Remove confusing npm 6 hack warning in `npm/Dockerfile` and remove global `.npmrc`

[jeffwidman]

While auditing the Dockerfiles last week, I spotted this confusing warning about a hack to work around a npm 6 issue.

We've deprecated npm 6 support recently, so this hack is no longer necessary.

But it took some serious spelunking in the code to understand the context behind this hack, plus the layers of additional command line flags that were added to workaround this hack.

The net-net:

1. Remove the hack from the npm_and_yarn/Dockerfile
2. This unlocked removing the dry-run: true setting from the global .npmrc
3. It turns out we already set --ignore-scripts in a bunch of places, so we don't need to set it in the global .npmrc either.
4. Whenever we run within the Dependabot context, it doesn't make sense to run npm audit or show funding messages. Previously we set the audit flag in the global .npmrc, but we can instead set those as env vars in the Dockerfile. The env vars will take precedence over any user config files. Again, even if the user is specifying they want audit/funding messages, it doesn't make sense to show those within the Dependabot context. So we set them unconditionally.
5. This in turn results in no custom config being set in the global .npmrc, so we can remove that file entirely.
6. Apply similar changes to the bun ecosystem since it has some helpers copy/pasted from the npm_and_yarn ecosystem. For details on the copy/paste, see:
   • https://github.com/dependabot/dependabot-core/pull/13680