From 874c1eb0b66ed6b09e3a40cbb865ef64164c720d Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 3 Feb 2026 00:08:56 +0000
Subject: [PATCH] fix: packages/cli/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-TAR-15127355
- https://snyk.io/vuln/SNYK-JS-ESLINT-15102420
---
 packages/cli/package.json | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/packages/cli/package.json b/packages/cli/package.json
index 8b78b16900615b..fa89695d6ecf6e 100644
--- a/packages/cli/package.json
+++ b/packages/cli/package.json
@@ -30,15 +30,15 @@
     "backstage-cli": "bin/backstage-cli"
   },
   "dependencies": {
-    "@backstage/catalog-model": "workspace:^",
+    "@backstage/catalog-model": "0.1.1",
     "@backstage/cli-common": "workspace:^",
     "@backstage/cli-node": "workspace:^",
     "@backstage/config": "workspace:^",
-    "@backstage/config-loader": "workspace:^",
+    "@backstage/config-loader": "0.1.1",
     "@backstage/errors": "workspace:^",
-    "@backstage/eslint-plugin": "workspace:^",
+    "@backstage/eslint-plugin": "0.1.0",
     "@backstage/integration": "workspace:^",
-    "@backstage/release-manifests": "workspace:^",
+    "@backstage/release-manifests": "0.0.1",
     "@backstage/types": "workspace:^",
     "@esbuild-kit/cjs-loader": "^2.4.1",
     "@manypkg/get-packages": "^1.1.3",
@@ -80,7 +80,7 @@
     "diff": "^5.0.0",
     "esbuild": "^0.18.0",
     "esbuild-loader": "^2.18.0",
-    "eslint": "^8.6.0",
+    "eslint": "^9.26.0",
     "eslint-config-prettier": "^8.3.0",
     "eslint-formatter-friendly": "^7.0.0",
     "eslint-plugin-deprecation": "^1.3.2",
@@ -127,7 +127,7 @@
     "style-loader": "^3.3.1",
     "sucrase": "^3.20.2",
     "swc-loader": "^0.2.3",
-    "tar": "^6.1.12",
+    "tar": "^7.5.7",
     "terser-webpack-plugin": "^5.1.3",
     "util": "^0.12.3",
     "webpack": "^5.70.0",