Track Node version with Dependabot

Node version is being locked for runtime consistency (see #111, #112). New releases should still be tracked to avoid depending on vulnerable runtime.

There are Docker containers for Coop services that depend on official Node images. Dependabot could track those to send notices when an upgrade is necessary.