Vulnerability in `assign-deep` dependency

[ryan-codingintrigue]

The version of assign-deep used by the project has an active vulnerability and is recommended to update to the latest version:
https://github.com/jonschlinkert/assign-deep/blob/1.0.1/README.md

Would it be possible to upgrade the project to use this new version?

Thanks!

[MyScriptSupport]

Dear Ryan,

Thank you for raising our attention to this issue.

This vulnerability is a concern in case a Javascript payload is sent to the BackEnd in Javascript, which is not the case of our BackEnd server (that is in Java).

Nevertheless, the version of assign-deep is already UpToDate in the next MyScript JS release that should be available in a few weeks.
In the meantime you might want to take the version that is available in the branch corresponding to #23 to get the UpToDate version of assign-deep. This fix is provided as is, without qualification.

Best regards,

MyScript Support.