Rakesh Paruchuri nuc13us

## jsondiffpatch-security-issue
I was looking at the fix for CVE prototype pollution that was patched in version 0.7.6. That fix added UNSAFE_KEYS checks in jsonpatch-apply.ts and nested.ts to block __proto__,
constructor, and prototype from being used as path segments — so you can't do something like {"op": "add", "path": "/__proto__/polluted", "value": true} anymore.

But then I asked myself: what about the value side? When you do a JSON Patch add or replace, the library clones the value before inserting it into the target object. I opened up clone.ts
and immediately noticed it has no awareness of dangerous keys at all. It just loops through every own property and assigns it with bracket notation.
	I was looking at the fix for CVE prototype pollution that was patched in version 0.7.6. That fix added UNSAFE_KEYS checks in jsonpatch-apply.ts and nested.ts to block __proto__,
	constructor, and prototype from being used as path segments — so you can't do something like {"op": "add", "path": "/__proto__/polluted", "value": true} anymore.

	But then I asked myself: what about the value side? When you do a JSON Patch add or replace, the library clones the value before inserting it into the target object. I opened up clone.ts
	and immediately noticed it has no awareness of dangerous keys at all. It just loops through every own property and assigns it with bracket notation.