From 940b6adfdf03e5970ca1f807a2e14b1424a0e1d8 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 15 Dec 2024 22:39:42 +0000
Subject: [PATCH] fix: plugins/catalog-backend-module-msgraph/package.json to
 reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ASYNC-2441827
- https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137
- https://snyk.io/vuln/SNYK-JS-AXIOS-6032459
- https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6444610
- https://snyk.io/vuln/SNYK-JS-AXIOS-6124857
- https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180026
- https://snyk.io/vuln/SNYK-JS-AXIOS-6671926
- https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180024
- https://snyk.io/vuln/SNYK-JS-JSONWEBTOKEN-3180022
- https://snyk.io/vuln/SNYK-JS-AZUREMSALNODE-7246761
- https://snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-2396346
---
 plugins/catalog-backend-module-msgraph/package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/plugins/catalog-backend-module-msgraph/package.json b/plugins/catalog-backend-module-msgraph/package.json
index aec0de592e9b6..c36f96675d0fd 100644
--- a/plugins/catalog-backend-module-msgraph/package.json
+++ b/plugins/catalog-backend-module-msgraph/package.json
@@ -29,7 +29,7 @@
     "clean": "backstage-cli clean"
   },
   "dependencies": {
-    "@azure/msal-node": "^1.1.0",
+    "@azure/msal-node": "^2.9.2",
     "@backstage/catalog-model": "^0.9.10-next.0",
     "@backstage/config": "^0.1.13-next.0",
     "@backstage/plugin-catalog-backend": "^0.21.0-next.0",
@@ -38,7 +38,7 @@
     "lodash": "^4.17.21",
     "node-fetch": "^2.6.1",
     "p-limit": "^3.0.2",
-    "winston": "^3.2.1",
+    "winston": "^3.3.4",
     "qs": "^6.9.4"
   },
   "devDependencies": {