From bb5913ad6faea6b99e7c8291d97f5450f4c5ede4 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 7 Oct 2022 14:54:53 +0000
Subject: [PATCH] fix: packages/strapi-plugin-documentation/package.json &
 packages/strapi-plugin-documentation/.snyk to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASH-1018905
- https://snyk.io/vuln/SNYK-JS-LODASH-1040724
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
- https://snyk.io/vuln/SNYK-JS-PROPERTYEXPR-598800
- https://snyk.io/vuln/SNYK-JS-SWAGGERUIDIST-2314884
- https://snyk.io/vuln/SNYK-JS-YUP-2420835


The following vulnerabilities are fixed with a Snyk patch:
- https://snyk.io/vuln/SNYK-JS-LODASH-567746
---
 packages/strapi-plugin-documentation/.snyk       | 14 ++++++++++++++
 .../strapi-plugin-documentation/package.json     | 16 ++++++++++------
 2 files changed, 24 insertions(+), 6 deletions(-)
 create mode 100644 packages/strapi-plugin-documentation/.snyk

diff --git a/packages/strapi-plugin-documentation/.snyk b/packages/strapi-plugin-documentation/.snyk
new file mode 100644
index 00000000000..a8f8f85b7ec
--- /dev/null
+++ b/packages/strapi-plugin-documentation/.snyk
@@ -0,0 +1,14 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.25.0
+ignore: {}
+# patches apply the minimum changes required to fix a vulnerability
+patch:
+  SNYK-JS-LODASH-567746:
+    - strapi-helper-plugin > lodash:
+        patched: '2022-10-07T14:54:36.476Z'
+    - strapi-helper-plugin > @buffetjs/custom > lodash:
+        patched: '2022-10-07T14:54:36.476Z'
+    - strapi-helper-plugin > @buffetjs/custom > @buffetjs/core > lodash:
+        patched: '2022-10-07T14:54:36.476Z'
+    - strapi-helper-plugin > @buffetjs/custom > @buffetjs/core > @buffetjs/utils > lodash:
+        patched: '2022-10-07T14:54:36.476Z'
diff --git a/packages/strapi-plugin-documentation/package.json b/packages/strapi-plugin-documentation/package.json
index 7e4dde25a13..2f98fb942a9 100644
--- a/packages/strapi-plugin-documentation/package.json
+++ b/packages/strapi-plugin-documentation/package.json
@@ -8,20 +8,22 @@
     "description": "Create an OpenAPI Document and visualize your API with SWAGGER UI."
   },
   "scripts": {
-    "test": "echo \"no tests yet\""
+    "test": "echo \"no tests yet\"",
+    "prepublish": "npm run snyk-protect",
+    "snyk-protect": "snyk-protect"
   },
   "dependencies": {
     "@buffetjs/core": "3.3.3-next.2",
-    "@buffetjs/custom": "3.3.3-next.2",
+    "@buffetjs/custom": "3.3.7",
     "@buffetjs/hooks": "3.3.3-next.2",
     "@buffetjs/icons": "3.3.3-next.2",
     "@buffetjs/styles": "3.3.3-next.2",
-    "@buffetjs/utils": "3.3.3-next.2",
+    "@buffetjs/utils": "3.3.7",
     "cheerio": "^1.0.0-rc.5",
     "fs-extra": "^9.0.1",
     "immutable": "^3.8.2",
     "koa-static": "^5.0.0",
-    "lodash": "4.17.19",
+    "lodash": "4.17.21",
     "moment": "^2.29.1",
     "path-to-regexp": "^3.1.0",
     "react": "^16.13.1",
@@ -36,7 +38,8 @@
     "redux-immutable": "^4.0.0",
     "reselect": "^4.0.0",
     "strapi-helper-plugin": "3.4.1",
-    "swagger-ui-dist": "3.35.0"
+    "swagger-ui-dist": "4.1.3",
+    "@snyk/protect": "latest"
   },
   "author": {
     "name": "soupette",
@@ -76,5 +79,6 @@
     "npm": ">=6.0.0"
   },
   "license": "SEE LICENSE IN LICENSE",
-  "gitHead": "231263a3535658bab1e9492c6aaaed8692d62a53"
+  "gitHead": "231263a3535658bab1e9492c6aaaed8692d62a53",
+  "snyk": true
 }