From 086bab4fb6c92348d64cdf5620cda1335b361bd6 Mon Sep 17 00:00:00 2001 From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com> Date: Thu, 22 Jan 2026 22:10:22 +0000 Subject: [PATCH] fix: packages/cli/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-DIFF-14917201 - https://snyk.io/vuln/SNYK-JS-BACKSTAGEBACKENDPLUGINAPI-15054291 - https://snyk.io/vuln/SNYK-JS-LODASH-15053838 - https://snyk.io/vuln/SNYK-JS-LODASHES-15053836 --- packages/cli/package.json | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/packages/cli/package.json b/packages/cli/package.json index 8b78b16900615b..a40399339204ad 100644 --- a/packages/cli/package.json +++ b/packages/cli/package.json @@ -30,15 +30,15 @@ "backstage-cli": "bin/backstage-cli" }, "dependencies": { - "@backstage/catalog-model": "workspace:^", + "@backstage/catalog-model": "0.1.1", "@backstage/cli-common": "workspace:^", - "@backstage/cli-node": "workspace:^", + "@backstage/cli-node": "0.1.0", "@backstage/config": "workspace:^", - "@backstage/config-loader": "workspace:^", + "@backstage/config-loader": "0.6.10", "@backstage/errors": "workspace:^", "@backstage/eslint-plugin": "workspace:^", - "@backstage/integration": "workspace:^", - "@backstage/release-manifests": "workspace:^", + "@backstage/integration": "0.1.0", + "@backstage/release-manifests": "0.0.1", "@backstage/types": "workspace:^", "@esbuild-kit/cjs-loader": "^2.4.1", "@manypkg/get-packages": "^1.1.3", @@ -77,7 +77,7 @@ "cross-fetch": "^3.1.5", "cross-spawn": "^7.0.3", "css-loader": "^6.5.1", - "diff": "^5.0.0", + "diff": "^8.0.3", "esbuild": "^0.18.0", "esbuild-loader": "^2.18.0", "eslint": "^8.6.0", @@ -104,7 +104,7 @@ "jest-environment-jsdom": "^29.0.2", "jest-runtime": "^29.0.2", "json-schema": "^0.4.0", - "lodash": "^4.17.21", + "lodash": "^4.17.23", "mini-css-extract-plugin": "^2.4.2", "minimatch": "^5.1.1", "node-fetch": "^2.6.7",