AdvisoryV2 latest_per_avid() fallback query is never executed

[ziadhany]

There appears to be a problem with this logic. I believe the else: block is completely unreachable (dead code).

If an AdvisoryAlias is not found, AdvisoryAlias.objects.get() raises AdvisoryAlias.DoesNotExist, causing execution to jump directly to the except block, which immediately calls continue. As a result, the fallback logic that queries AdvisoryV2 latest_per_avid is never executed.

https://github.com/aboutcode-org/vulnerablecode/blob/main/vulnerabilities/pipelines/v2_improvers/enhance_with_exploitdb.py#L87C1-L97C1

        try:
            if alias := AdvisoryAlias.objects.get(alias=raw_alias):
                for adv in alias.advisories.all():
                    advisories.add(adv)
            else:
                advs = AdvisoryV2.objects.filter(advisory_id=raw_alias).latest_per_avid()
                for adv in advs:
                    advisories.add(adv)
        except AdvisoryAlias.DoesNotExist:
            continue

This issue appears to affect the following pipelines:

• exploitdb_v2.ExploitDBImproverPipeline
  https://github.com/aboutcode-org/vulnerablecode/blob/main/vulnerabilities/pipelines/v2_improvers/enhance_with_exploitdb.py#L86

• enhance_with_kev_v2.VulnerabilityKevPipeline,
  https://github.com/aboutcode-org/vulnerablecode/blob/main/vulnerabilities/pipelines/v2_improvers/enhance_with_kev.py#L75

• enhance_with_metasploit_v2.MetasploitImproverPipeline,
  https://github.com/aboutcode-org/vulnerablecode/blob/main/vulnerabilities/pipelines/v2_improvers/enhance_with_metasploit.py#L80

• enhance_with_github_poc.GithubPocsImproverPipeline
  https://github.com/aboutcode-org/vulnerablecode/blob/main/vulnerabilities/pipelines/v2_improvers/enhance_with_github_poc.py#L65

In any case, I think it would be better to have a test covering this code path.

[TG1999]

This is fixed in #2340