From d1e6f366fc51d487e4b6424368f9f975ef6ec286 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 27 Jan 2026 20:40:06 +0000
Subject: [PATCH] fix: plugins/catalog-import/package.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15032660
- https://snyk.io/vuln/SNYK-JS-BACKSTAGEBACKENDPLUGINAPI-15054291
- https://snyk.io/vuln/SNYK-JS-LODASH-15053838
- https://snyk.io/vuln/SNYK-JS-LODASHES-15053836
- https://snyk.io/vuln/SNYK-JS-DIFF-14917201
- https://snyk.io/vuln/SNYK-JS-ESLINT-15102420
---
 plugins/catalog-import/package.json | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/plugins/catalog-import/package.json b/plugins/catalog-import/package.json
index 19d475d94e8544..9c03d0bf506d03 100644
--- a/plugins/catalog-import/package.json
+++ b/plugins/catalog-import/package.json
@@ -35,13 +35,13 @@
     "@backstage/catalog-client": "workspace:^",
     "@backstage/catalog-model": "workspace:^",
     "@backstage/config": "workspace:^",
-    "@backstage/core-components": "workspace:^",
+    "@backstage/core-components": "0.8.6",
     "@backstage/core-plugin-api": "workspace:^",
     "@backstage/errors": "workspace:^",
-    "@backstage/integration": "workspace:^",
-    "@backstage/integration-react": "workspace:^",
+    "@backstage/integration": "0.1.0",
+    "@backstage/integration-react": "0.1.1",
     "@backstage/plugin-catalog-common": "workspace:^",
-    "@backstage/plugin-catalog-react": "workspace:^",
+    "@backstage/plugin-catalog-react": "0.0.1",
     "@material-ui/core": "^4.12.2",
     "@material-ui/icons": "^4.9.1",
     "@material-ui/lab": "4.0.0-alpha.61",
@@ -49,7 +49,7 @@
     "@types/react": "^16.13.1 || ^17.0.0",
     "git-url-parse": "^13.0.0",
     "js-base64": "^3.6.0",
-    "lodash": "^4.17.21",
+    "lodash": "^4.17.23",
     "react-hook-form": "^7.12.2",
     "react-use": "^17.2.4",
     "yaml": "^2.0.0"