Change dependency to url-regex to fix security issue

[daniel-graupner]

See https://www.npmjs.com/advisories/1550

As per advicory, maybe use url-regex-safeinstead.

[thien-do]

@daniel-graupner do you want to fork this and have a version w url-regex-safe instead?