From dab8cfe8b6d5c73efd8c7e19d00cc2686e3f53a6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Brunner?= <stephane.brunner@camptocamp.com>
Date: Fri, 14 Jun 2024 08:21:54 +0200
Subject: [PATCH 1/2] Audit: Do force npm audit fix

---
 github_app_geo_project/module/audit/utils.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/github_app_geo_project/module/audit/utils.py b/github_app_geo_project/module/audit/utils.py
index 415b6075ec5..8ebe5eeb4e7 100644
--- a/github_app_geo_project/module/audit/utils.py
+++ b/github_app_geo_project/module/audit/utils.py
@@ -487,7 +487,7 @@ async def _npm_audit_fix(
     fix_success = True
     for package_lock_file_name, file_messages in fixable_files_npm.items():
         messages.update(file_messages)
-        command = ["npm", "audit", "fix"]
+        command = ["npm", "audit", "fix", "--force"]
         _, success = await _run_timeout(
             command,
             os.environ.copy(),

From 8b538fc97d83bb49cf37f3978eca9b5cf7853def Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Brunner?= <stephane.brunner@camptocamp.com>
Date: Fri, 14 Jun 2024 08:36:26 +0200
Subject: [PATCH 2/2] Audit: Remove the add '~' in the version in the
 package.json

---
 github_app_geo_project/module/audit/utils.py | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/github_app_geo_project/module/audit/utils.py b/github_app_geo_project/module/audit/utils.py
index 8ebe5eeb4e7..ff90fea182a 100644
--- a/github_app_geo_project/module/audit/utils.py
+++ b/github_app_geo_project/module/audit/utils.py
@@ -486,6 +486,7 @@ async def _npm_audit_fix(
     messages: set[str] = set()
     fix_success = True
     for package_lock_file_name, file_messages in fixable_files_npm.items():
+        directory = os.path.dirname(os.path.abspath(package_lock_file_name))
         messages.update(file_messages)
         command = ["npm", "audit", "fix", "--force"]
         _, success = await _run_timeout(
@@ -496,8 +497,19 @@ async def _npm_audit_fix(
             "Error while fixing the project",
             "Timeout while fixing the project",
             result,
-            os.path.dirname(os.path.abspath(package_lock_file_name)),
+            directory,
         )
+        # Remove the add '~' in the version in the package.json
+        with open(os.path.join(directory, "package.json"), encoding="utf-8") as package_file:
+            package_json = json.load(package_file)
+            for dependencies_type in ("dependencies", "devDependencies"):
+                for package, version in package_json.get(dependencies_type, {}).items():
+                    print(dependencies_type, package, version)
+                    if version.startswith("^"):
+                        package_json[dependencies_type][package] = version[1:]
+            with open(os.path.join(directory, "package.json"), "w", encoding="utf-8") as package_file:
+                json.dump(package_json, package_file, indent=2)
+
         fix_success &= success
     return "\n".join(messages), fix_success