From c6e871143eeaf87f013a0f8db288e2dda56c1a83 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 13 Feb 2026 07:22:36 +0000
Subject: [PATCH] fix: plugins/catalog-backend/package.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-WEBPACK-15235959
- https://snyk.io/vuln/SNYK-JS-WEBPACK-15235969
- https://snyk.io/vuln/SNYK-JS-QS-15268416
---
 plugins/catalog-backend/package.json | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/plugins/catalog-backend/package.json b/plugins/catalog-backend/package.json
index 8b4edcbc20875e..23e84f912b93ed 100644
--- a/plugins/catalog-backend/package.json
+++ b/plugins/catalog-backend/package.json
@@ -45,7 +45,7 @@
     "clean": "backstage-cli package clean"
   },
   "dependencies": {
-    "@backstage/backend-common": "workspace:^",
+    "@backstage/backend-common": "0.24.1",
     "@backstage/backend-openapi-utils": "workspace:^",
     "@backstage/backend-plugin-api": "workspace:^",
     "@backstage/backend-tasks": "workspace:^",
@@ -54,21 +54,21 @@
     "@backstage/config": "workspace:^",
     "@backstage/errors": "workspace:^",
     "@backstage/integration": "workspace:^",
-    "@backstage/plugin-auth-node": "workspace:^",
+    "@backstage/plugin-auth-node": "0.1.0",
     "@backstage/plugin-catalog-common": "workspace:^",
     "@backstage/plugin-catalog-node": "workspace:^",
     "@backstage/plugin-events-node": "workspace:^",
     "@backstage/plugin-permission-common": "workspace:^",
     "@backstage/plugin-permission-node": "workspace:^",
-    "@backstage/plugin-scaffolder-common": "workspace:^",
-    "@backstage/plugin-search-backend-module-catalog": "workspace:^",
-    "@backstage/plugin-search-common": "workspace:^",
+    "@backstage/plugin-scaffolder-common": "0.1.0",
+    "@backstage/plugin-search-backend-module-catalog": "0.3.0",
+    "@backstage/plugin-search-common": "0.3.1",
     "@backstage/types": "workspace:^",
     "@opentelemetry/api": "^1.3.0",
     "@types/express": "^4.17.6",
     "codeowners-utils": "^1.0.2",
     "core-js": "^3.6.5",
-    "express": "^4.17.1",
+    "express": "^4.22.0",
     "express-promise-router": "^4.1.0",
     "fast-json-stable-stringify": "^2.1.0",
     "fs-extra": "10.1.0",