This patch splits suggestions for git failures into two distinct stages,
one of which suggests that the closest published version be audited, and
then a suggestion of a delta-audit from that version to the git version.
In order to keep backlog numbers accurate, we need to suggest both the
delta and the base audit silmultaneously, which requires changes to how
suggestions are resolved.
Care was taken to ensure that these new suggestions should interact
correctly with other suggest features, such as registry suggestions and
trust hints. This is done by making these features only operate on the
"base" suggestion/published version when both are present.
This patch splits suggestions for git failures into two distinct stages, one of which suggests that the closest published version be audited, and then a suggestion of a delta-audit from that version to the git version. In order to keep backlog numbers accurate, we need to suggest both the delta and the base audit silmultaneously, which requires changes to how suggestions are resolved.
Care was taken to ensure that these new suggestions should interact correctly with other suggest features, such as registry suggestions and trust hints. This is done by making these features only operate on the "base" suggestion/published version when both are present.
Fixes #378