From 82e56d7adf2871edc82bf8058e7789dfa3a5fa2d Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 5 Mar 2026 01:16:16 +0000
Subject: [PATCH] fix: app/packages/backend/package.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-FASTXMLPARSER-15353391
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-15353387
- https://snyk.io/vuln/SNYK-JS-MINIMATCH-15353389
- https://snyk.io/vuln/SNYK-JS-TOOTALLNATEONCE-15250612
---
 app/packages/backend/package.json | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/app/packages/backend/package.json b/app/packages/backend/package.json
index 60e68d816..c590fa02f 100644
--- a/app/packages/backend/package.json
+++ b/app/packages/backend/package.json
@@ -16,7 +16,7 @@
     "build-image": "docker build ../.. -f Dockerfile --tag backstage"
   },
   "dependencies": {
-    "@backstage/backend-common": "^0.20.0",
+    "@backstage/backend-common": "^0.24.1",
     "@backstage/backend-tasks": "^0.5.13",
     "@backstage/catalog-client": "^1.5.1",
     "@backstage/catalog-model": "^1.4.3",
@@ -25,11 +25,11 @@
     "@backstage/plugin-auth-backend": "^0.20.2",
     "@backstage/plugin-auth-node": "^0.4.2",
     "@backstage/plugin-catalog-backend": "^1.16.0",
-    "@backstage/plugin-catalog-backend-module-github": "^0.4.6",
+    "@backstage/plugin-catalog-backend-module-github": "^0.9.0",
     "@backstage/plugin-catalog-backend-module-scaffolder-entity-model": "^0.1.5",
     "@backstage/plugin-kubernetes-backend": "^0.14.0",
     "@backstage/plugin-permission-common": "^0.7.11",
-    "@backstage/plugin-permission-node": "^0.7.19",
+    "@backstage/plugin-permission-node": "^0.9.0",
     "@backstage/plugin-proxy-backend": "^0.4.6",
     "@backstage/plugin-scaffolder-backend": "^1.19.2",
     "@backstage/plugin-search-backend": "^1.4.8",
@@ -38,15 +38,15 @@
     "@backstage/plugin-search-backend-module-techdocs": "^0.1.12",
     "@backstage/plugin-search-backend-node": "^1.2.12",
     "@backstage/plugin-sonarqube-backend": "^0.2.10",
-    "@backstage/plugin-techdocs-backend": "^1.9.1",
+    "@backstage/plugin-techdocs-backend": "^2.0.0",
     "@backstage/plugin-todo-backend": "^0.3.6",
-    "@roadiehq/backstage-plugin-argo-cd-backend": "^2.13.0",
+    "@roadiehq/backstage-plugin-argo-cd-backend": "^3.0.4",
     "app": "link:../app",
     "better-sqlite3": "^9.0.0",
     "dockerode": "^3.3.1",
     "express": "^4.17.1",
     "express-promise-router": "^4.1.0",
-    "node-gyp": "^9.0.0",
+    "node-gyp": "^12.0.0",
     "pg": "^8.11.3",
     "winston": "^3.2.1",
     "express-prom-bundle": "^7.0.0",