feat: add hashcode deduplication config for IriusRisk parser

skywalke34 · skywalke34 · commit d694f35dadd8 · 2026-03-04T13:19:27.000-07:00
Register IriusRisk Threats Scan in HASHCODE_FIELDS_PER_SCANNER and
DEDUPLICATION_ALGORITHM_PER_PARSER so deduplication uses title and
component_name rather than the legacy algorithm. These stable fields
ensure reimports match existing findings even when risk levels or
countermeasure progress change between scans. Update docs to match.

Authored by T. Walker - DefectDojo
diff --git a/docs/content/supported_tools/parsers/file/iriusrisk.md b/docs/content/supported_tools/parsers/file/iriusrisk.md
@@ -17,13 +17,10 @@ The IriusRisk parser accepts CSV file format. To generate this file from IriusRi
 
 ## Default Deduplication Hashcode Fields
 
-By default, DefectDojo identifies duplicate Findings using these [hashcode fields](https://docs.defectdojo.com/en/working_with_findings/finding_deduplication/about_deduplication/):
+DefectDojo identifies duplicate Findings using these [hashcode fields](https://docs.defectdojo.com/en/working_with_findings/finding_deduplication/about_deduplication/):
 
 - title
-- cwe
-- line
-- file_path
-- description
+- component_name
 
 ### Sample Scan Data
 
@@ -138,7 +135,7 @@ Findings are set to active by default. When the "Current Risk" value is "Very lo
 
 ### Deduplication
 
-Deduplication relies on DefectDojo's default hashcode algorithm, which uses the title, cwe, line, file_path, and description fields to identify duplicate findings.
+Deduplication uses DefectDojo's hashcode algorithm with the title and component_name fields to identify duplicate findings. These stable fields ensure that reimports correctly match existing findings even when risk levels or countermeasure progress change between scans.
 
 ### Duplicate Rows in Source Data
 
diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py
@@ -1488,6 +1488,7 @@ def saml2_attrib_map_format(din):
     "Snyk Issue API Scan": ["vuln_id_from_tool", "file_path"],
     "OpenReports": ["vulnerability_ids", "component_name", "component_version", "severity"],
     "n0s1 Scanner": ["description"],
+    "IriusRisk Threats Scan": ["title", "component_name"],
 }
 
 # Override the hardcoded settings here via the env var
@@ -1752,6 +1753,7 @@ def saml2_attrib_map_format(din):
     "OpenVAS Parser v2": DEDUPE_ALGO_HASH_CODE,
     "Snyk Issue API Scan": DEDUPE_ALGO_HASH_CODE,
     "OpenReports": DEDUPE_ALGO_HASH_CODE,
+    "IriusRisk Threats Scan": DEDUPE_ALGO_HASH_CODE,
 }
 
 # Override the hardcoded settings here via the env var

Original file line number	Diff line number	Diff line change
`@@ -1488,6 +1488,7 @@ def saml2_attrib_map_format(din):`
`1488`	`1488`	`"Snyk Issue API Scan": ["vuln_id_from_tool", "file_path"],`
`1489`	`1489`	`"OpenReports": ["vulnerability_ids", "component_name", "component_version", "severity"],`
`1490`	`1490`	`"n0s1 Scanner": ["description"],`
	`1491`	`+ "IriusRisk Threats Scan": ["title", "component_name"],`
`1491`	`1492`	`}`
`1492`	`1493`
`1493`	`1494`	`# Override the hardcoded settings here via the env var`
`@@ -1752,6 +1753,7 @@ def saml2_attrib_map_format(din):`
`1752`	`1753`	`"OpenVAS Parser v2": DEDUPE_ALGO_HASH_CODE,`
`1753`	`1754`	`"Snyk Issue API Scan": DEDUPE_ALGO_HASH_CODE,`
`1754`	`1755`	`"OpenReports": DEDUPE_ALGO_HASH_CODE,`
	`1756`	`+ "IriusRisk Threats Scan": DEDUPE_ALGO_HASH_CODE,`
`1755`	`1757`	`}`
`1756`	`1758`
`1757`	`1759`	`# Override the hardcoded settings here via the env var`