SHA256 Subresource Integrity of dependencies

[aardbol]

By viewing the source code, it should be immediately clear that the JavaScript/CSS dependencies have not been modified since the user's last visit, to allow for more transparency of changes to the code. We can improve this by adding the Subresource Integrity sha256 hashes to the script and stylesheet elements.

Every time a dependency is upgraded, the hash will be updated and added to this issue for transparency.

Current hashes:

jquery-3.4.1.js
sha256-WpOohJOqMqqyKL9FccASB9O0KwACQJpFTUBLTYOVvVU=

semantic-2.7.5.js
sha256-/fbdRVqLH/oOOtOg/Eb0A1ttDWTJn6L6yxhO2HC/+yg=

xxtea.js
sha256-FeTvtpHz0E1sewBokHlUBIwlYAx0yA7f9m+KVHvEJCY=

semantic-2.7.5.css
sha256-3a0+mzIiHF2Wt5DvkjjoX0+M9otO3KTaMaqhaSwVZXg=

custom.css
sha256-kh6gVNFTId2fxJriixeeDfo5X8rK0ZW9i81infWYch8=