* install npm from npm

* use embedded npm and remove versions checking

Renovate will now depend on yarn like any other dependency and call this version directly, instead of having an embedded version. This will allow us to "renovate" the yarn version we use too.

- Any package names not matching valid pattern will be rewritten to “dummy”
- “engines” and “scripts” fields will be completely removed

Closes #801, Closes #784

This feature adds initial support for renovating Dockerfiles. Renovate now:
- Detects all `Dockerfile`s in repo
- Searches for `FROM x` in first non-comment line, breaks x into image, tag, digest
- Queries public Docker registry for image:tag combination to find latest digest
- Patches Dockerfile if necessary
- Creates branches/PRs as like with npm

Closes #795 

* fix eslint configuration

* run eslint fix

This feature adds support for renovating Meteor's `package.js` files. Meteor config is disabled by default so must be manually enabled to work. If enabled, Renovate uses GitHub's search API to look for any files named `package.js` that include the text `Npm.depends`. If so then the file is parsed using Regex to extract its dependencies and check them for updates.

Closes #785 

* add minimatch

* feat: use package names for ignoring when lerna or workspaces

Renovate will now:
- Find all package.json files matching lerna or yarn workspaces glob pattern
- Retrieve package names from within those package.json files
- Implicitly ignore (not renvoate) any of those names

Closes #781

Helps #777

This will help “self heal” in cases where the branch becomes invalid and PR creation continually fails.

Closes #773

If a repository has a lock file error (e.g. can’t look up a private module) then it will no longer attempt to create every branch. Instead, it will error/exit after the first branch. Additionally, “Pin Dependencies” has been sorted to be first and further branches won’t be added or updated until Pin Dependencies has been merged.

* remove registry-url

* replace registry-url with registry-auth-token

Fixes #793

* fix: migrate “every xday” to “on xday”

* fix: do not migrate before and after if before is after after

e.g. do not migrate “after 1am and before 5am”

A new config object `encrypted` can be defined at any level and contain encrypted configuration strings. Initial use is for encrypting an npm token for use with the hosted renovate app.

Closes #650

Forward slash is replaced with %2F. It is assumed that this is backwards compatible with api v3 too.

Closes #749

Closes #757

GitLab 9.5 deprecates api v3 and `iid` must now be used for MRs