Dependency checker is not checking versions correctly

[phlax]

Description

The dependency checker (that checks deps configured in repository_locations.bzl and opens github tickets) opens a new ticket when there is a newer version

It seems however that the versions are not checked correctly, for example with #19106

The suggested version is both less than the ticket that it closed and the current version used in the repo

[phlax]

cc @ME-ON1

[kfaseela]

I would like to work on this :)

[phlax]

i guess the priority is just to fix the version issue, but i would just flag that there are possibly some other issues with this script around handling of release dates <> last commit dates

my longer term thought had been to move this to https://github.com/envoyproxy/pytooling and to add unit tests and type checking to it

[ME-ON1]

maintainer released a new version 1.6.2 yesterday and 1.8.2 was version released in October. So i think tool is working fine and maintainer did a mistake in naming the release version
here -> https://github.com/edenhill/librdkafka/releases

[phlax]

im thinking it should respect the version rather than release date tho - its valid to release 1.6.3 after 1.8.2 for example

[ME-ON1]

yes it can but what if like for example 1.6.2 is the latest package released and 1.8.2 being older as in this case. And we look for latest release version by this tool.

Also is 1.6.2 is the version we want to updating.

[phlax]

we want to update to the latest (ie highest version number) which in this case 1.8.x

[ME-ON1]

sure then just have to compare the release version number and it will work

[phlax]

i think this was fixed in #19111