Prevent namespace objects from inheriting Object.prototype

[sosukesuzuki]

What does this PR do?

Fixes namespace import objects inheriting from Object.prototype, preventing prototype pollution and ensuring ES specification compliance.

import * as mod from './mod.mjs'

Object.prototype.foo = function() {
    console.log('hello');
}

mod.foo(); // This should throw, but succeeded before

original report: https://x.com/sapphi_red/status/1957843865722863876

How did you verify your code works?

I added a test that verifies:

• mod.maliciousFunction() throws when Object.prototype.maliciousFunction is added (prevents pollution)
• __esModule property still works
• Original exports remain accessible

[robobun]

^{Updated 11:47 AM PT - Aug 19th, 2025}

❌ @autofix-ci[bot], your commit 60fa786 has 4 failures in Build #23371:

• test/bundler/bundler_splitting.test.ts - 1 failing on 🐧 24.04 aarch64
• test/napi/node-napi-tests/test/js-native-api/test_finalizer/do.test.ts - 1 failing on 🐧 12 x64-asan
• test/js/node/test/parallel/test-worker-memory.js - code 1 on 🍎 14 aarch64
• test/js/node/test/parallel/test-child-process-spawnsync-shell.js - timeout on 🪟 2019 x64
• test/js/node/test/parallel/test-child-process-spawnsync-shell.js - timeout on 🪟 2019 x64-baseline

---

🧪   To try this PR locally:

bunx bun-pr 21984

That installs a local version of the PR into your bun-21984 executable, so you can run:

bun-21984 --bun