From 73f6239a17665857209711dbab50201edf13aee1 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 22 Jan 2026 19:30:43 +0000
Subject: [PATCH] fix: plugins/xcmetrics/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15038581
- https://snyk.io/vuln/SNYK-JS-ELLIPTIC-14908844
- https://snyk.io/vuln/SNYK-JS-BACKSTAGEBACKENDPLUGINAPI-15054291
- https://snyk.io/vuln/SNYK-JS-LODASH-15053838
- https://snyk.io/vuln/SNYK-JS-LODASHES-15053836
- https://snyk.io/vuln/SNYK-JS-DIFF-14917201
---
 plugins/xcmetrics/package.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/plugins/xcmetrics/package.json b/plugins/xcmetrics/package.json
index 57ab0ad3f23046..a854ab42e48a70 100644
--- a/plugins/xcmetrics/package.json
+++ b/plugins/xcmetrics/package.json
@@ -23,14 +23,14 @@
     "clean": "backstage-cli package clean"
   },
   "dependencies": {
-    "@backstage/core-components": "workspace:^",
+    "@backstage/core-components": "0.1.0",
     "@backstage/core-plugin-api": "workspace:^",
     "@backstage/errors": "workspace:^",
-    "@backstage/theme": "workspace:^",
+    "@backstage/theme": "0.1.1",
     "@material-ui/core": "^4.12.2",
     "@material-ui/icons": "^4.9.1",
     "@material-ui/lab": "4.0.0-alpha.61",
-    "lodash": "^4.17.21",
+    "lodash": "^4.17.23",
     "luxon": "^3.0.0",
     "react-use": "^17.2.4",
     "recharts": "^2.5.0"