Refactor MR security pipeline comparison logic into a Finder

Summary

Following the implementation in !207751, the security pipeline comparison logic for merge requests should be refactored from the MergeRequest model into a dedicated Finder class.

Background

In !207751, we expanded the MR security pipeline comparison to check the last 10 commits on the target branch instead of just the latest commit. This logic was implemented in ee/app/models/ee/merge_request.rb with the new method target_branch_pipelines_for_comparison.

During code review, it was noted that:

The MergeRequest model has many methods with similar names, making it confusing
This logic would be better suited in a Finder class for better separation of concerns and maintainability

Proposal

Move the pipeline comparison logic from ee/app/models/ee/merge_request.rb into a new Finder class (e.g., Security::MergeRequest::PipelinesFinder or similar).

This should include:

The target_branch_pipelines_for_comparison method
Any related helper methods
Appropriate tests

Benefits

Better separation of concerns
Improved code organization and maintainability
Easier to test in isolation
Reduces complexity in the MergeRequest model

Implemented in: !207751
Original issue: #547898

Edited Nov 04, 2025 by 🤖 GitLab Bot 🤖

Refactor MR security pipeline comparison logic into a Finder

Summary

Background

Proposal

Benefits

Related