Stop latest_merge_request_diff from returning merge head diffs

Summary

In this RFH gitlab-com/request-for-help#3510, a customer reported that a merge request webhook is publishing merge_head diff commits. This should not be the case, as merge_head diffs are used internally to generate diffs against the current head of the branch we branched off from.

On investigating, we found a method override that allows lookups for the latest diffs, i.e latest_merge_request_diff that does not filter for regular diffs only (merge_head diffs have an explicitly defined method to fetch them).

Example Project

What is the current bug behavior?

merge_head diffs could be read instead of regular diffs only when calling latest_merge_request_diff

What is the expected correct behavior?

latest_merge_request_diff should only return regular diffs.

Results of GitLab environment info

Possible fixes

• Filter for regular diffs only when calling latest_merge_request_diff
• Prevent the latest_merge_request_diff_id from being updated to a merge_head diff