whatwg-url updated (require node js >= 18)

[gustawdaniel]

What kind of change does this PR introduce?

This PR refers to issues:

• Dependency whatwg-url causes big file to be included #6
• Deprecated dependency on whatwg-url -> punycode triggers DeprecationWarning #5

What is the current behavior?

Old "whatwg-url" version with deprecation warnings.
Old "nyc" and "rollup" with vulnerabilities.

61 vulnerabilities (6 moderate, 16 high, 39 critical)

What is the new behavior?

No deprecation warnings and less vulnerabilities.

38 vulnerabilities (2 moderate, 6 high, 30 critical)

Additional context

Version should be considered carefully because whatwg-url require node >= 18 so most of tested versions was removed from travis.

Skipped tests can be connected with nodejs/node#55762

[TomasHubelbauer]

Thank you for opening this PR, this would be the proper fix for the punycode deprecation warning so we'd not have to roll with package overrides. Hopefully this gets some maintainer eyes on it soon!

[jtomaszewski]

FYI until this gets merged, one can do this in package.json :

// npm
  "overrides": {
    "whatwg-url": "^14.0.0"
  }
  //yarn v1
  "resolutions": {
    "whatwg-url": "^14.0.0"
  }

[mandarini]

Hi @gustawdaniel ! Thank you so much for contributing to Supabase and for taking the time to fix all the issues caused by the outdated version of whatwg-url.

However, unfortunately I will be closing this PR now. Please read this comment here: supabase/supabase-js#914 (comment). Thank you for understanding and for bearing with us.

If you think we should revisit let me know. Once again, thank you so much for contributing, and I do hope my decision makes sense.

[mandarini]

See here please: supabase/supabase-js#1830