From 1be1cd874afecaf8a9ce8e7ff4ad7f45d1296990 Mon Sep 17 00:00:00 2001
From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com>
Date: Fri, 13 Feb 2026 10:51:38 +0000
Subject: [PATCH 1/2] fix: plugins/bazaar-backend/package.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AJV-15274295
- https://snyk.io/vuln/SNYK-JS-QS-15268416
---
 plugins/bazaar-backend/package.json | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/plugins/bazaar-backend/package.json b/plugins/bazaar-backend/package.json
index 6e960f384c128a..0f5048007479ea 100644
--- a/plugins/bazaar-backend/package.json
+++ b/plugins/bazaar-backend/package.json
@@ -23,13 +23,13 @@
     "clean": "backstage-cli package clean"
   },
   "dependencies": {
-    "@backstage/backend-common": "workspace:^",
-    "@backstage/backend-plugin-api": "workspace:^",
+    "@backstage/backend-common": "0.24.1",
+    "@backstage/backend-plugin-api": "0.6.19",
     "@backstage/config": "workspace:^",
-    "@backstage/errors": "workspace:^",
-    "@backstage/plugin-auth-node": "workspace:^",
+    "@backstage/errors": "0.1.1",
+    "@backstage/plugin-auth-node": "0.6.0",
     "@types/express": "^4.17.6",
-    "express": "^4.17.1",
+    "express": "^4.22.0",
     "express-promise-router": "^4.1.0",
     "knex": "^2.0.0",
     "winston": "^3.2.1",

From 86143a9cd88c2df5978502b37dc35d4c6349b337 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 17 Feb 2026 05:51:41 +0000
Subject: [PATCH 2/2] fix: plugins/bazaar-backend/package.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-AJV-15274295
- https://snyk.io/vuln/SNYK-JS-QS-15268416