Bump @backstage/plugin-catalog-node from 1.19.0 to 2.2.1

[dependabot]

Bumps @backstage/plugin-catalog-node from 1.19.0 to 2.2.1.

Release notes

Sourced from @​backstage/plugin-catalog-node's releases.

v1.52.0-next.2

Oops 🧹

v1.52.0-next.1

See docs/releases/v1.52.0-next.1-changelog.md for more information.

v1.52.0-next.0

See docs/releases/v1.52.0-next.0-changelog.md for more information.

v1.51.1

This patch release fixes the following issues:

• Split queryEntities list and count queries to fix CTE materialization bottleneck
• Fix 406 response for repository/archive retrieval in gitlabUrlReader
• Restore runtime dependencies incorrectly demoted to devDependencies
• Fix msgraph userGroupMember filter error by filtering disabled users client-side

v1.51.0

These are the release notes for the v1.51.0 release of Backstage.

A huge thanks to the whole team of maintainers and contributors as well as the amazing Backstage Community for the hard work in getting this release developed and done.

Highlights

BREAKING: Removed deprecated NavItemBlueprint

The deprecated NavItemBlueprint has been removed from @backstage/frontend-plugin-api. Navigation items are now discovered from PageBlueprint extensions based on their title and icon params. If you were still using NavItemBlueprint, migrate by setting title and icon on the page extension instead. All built-in plugins have been updated accordingly.

Additionally, renderInTestApp from @backstage/frontend-test-utils no longer renders a sidebar or legacy nav-item extensions. The app nav extension is now disabled in the minimal test app shell.

BREAKING: Removed deprecated PortableSchema.schema property form

The deprecated property form of PortableSchema.schema has been removed from @backstage/frontend-plugin-api. The schema member is now a plain method that must be called as schema() — direct property access like schema.type or schema.properties is no longer supported.

BREAKING: Hardened OIDC default patterns

The default allowed patterns for CIMD and DCR in @backstage/plugin-auth-backend have been hardened. The previous permissive ['*'] wildcards have been replaced with specific defaults for known MCP clients. If you previously relied on the permissive defaults and have custom MCP clients, you will need to explicitly add their patterns to the allow list.

BREAKING: Cleaned up PolicyQueryUser type

The token and expiresInSeconds fields have been removed from PolicyQueryUser in @backstage/plugin-permission-node. These were previously deprecated in favor of credentials with coreServices.auth. The identity field has been deprecated. A new CachedUserInfoService with a 5-second TTL cache and in-flight request coalescing has been added to reduce repeated user info lookups.

BREAKING: Catalog entity pagination excludes entities without sort field

When paginating entities with an order field via /entities/by-query, entities that lack the order field are now excluded from both the result set and the totalItems count. Previously these entities appeared at the end via NULLS LAST, but cursor-based pagination could not actually reach them past the first page — the count over-reported the number of navigable entities.

BREAKING: Microsoft Graph disabled users filtered by default

The @backstage/plugin-catalog-backend-module-msgraph and @backstage/plugin-catalog-backend-module-msgraph-incremental providers now filter out disabled user accounts by default. The provider automatically applies an accountEnabled eq true filter, combining it with any custom user.filter you provide. If you need to ingest disabled accounts, set the filter to explicitly include them.

... (truncated)

Changelog

Sourced from @​backstage/plugin-catalog-node's changelog.

2.2.1

Patch Changes

• ab1cdbb: Removed a handful of internal imports that referenced the package by its own name. Value imports were switched to relative paths, and type-only imports to import type. These self-referential imports could trigger circular initialization errors in bundled ESM and when the package was loaded via jest.requireActual — most visibly Cannot access '_AppRootElementBlueprintesm' before initialization from @backstage/frontend-plugin-api. There are no user-facing API changes.
• Updated dependencies
  • @​backstage/catalog-model@​1.9.0
  • @​backstage/errors@​1.3.1
  • @​backstage/backend-test-utils@​1.11.3
  • @​backstage/backend-plugin-api@​1.9.1
  • @​backstage/plugin-permission-node@​0.11.0
  • @​backstage/plugin-permission-common@​0.9.9
  • @​backstage/catalog-client@​1.15.1
  • @​backstage/plugin-catalog-common@​1.1.10

2.2.1-next.1

Patch Changes

• ab1cdbb: Removed a handful of internal imports that referenced the package by its own name. Value imports were switched to relative paths, and type-only imports to import type. These self-referential imports could trigger circular initialization errors in bundled ESM and when the package was loaded via jest.requireActual — most visibly Cannot access '_AppRootElementBlueprintesm' before initialization from @backstage/frontend-plugin-api. There are no user-facing API changes.
• Updated dependencies
  • @​backstage/catalog-model@​1.8.1-next.1
  • @​backstage/backend-test-utils@​1.11.3-next.1
  • @​backstage/plugin-permission-common@​0.9.9-next.1

2.2.1-next.0

Patch Changes

• Updated dependencies
  • @​backstage/errors@​1.3.1-next.0
  • @​backstage/backend-plugin-api@​1.9.1-next.0
  • @​backstage/backend-test-utils@​1.11.3-next.0
  • @​backstage/catalog-client@​1.15.1-next.0
  • @​backstage/catalog-model@​1.8.1-next.0
  • @​backstage/plugin-permission-common@​0.9.9-next.0
  • @​backstage/plugin-permission-node@​0.10.13-next.0
  • @​backstage/types@​1.2.2
  • @​backstage/plugin-catalog-common@​1.1.10-next.0

2.2.0

Minor Changes

• e5fcfcb: Added provideStaticCatalogModel that helps provide a static catalog model at startup.

• 056e18e: BREAKING ALPHA: Removed the deprecated CatalogPermissionRuleInput, CatalogPermissionExtensionPoint, and catalogPermissionExtensionPoint exports. Use coreServices.permissionsRegistry directly to register catalog entity permission rules and permissions.

• c384fff: BREAKING PRODUCERS: Added updateLocation method to CatalogService for updating the type and target of an existing location. Any code that implements CatalogService must now provide this method.

• 7a03196: BREAKING ALPHA: Removed the following deprecated exports from @backstage/plugin-catalog-node/alpha:

  • catalogServiceRef — use catalogServiceRef from @backstage/plugin-catalog-node instead

... (truncated)

Commits

• See full diff in compare view