From ea091fc4505d8ca8ca73a4948a4072ba8c6e6253 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 23 Jan 2026 08:56:31 +0000
Subject: [PATCH] fix: ui/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-15053838
---
 ui/package.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/ui/package.json b/ui/package.json
index ab53f77d83212..454b6e9b0a983 100644
--- a/ui/package.json
+++ b/ui/package.json
@@ -36,7 +36,7 @@
     "deepmerge": "^3.2.0",
     "foundation-sites": "^6.4.3",
     "git-url-parse": "^11.1.2",
-    "html-webpack-plugin": "^3.2.0",
+    "html-webpack-plugin": "^4.0.0",
     "jest-junit": "^6.4.0",
     "js-yaml": "^3.13.1",
     "jscs": "^3.0.7",
@@ -46,7 +46,7 @@
     "moment": "^2.24.0",
     "monaco-editor": "^0.15.6",
     "monaco-editor-webpack-plugin": "^1.7.0",
-    "node-sass": "^4.7.2",
+    "node-sass": "^9.0.0",
     "prop-types": "^15.6.0",
     "raw-loader": "^0.5.1",
     "react": "^16.8.3",
@@ -56,7 +56,7 @@
     "react-form": "2.16.0",
     "react-ga": "^2.6.0",
     "react-helmet": "^5.2.0",
-    "react-hot-loader": "^3.1.3",
+    "react-hot-loader": "^4.0.0",
     "react-moment": "^0.9.2",
     "react-paginate": "^6.2.1",
     "react-router": "^4.3.1",