann]

Thanks a lot for implementing this <3

One thing need to be reverted: Can you bring back the package-lock file? If we don't want to publish the lock file to the npm registry, there is a better way to do so: Add the package-lock.json to the .npmignore file.
The package-lock is still necessary for development and should still be part of this project. I recommend to read the docs: https://docs.npmjs.com/cli/v6/configuring-npm/package-lock-json. :)

[RobinBuschmann]

I totally forgot to answer your questions.

Just wanted to know, what is the current state for adding colaborators to the project and how is going with the automated release process via GitHub as discussed in #856.

I did not add anyone as collaborator yet and I also didn't make any efforts to implement an automated release process. Are you interested in being added as a collaborator for this project?

[theoludwig]

@RobinBuschmann Right, I bring back the package-lock.json file.
I would be interested to maintain sequelize-typescript not as a main core contributor (since I would not have enough time) but to approve PRs, answer issues, yes with pleasure!

[RobinBuschmann]

@divlo Thanks for fixing ;) The builds are failing due to /home/runner/work/_temp/d5780aa8-b8a0-4c2d-b34d-68a6ae9131f8.sh: line 1: nyc: command not found. Any ideas why it can't find nyc? OK, I know why. But I'm asking myself why it did work with travis...

[theoludwig]

@RobinBuschmann Good, I answer and closed incorrect issues. If I accidentally closed a real issue, please reopen it.
I also approve PR that need to be merged, I'll try to continue this work and answer issues in the future. 😄
Note: dependabot doesn't need to run (branch protection rules), since it will never run, because it runs once a day to update dependencies.

[RobinBuschmann]

@divlo

Note: dependabot doesn't need to run (branch protection rules), since it will never run, because it runs once a day to update dependencies.
Ha, yes, makes totally sense :D Thanks!

Good, I answer and closed incorrect issues. If I accidentally closed a real issue, please reopen it.
I also approve PR that need to be merged, I'll try to continue this work and answer issues in the future. 😄

Great! Unfortunately I don't have time to check all issues you've commented. So I trust you to be conscientious :)