Replacing clone package

[mariusrak]

Hello, I have few issues with simple schema cleaning that are related to clone package. They are mostly related to cloning objects that are not easily cloned (e.g. document's window object, which I would rather omit but there is no API for it). This makes use of simple schema more complicated. Also, I encounter node hard crash when using simple schema clean, which invokes clone.

This repo is not about the clone, so we will be not repairing it (I guess) however, the clone packages announces XSS vulnerability so I suggest reconsidering using this package and eventually replace it with an alternative. I'm not sure what requirements does simpl-schema have, so I'd rather not suggest which package should be used, but I believe the current one should be replaced.

Thanks.

[github-actions]

Thank you for submitting an issue!

If this is a bug report, please be sure to include, at minimum, example code showing a small schema and any necessary calls with all their arguments, which will reproduce the issue. Even better, you can link to a saved online code editor example, where anyone can immediately run the code and see the issue.

If you are requesting a feature, include a code example of how you imagine it working if it were implemented.

If you need to edit your issue description, click the [...] and choose Edit.

Be patient. This is a free and freely licensed package that I maintain in my spare time. You may get a response in a day, but it could also take a month. If you benefit from this package and would like to see more of my time devoted to it, you can help by sponsoring.

[aldeed]

Thank you for the suggestion. That package has been used by simpl-schema for many years so there may indeed be a better choice these days. I will look into what the needs are, or someone from the community can feel free to make suggestions here. (I kind of figured they would have built a deep cloning API and pattern into the JS language spec by now, but maybe someday.)