// Copyright 2023 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.

package semver

import "golang.org/x/vuln/internal/osv"

// NonSupersededFix returns a fixed version from ranges
// that is not superseded by any other fix or any other
// introduction of a vulnerability. Returns "" in case
// there is no such fixed version.
func NonSupersededFix(ranges []osv.Range) string {
	var latestFixed string
	for _, r := range ranges {
		if r.Type == "SEMVER" {
			for _, e := range r.Events {
				fixed := e.Fixed
				if fixed != "" && Less(latestFixed, fixed) {
					latestFixed = fixed
				}
			}

			// If the vulnerability was re-introduced after the latest fix
			// we found, there is no latest fix for this range.
			for _, e := range r.Events {
				introduced := e.Introduced
				if introduced != "" && introduced != "0" && Less(latestFixed, introduced) {
					latestFixed = ""
					break
				}
			}
		}
	}
	return latestFixed
}