Prior to this commit, if we wanted to compare changes between two
branches in different repositories - for instance, creating an MR from
a fork child to a fork parent - the commits for the fork child end up
in the fork parent's repository. Even if no MR is created, the commits
remain accessible until a garbage collection run is completed.

Since GitLab acts as a SHA oracle, these commits can be found by anyone
with access to the target project, which has a security impact.

Forks are not allowed to be more visible than their parents, but they
are allowed to be less visible, so putting their commits into the fork
parent is a bad idea.

Instead, we can do the comparison in the fork child's repository; the
commit for the target branch can be fetched with the same mechanism we
use for child -> parent fetches at the moment. This prevents disclosure
in the most common case.

This should also have a positive performance impact - a fork child will
already have the commit from the fork parent far more often than the
fork parent, so we'll need to do fetches less often.

Even though this is a security fix, I pulled the code for the affected
method out into a separate class to make the changes clearer. Roughly
the same number of lines are removed or altered; a few more are added,
but I think the increased clarity is worthwhile in this case.