Skip to content

unique_id_from_tool: clarify values and usage#12463

Merged
mtesauro merged 4 commits into
DefectDojo:bugfixfrom
valentijnscholten:unique_id_from_tool_remark
May 23, 2025
Merged

unique_id_from_tool: clarify values and usage#12463
mtesauro merged 4 commits into
DefectDojo:bugfixfrom
valentijnscholten:unique_id_from_tool_remark

Conversation

@valentijnscholten

@valentijnscholten valentijnscholten commented May 16, 2025

Copy link
Copy Markdown
Member

This PR clarifies this:

When using the unique_id_from_tool or vuln_id_from_tool fields in the hash code configuration, it's important that these are uqniue for the finding and constant over time across subsequent scans. If this is not the case, the values can still be useful to set on the finding model without using them for deduplication.

This is based on #12346 and #12446

@github-actions github-actions Bot added settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR docs labels May 16, 2025
@dryrunsecurity

dryrunsecurity Bot commented May 16, 2025
edited
Loading

Copy link
Copy Markdown

DryRun Security

No security concerns detected in this pull request.

All finding details can be found in the DryRun Security Dashboard.

@valentijnscholten valentijnscholten mentioned this pull request May 16, 2025
Closed
10 tasks
@valentijnscholten valentijnscholten mentioned this pull request May 19, 2025
Closed
@github-actions github-actions Bot added the New Migration Adding a new migration file. Take care when merging. label May 19, 2025
@valentijnscholten valentijnscholten added this to the 2.47.0 milestone May 19, 2025
@Maffooch Maffooch modified the milestones: 2.47.0, 2.46.4 May 20, 2025
mtesauro
mtesauro approved these changes May 21, 2025
View reviewed changes

@mtesauro mtesauro left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@Maffooch Maffooch requested review from dogboat and hblankenship May 22, 2025 03:40
@mtesauro mtesauro merged commit b35d46f into DefectDojo:bugfix May 23, 2025
78 checks passed
xansec pushed a commit to xansec/django-DefectDojo that referenced this pull request Jun 18, 2025
@valentijnscholten @xansec
unique_id_from_tool: clarify values and usage (DefectDojo#12463)
9d31f71 
* unique_id_from_tool_remark

* unique_id_from_tool_remark

* unique_id_from_tool_remark

* add migration for textual changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mtesauro mtesauro mtesauro approved these changes

@dogboat dogboat dogboat approved these changes

@Maffooch Maffooch Maffooch approved these changes

+1 more reviewer

@hblankenship hblankenship hblankenship approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

docs New Migration Adding a new migration file. Take care when merging. settings_changes Needs changes to settings.py based on changes in settings.dist.py included in this PR

Projects

None yet

Milestone

2.46.4

Development

Successfully merging this pull request may close these issues.

5 participants

@valentijnscholten @mtesauro @dogboat @hblankenship @Maffooch