drop buffer-crc32 dependency

[thejoshwolfe]

Why have a dependency for 1 math function when you can copy paste it into your own code. This is, for better or worse, more friendly to security auditing tools.

Closes #172.

> zlib.crc32(Buffer.from("plumless"))
1306201125
> require("./crc32")(Buffer.from("buckeroo"))
1306201125

The actual changes that come from embedding the buffer-crc32 dependency into this codebase are:

1. no more type coercion logic, which included a sus new Buffer(integer) expression as a fallback for old versions of node. i think security auditing tools are sophisticated enough to see the conditions around that expression and not complain, but type coercion is unnecessary complexity for yauzl's usecase, and therefor it contributes negative value anyway. deleted.
2. no more signed crc32 nonsense; the return value is always unsigned. no more initial value parameter, since we don't need it. we only compute crc32 from a Buffer, so that's the only function left.
3. use a for...of to iterate through the bytes of the Buffer which is potentially more performant, but realistically probably about the same. We're only operating on a few dozen bytes at a time anyway, and only when the rarely used file name compatibility extra field is found in a .zip file, which has been obsolete since 2006.
4. prefer zlib.crc32() for node 20+ and fallback to the pure javascript implementation.
5. most importantly, format the table of integers 8 to a row instead of 5 to a row. much better. 🙂

now there's only 1 dependency left in yauzl, and it could be obsoleted by an internal overhaul of callbacks to use await, but i'm not sure i'm going to do that right away.