Support a conversion/extraction corner case as usable (#2214)

There is a corner case where there was an unresolvable `last_affected`
version, but a(n assumed) `fixed` commit (extracted from reference URLs
most commonly) and so the failure to resolve the `last_affected`
shouldn't be treated as unusable data overall for conversion.

Harmonize the ordering of potentially unnecessary work in
CVEToPackageInfo and CVEToOSV

---------

Co-authored-by: Oliver Chang <oliverchang@users.noreply.github.com>

vulnfeeds/cmd/nvd-cve-osv/main.go

@@ -289,7 +289,7 @@ func CVEToOSV(CVE cves.CVE, repos []string, cache git.RepoTagsCache, directory s
 			}
 		}
 
-		if versions.HasLastAffectedVersions() && !hasAnyLastAffectedCommits {
+		if versions.HasLastAffectedVersions() && !hasAnyLastAffectedCommits && !hasAnyFixedCommits {
 			return fmt.Errorf("[%s]: Failed to convert last_affected version tags to commits: %#v %w", CVE.ID, versions, ErrUnresolvedFix)
 		}
 	}
@@ -372,18 +372,18 @@ func CVEToPackageInfo(CVE cves.CVE, repos []string, cache git.RepoTagsCache, dir
 		}
 	}
 
+	if versions.HasFixedVersions() && !hasAnyFixedCommits {
+		return fmt.Errorf("[%s]: Failed to convert fixed version tags to commits: %#v %w", CVE.ID, versions, ErrUnresolvedFix)
+	}
+
 	hasAnyLastAffectedCommits := false
 	for _, repo := range repos {
 		if versions.HasLastAffectedCommits(repo) {
 			hasAnyLastAffectedCommits = true
 		}
 	}
 
-	if versions.HasFixedVersions() && !hasAnyFixedCommits {
-		return fmt.Errorf("[%s]: Failed to convert fixed version tags to commits: %#v %w", CVE.ID, versions, ErrUnresolvedFix)
-	}
-
-	if versions.HasLastAffectedVersions() && !hasAnyLastAffectedCommits {
+	if versions.HasLastAffectedVersions() && !hasAnyLastAffectedCommits && !hasAnyFixedCommits {
 		return fmt.Errorf("[%s]: Failed to convert last_affected version tags to commits: %#v %w", CVE.ID, versions, ErrUnresolvedFix)
 	}