v2.0.0

Now the library also detects the use of the constructor key, as it was doing with the __proto__ key.
parse will throw an error by default, while safeParse will continue to work as before.

// old behavior
j.parse(
  '{"a": 5, "b": 6, "constructor":{"prototype":{"bar":"baz"}}, "__proto__": { "x": 7 } }',
  { protoAction: 'remove' }
) // => { a: 5: b:6, constructor: { prototype: { bar: 'baz' } } }

// new bahavior
j.parse(
  '{"a": 5, "b": 6, "constructor":{"prototype":{"bar":"baz"}}, "__proto__": { "x": 7 } }',
  { protoAction: 'remove' }
) // => SyntaxError

// for having the same behavior as before:
j.parse(
  '{"a": 5, "b": 6, "constructor":{"prototype":{"bar":"baz"}}, "__proto__": { "x": 7 } }',
  { protoAction: 'remove', constructorAction: 'ignore' }
) // => { a: 5: b:6, constructor: { prototype: { bar: 'baz' } } }

Features:

• Added support for constructorAction - #4