[Snyk] Upgrade reflect-metadata from 0.2.1 to 0.2.2 #1039

New Issue

MrUnknownDE · 2026-04-05T16:25:05+02:00

MrUnknownDE commented

2026-04-05 16:25:05 +02:00

Originally created by @simlarsen on 4/19/2024

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade reflect-metadata from 0.2.1 to 0.2.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 1 version ahead of your current version.
The recommended version was released 21 days ago, on 2024-03-29.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Information Exposure SNYK-JS-FOLLOWREDIRECTS-6444610	432/1000 Why? Proof of Concept exploit, CVSS 6.5	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: reflect-metadata

0.2.2 - 2024-03-29
0.2.1 - 2023-12-14
What's Changed
- Fix stack overflow crash in isProviderFor by @ rbuckton in #155
- Update main to v0.2.1 by @ rbuckton in #156
Full Changelog: v0.2.0...v0.2.1

from reflect-metadata GitHub release notes

Commit messages

Package name: reflect-metadata

ca9650a Bump patch version
49e57c0 Merge pull request #161 from rbuckton/fix-fallback
a0a0553 Fix incorrect early exit in fallback
67ae05d Add test showing fallback issue
6dd6417 Merge pull request #159 from hasezoey/ignoreGithub
1509722 Ignore .github directoy for npm publishing
9562d63 Merge pull request #157 from rbuckton/backwards-compat-exports
0c237d8 Add backwards-compatible exports for reflect-metadata/Reflect
f56f83a Merge pull request #156 from rbuckton/release-0.2
7afd45d Merge pull request #155 from rbuckton/fix-153
af40361 Fix stack overflow crash in isProviderFor
1fce5c6 Merge pull request #152 from rbuckton/fix-GenRandomValues
7c4239a Don't use return value of crypto.getRandomValues
b7db32c Merge pull request #151 from rbuckton/fix-typo
f5a3b4d Fix typos
9a48a2d Merge pull request #91 from cncolder/patch-1
9fb4625 Merge pull request #138 from knutkj/knutkj/traceur-readme-link/1
3b8fa50 Merge branch 'main' into knutkj/traceur-readme-link/1
2e88855 Merge pull request #150 from rbuckton/release-0.2
cfd3ccf Unprettified README file.
76fb116 Added link to Traceur in README file. Prettified README file.
1288ddf fix typo in comment

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

*Originally created by @simlarsen on 4/19/2024* This PR was automatically created by Snyk using the credentials of a real user. <h3>Snyk has created this PR to upgrade reflect-metadata from 0.2.1 to 0.2.2.</h3> :information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project. <hr/> - The recommended version is **1 version** ahead of your current version. - The recommended version was released **21 days ago**, on 2024-03-29. The recommended version fixes: Severity | Issue | PriorityScore (*) | Exploit Maturity | :-------------------------:|:-------------------------|-------------------------|:------------------------- <img src="https://res.cloudinary.com/snyk/image/upload/w_20,h_20/v1561977819/icon/m.png" width="20" height="20" title="medium severity"/> | Information Exposure [SNYK-JS-FOLLOWREDIRECTS-6444610](https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6444610) | **432/1000** **Why?** Proof of Concept exploit, CVSS 6.5 | Proof of Concept (*) Note that the real score may have changed since the PR was raised. <details> <summary>Release notes</summary> <details> <summary>Package name: reflect-metadata</summary> <ul> <li> 0.2.2 - 2024-03-29 </li> <li> 0.2.1 - <a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/releases/tag/v0.2.1">2023-12-14</a><h2>What's Changed</h2> <ul> <li>Fix stack overflow crash in isProviderFor by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rbuckton/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://snyk.io/redirect/github/rbuckton">@ rbuckton</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2042278239" data-permission-text="Title is private" data-url="https://github.com/rbuckton/reflect-metadata/issues/155" data-hovercard-type="pull_request" data-hovercard-url="/rbuckton/reflect-metadata/pull/155/hovercard" href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/pull/155">#155</a></li> <li>Update main to v0.2.1 by <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/users/rbuckton/hovercard" data-octo-click="hovercard-link-click" data-octo-dimensions="link_type:self" href="https://snyk.io/redirect/github/rbuckton">@ rbuckton</a> in <a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="2042288748" data-permission-text="Title is private" data-url="https://github.com/rbuckton/reflect-metadata/issues/156" data-hovercard-type="pull_request" data-hovercard-url="/rbuckton/reflect-metadata/pull/156/hovercard" href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/pull/156">#156</a></li> </ul> Full Changelog: <a class="commit-link" href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/compare/v0.2.0...v0.2.1"><tt>v0.2.0...v0.2.1</tt></a> </li> </ul> from <a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/releases">reflect-metadata GitHub release notes</a> </details> </details> <details> <summary>Commit messages</summary> <details> <summary>Package name: reflect-metadata</summary> <ul> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/ca9650a46e3dfa32d0b384936eed539bd9109b12">ca9650a</a> Bump patch version</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/49e57c0980a25acb0d23c28ab53aa9e4e8325b8c">49e57c0</a> Merge pull request #161 from rbuckton/fix-fallback</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/a0a0553af092b5f2337cb48aa636b8ec1ee3a437">a0a0553</a> Fix incorrect early exit in fallback</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/67ae05dca18611de3469a860224a17be4fc5286b">67ae05d</a> Add test showing fallback issue</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/6dd641705082b7919ad95c55c525c39c46bc87bb">6dd6417</a> Merge pull request #159 from hasezoey/ignoreGithub</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/1509722c994ab7a78191b9b9e86e92b319d968bd">1509722</a> Ignore .github directoy for npm publishing</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/9562d6395cc3901eaafaf8a6ed8bc327111853d5">9562d63</a> Merge pull request #157 from rbuckton/backwards-compat-exports</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/0c237d86da250c70ce9de313d1755a95b1434925">0c237d8</a> Add backwards-compatible exports for reflect-metadata/Reflect</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/f56f83a697dbeaa58d084d53ccc67bc2e85ad458">f56f83a</a> Merge pull request #156 from rbuckton/release-0.2</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/7afd45d5f1542ef72475d671fef3449d0b7239df">7afd45d</a> Merge pull request #155 from rbuckton/fix-153</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/af40361c9934f3fcfd3ef2cc2a47aa047a2eb34d">af40361</a> Fix stack overflow crash in isProviderFor</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/1fce5c627b0032756c76a271bb3b2a34020fa61f">1fce5c6</a> Merge pull request #152 from rbuckton/fix-GenRandomValues</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/7c4239afcaa4053b6b2bf25b94281e2763a52c13">7c4239a</a> Don't use return value of crypto.getRandomValues</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/b7db32ce9d82d6e4bb2eb08eed8710718ab11b6a">b7db32c</a> Merge pull request #151 from rbuckton/fix-typo</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/f5a3b4d3cfc96d43ba234d638117103fe32cf4cc">f5a3b4d</a> Fix typos</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/9a48a2dac75518c1ae38c930f9433cb08e4f5739">9a48a2d</a> Merge pull request #91 from cncolder/patch-1</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/9fb462581b23ba953f37d45e2474bdd676bc890b">9fb4625</a> Merge pull request #138 from knutkj/knutkj/traceur-readme-link/1</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/3b8fa505c061bb3a0f296326179fbfb7b0631305">3b8fa50</a> Merge branch 'main' into knutkj/traceur-readme-link/1</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/2e88855844921bded1e4be6843610988b5a7ab12">2e88855</a> Merge pull request #150 from rbuckton/release-0.2</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/cfd3ccff90d5b66a2588ae1c74dca0e4e8092569">cfd3ccf</a> Unprettified README file.</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/76fb116a4d2c7b15ab9bcf9fbeb4fb1a6124e6e9">76fb116</a> Added link to Traceur in README file. Prettified README file.</li> <li><a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/commit/1288ddf1e434a3db89417247b4fa218f6381c18a">1288ddf</a> fix typo in comment</li> </ul> <a href="https://snyk.io/redirect/github/rbuckton/reflect-metadata/compare/5c2589f4a99b5e52873f7868172bf72a5c017b37...ca9650a46e3dfa32d0b384936eed539bd9109b12">Compare</a> </details> </details> <hr/> **Note:** *You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.* For more information: <img src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiJjNzQyYmY0Yy0yYzJjLTQ4OGUtYThjMC0wYWRjMDQ1M2ZmNGMiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6ImM3NDJiZjRjLTJjMmMtNDg4ZS1hOGMwLTBhZGMwNDUzZmY0YyJ9fQ==" width="0" height="0"/> 🧐 [View latest project report](https://app.snyk.io/org/oneuptime-RsC2nshvQ2Vnr35jHvMnMP/project/f6446ec8-d441-487e-b58f-38373430e213?utm_source=github&utm_medium=referral&page=upgrade-pr) 🛠 [Adjust upgrade PR settings](https://app.snyk.io/org/oneuptime-RsC2nshvQ2Vnr35jHvMnMP/project/f6446ec8-d441-487e-b58f-38373430e213/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr) 🔕 [Ignore this dependency or unsubscribe from future upgrade PRs](https://app.snyk.io/org/oneuptime-RsC2nshvQ2Vnr35jHvMnMP/project/f6446ec8-d441-487e-b58f-38373430e213/settings/integration?pkg=reflect-metadata&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)

MrUnknownDE closed this issue

2026-04-05 16:25:05 +02:00

Sign in to join this conversation.

Branches Tags

master

release

snyk-fix-0aa85871afc5c8eee83a20407bd9e063

new-dash

probe-runner

better-logs

merge-ui

api-ref-refactor

safe-vm

tf-demo

dash-chunk

mult-slack

episode-resolve

feat/homepage-seo-v2

seo/compare-pages-homepage-optimize

tf-sets

vite-build

alert-grouping-product

oneuptime-fix-exception-5f43cb12

deprecate-telemetry-service

oneuptime-fix-exception-b77cfaf1

workflow-ui-update

chore/bump-version-9.2.5-1764859493

chore/bump-version-9.2.5-1764857051

state-change

postmortem

chore/bump-version-9.1.3-1764685359

pricing-compare

use-cases

dashboard-logs

incident-declared-at

agent-lib

scim-patch-fix

files-notes

dropdown-labels

revoke-token

refresh-sessions

oneuptime-ssl

telemetry-attr

nativewind

oneuptime-mobile-app

timepkr

cert-kube

new-log-ui

ms-temas-bot

span-improve

teams-integration

cert-manager

final-ms-teams

new-markdown

scim-update

probe-proxy-impl

probe-proxy-url

fb-whatsapp

whatsapp-integration

ms-teams-conn

copilot-plus

vs-code-copilot

ms-teams

server-bucket-size

sp-scim

scim

probe-queue

queue-work

keda-autoscaler

otel-keda

telemetry-queue

otel-queue

mobile-responsive

add-state-to-title

file-tf

snyk-fix-21d325191a83f6e495f02680309be6df

new-terraform-provider

tf-provider

msp-server

announcement-templates

optmize-esbuild

ms-teams-workspace-integration

run-as-non-root

fix/team-member-service-test-error

feature/msteams-integration-backend

optmize-dash

split-dashboard

feature/responsive-navbar

feat/mobile-responsive-sidemenu

mobile-navbar

mobile-ui

fix-recurring-events

fix-monitor-test

snyk-fix-6d5b446d98eb30ad7cc48664f26e8dd3

snyk-fix-5f2a25c13d925a6df331a8db1b4b6bc3

snyk-fix-82cf608c1e34aadeec1e40be2dd7692c

snyk-fix-28fb72b74f8e210b21994c9d4a749db4

snyk-fix-9dd32ce4170d36a0032a14eca7bcc974

snyk-fix-33cfbfb6119028a909c55ae0b6f42134

snyk-fix-0d6c626395070c0bf0647893fd4ad82c

telemetry-decorator

snyk-fix-9dcd00f3db77cda7a8a956ad4c744638

snyk-fix-39e89b36dc9e401d2beb27cf134cb8f8

manual-workflow

sp-api

snyk-fix-476babcac00c78674ae2231bc91de4f0

snyk-fix-aba76b601f35a212295c529b373457fa

slack-app

otel-collector-queue-size

scheduled-maintenance-feed

add-proxy-to-server-monitor

snyk-fix-129563dbc737d32bc6bb8e3311b8bb86

metrics-monitor

snyk-fix-b3faaf7e1b0131c254a19d461fdfa12f

snyk-fix-49a541156a8e299f9158ecc2e1ce3e4e

snyk-fix-6fed1c2110e88e596893df3351740515

snyk-fix-7f3c8e70773dfe11ea8caed8e34b2573

snyk-fix-2643b617b033d0cbf19291b6ad7776a4

snyk-fix-1219e1241120fcf13feb7bc0b54e18e3

merge-monitor-metrics

dashboarding

oneuptime-copilot-oneuptime-copilot-improve-comments-ZlPvy

oneuptime-copilot-oneuptime-copilot-improve-comments-vThJD

oneuptime-copilot-oneuptime-copilot-improve-comments-veTFM

snyk-fix-1230088cdc5e6714c07c4043881095db

sp-custom-cert

realtime

snyk-fix-2267fc7afa5dd1aadc03bda66d835a26

snyk-fix-82eb97bf3553f75fcdec629b2375d091

snyk-fix-0ff1eeedd26324c34c4b6446c78d93ab

snyk-fix-7a5cb77d5e30b278d6086cc6ec7563dd

snyk-fix-80a68103cb676782e141f18725deae71

oneuptime-copilot-oneuptime-copilot-add-spans-Dcefh

oneuptime-copilot-oneuptime-copilot-improve-comments-YRJKG

oneuptime-copilot-oneuptime-copilot-improve-comments-PBqVE

snyk-fix-6390d5be9d2dcbe507da6d19b87bb581

oneuptime-copilot-oneuptime-copilot-improve-comments-dnfTZ

copilot-main

error-tracking

snyk-fix-616369b0f1423d8113422a2b0ea1798a

snyk-fix-ecde2433ac879fc83fcb7fbaef849ca2

snyk-fix-1436684cb4b974b4b38ec0de7c27678b

snyk-fix-929b1416ccb03655ff400075fc126a5d

merge-dir

snyk-upgrade-bc55cc4a3bed3c919d5253c5ccb89569

oneuptime-copilot-oneuptime-copilot-improve-comments-NXaNT

oneuptime-copilot-oneuptime-copilot-improve-comments-MhFUX

oneuptime-copilot-oneuptime-copilot-improve-comments-eHoNt

oneuptime-copilot-oneuptime-copilot-improve-comments-BWpyo

landing-page

clickhouse-optimization

attributes-cache

snyk-upgrade-b1d7fc785c4b347f9540423872d4f7eb

snyk-upgrade-b12f9d5ede2ce54b392c16e1398efc0d

snyk-upgrade-90863abe750274199042129d216ec458

snyk-upgrade-24742a40cc66c0ff20127c49b31c5b92

status-page-reports

monitor-reports

oneuptime-app-oneuptime-app-improve-comments-wPkHZ

oneuptime-app-oneuptime-app-improve-comments-zheFq

oneuptime-app-oneuptime-app-improve-comments-yGblU

oneuptime-app-oneuptime-app-improve-comments-XvJyI

oneuptime-app-oneuptime-app-improve-comments-Iigpp

oneuptime-app-oneuptime-app-improve-comments-BLqEd

oneuptime-app-oneuptime-app-improve-comments-BSWXD

oneuptime-app-oneuptime-app-improve-comments-iDNIR

oneuptime-app-oneuptime-app-improve-comments-FPiCN

oneuptime-app-oneuptime-app-improve-comments-hfdRa

oneuptime-app-oneuptime-app-improve-comments-yEhKY

oneuptime-app-oneuptime-app-improve-comments-iOjcB

oneuptime-app-oneuptime-app-improve-comments-tFtyx

oneuptime-app-oneuptime-app-improve-comments-sBvxI

oneuptime-app-oneuptime-app-improve-comments-IXAhB

oneuptime-app-oneuptime-app-improve-comments-YtccK

oneuptime-app-oneuptime-app-improve-comments-QCnqA

oneuptime-app-oneuptime-app-improve-comments-NMjBi

oneuptime-app-oneuptime-app-improve-comments-lDSQP

oneuptime-app-oneuptime-app-improve-comments-YdAAE

oneuptime-app-oneuptime-app-improve-comments-JVpQw

oneuptime-app-oneuptime-app-improve-comments-DncIm

oneuptime-app-oneuptime-app-improve-comments-iBzpC

oneuptime-app-oneuptime-app-improve-comments-GkOnn

telemetry-backend

snyk-upgrade-818024a85e0cd5b743112ffb7f513123

snyk-upgrade-2f9ef5e24aa83032721fce51c3a0b0ca

oneuptime-app-oneuptime-app-refactor-code-nDOMw

oneuptime-app-oneuptime-app-refactor-code-nzaSs

oneuptime-app-oneuptime-app-refactor-code-TIxRv

oneuptime-app-oneuptime-app-refactor-code-Llyxi

oneuptime-app-oneuptime-app-refactor-code-lfIez

oneuptime-app-oneuptime-app-improve-comments-FLlpf

oneuptime-app-oneuptime-app-improve-comments-DaGfY

oneuptime-app-oneuptime-app-improve-comments-XaYkK

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-CDFoR

ai-copilot-main

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-hueYU

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-HQfro

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-JVpKF

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-mSRcD

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-NXSdG

oneuptime-app-oneuptime-app-fix-grammar-and-spelling-CYFVx

oneuptime-app-oneuptime-app-improve-comments-UsHIA

oneuptime-app-oneuptime-app-improve-comments-ZBFjb

oneuptime-app-oneuptime-app-improve-comments-ggYpS

oneuptime-app-oneuptime-app-improve-comments-YUFeh

eval-over-time

oneuptime-app-oneuptime-app-improve-comments-LkJYk

ai-main-70b

eslint

oneuptime-app-test-branch-11

oneuptime-app-test-branch-10

oneuptime-app-test-branch-7

oneuptime-app-test-branch-6

test-branch

nz/metric-detail

ext-postgres

perms-refactor

filter-refactor

group-by

greenlock-refactor

attributes

react-app

otel

snyk-upgrade-3677f1da0f20b9341d779856ea606cce

snyk-upgrade-324862099bddfa90e5e0e06eb934c162

renovate/node-16.x-lockfile

snyk-upgrade-ac717665d10b7db0ddb20de9bdaf435b

snyk-upgrade-7b7ea7a1c722d2b7f48e290063771f7b

snyk-upgrade-520b5a017b5e7985121ef90b57317068

renovate/stripe-react-stripe-js-1.x-lockfile

renovate/heroicons-react-2.x-lockfile

renovate/headlessui-react-1.x-lockfile

renovate/clickhouse-clickhouse-server-23.x

snyk-upgrade-8a1c1f353568dcbc7b2c3e4beec4a6b7

snyk-upgrade-affb0a1678b57ae5a6f3183f5e8d302d

renovate/vm2-3.x-lockfile

renovate/start-server-and-test-1.x-lockfile

renovate/chrome-launcher-0.x-lockfile

renovate/mikepenz-release-changelog-builder-action-3.x

renovate/npm-xmldom-vulnerability

monitor-groups

feature-flags

logging

admin-dashboard

update-deps

metered-plan

fix-status-page-refresh

owner-emails

owners-in-form

monitoring

fix-small-issues

single-docker-container

workflow-fix

staus-page-fix

slack_workflow

emails

fix/ping-monitor-ipv6

fix-typescript-errors

issue/160-add-setup-alert

143-fix-github-actions-jobs-dont-run-on-prs-from-forked-repo

142-github-actions-build-job-to-run-home-tests

147-form-containers

131-add-styling-for-account-in-topbar

chore/setup-sonar-cloud-#21

96-css-for-login-page

97-css-login-page

35-write-docker-build-job-for-helmchart

ts-migrate

monitor-box

feature-github-actions-3

feature-github-actions

feature-github-actions-2

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/oneuptime#1039