From aa07a4466f0bed2ca5436a711447d0e487a2f28f Mon Sep 17 00:00:00 2001
From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com>
Date: Fri, 6 Feb 2026 02:39:14 +0000
Subject: [PATCH] fix: plugins/graphql-backend/package.json to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-APOLLOSERVER-15208673
---
 plugins/graphql-backend/package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/plugins/graphql-backend/package.json b/plugins/graphql-backend/package.json
index b672929c87142a..e356566a0116bb 100644
--- a/plugins/graphql-backend/package.json
+++ b/plugins/graphql-backend/package.json
@@ -33,10 +33,10 @@
     "clean": "backstage-cli package clean"
   },
   "dependencies": {
-    "@apollo/server": "^4.0.0",
+    "@apollo/server": "^5.4.0",
     "@backstage/backend-common": "workspace:^",
     "@backstage/config": "workspace:^",
-    "@backstage/plugin-catalog-graphql": "workspace:^",
+    "@backstage/plugin-catalog-graphql": "0.1.1",
     "@graphql-tools/schema": "^9.0.0",
     "@types/express": "^4.17.6",
     "express": "^4.17.1",