Fixes #219.

)

The `vm2` module has been deprecated and has critical security
vulnerabilities. The suggested replacement module `isolated-vm`
is not suitable for these packages, since it relies on a C++ binary.

Instead, these packages will use the `quickjs-emscripten` module to
execute the user code in an isolated QuickJS environment compiled to
WASM. This should allow the highest level of sandboxing and will
hopefully put an end to this cat and mouse game once and for all.

Fixes #218.

This reverts commit 57296a7.

Update escodegen to fix security vulnerability warning for `word-wrap` dependency.

`new URL('socks://host:port')` gives different results in browser and
Node.js because `socks` is not among the "special schemes" specified by
WHATWG and thus the hostname is treated as an opaque value (without
parsing the port). Node.js implementation, however, parses the `port`.

Since `proxy-agent` can be used in Electron, unless `URL` is imported
directly from the Node's `url` module - it is going to use the Browser's
version of it which won't work with socks urls.