From d8f53ec87909768448e5ad778b2dc2ed86d5ceb8 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 12 Dec 2025 11:15:40 +0000
Subject: [PATCH] fix: api/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NANOID-8492085
- https://snyk.io/vuln/SNYK-JS-BRACEEXPANSION-9789073
---
 api/package.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/api/package.json b/api/package.json
index 2f77c8bd60ea7e..70bf355ca1fc20 100644
--- a/api/package.json
+++ b/api/package.json
@@ -11,7 +11,7 @@
     "@fastify/multipart": "^8.3.0",
     "@fastify/oauth2": "7.8.1",
     "@fastify/swagger": "8.14.0",
-    "@fastify/swagger-ui": "1.10.2",
+    "@fastify/swagger-ui": "3.0.0",
     "@fastify/type-provider-typebox": "3.6.0",
     "@growthbook/growthbook": "1.3.1",
     "@prisma/client": "5.5.2",
@@ -27,10 +27,10 @@
     "jsonwebtoken": "9.0.2",
     "lodash": "4.17.21",
     "mongodb": "6.10.0",
-    "nanoid": "3",
+    "nanoid": "3.3.8",
     "no-profanity": "1.5.1",
     "nodemailer": "6.9.10",
-    "pino-pretty": "10.2.3",
+    "pino-pretty": "10.3.0",
     "query-string": "7.1.3",
     "stripe": "16.0.0",
     "validator": "13.11.0"