fixed issue#33 CVE-2022-25645 added test for it

[fortiZde]

#33 CVE-2022-25645

Firstly added tests with snyk provided code example
and fixed the missing prototype pollution checks.

References:

---

Source: CERT
Name: https://github.com/lukeed/dset/blob/master/src/merge.js%23L9
Url: https://github.com/lukeed/dset/blob/master/src/merge.js%23L9

---

Source: CERT
Name: https://snyk.io/vuln/SNYK-JS-DSET-2330881
Url: https://snyk.io/vuln/SNYK-JS-DSET-2330881

---

Source: CERT
Name: https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2431974
Url: https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2431974

[codecov-commenter]

Codecov Report

Merging #38 (5c9ebb0) into master (56923fe) will not change coverage.
The diff coverage is 100.00%.

@@            Coverage Diff            @@
##            master       #38   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            2         2           
  Lines           34        35    +1     
=========================================
+ Hits            34        35    +1     

Impacted Files	Coverage Δ
src/merge.js	100.00% <100.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 56923fe...5c9ebb0. Read the comment docs.

[fortiZde]

Thanks for updating :)