django-DefectDojo icon indicating copy to clipboard operation
django-DefectDojo copied to clipboard

Published 20 hours ago verified publisher icon DefectDojo

Always populate unique_id_from_tool

Open madeoninfo opened this issue 2 years ago • 3 comments

Created a unique_id_from_tool that is always populated and identifies a finding with a specific component, even if there is no CVE or XRAY report

madeoninfo avatar May 24 '22 20:05 madeoninfo

@madeoninfo I like this idea as it would ultimately help with duplication for the Jfrog parser. I am somewhat nervous of overriding something that should be coming from the tool and nowhere else.

@StefanFl @damiencarol what are your thoughts?

Maffooch avatar May 25 '22 23:05 Maffooch

I don't see why the unique_id_from_tool is set in this parser. As @Maffooch said, this field should be set with a unique id that comes from the tool and you can find the finding in the tool using this id. But the parser does set this field already in many cases and this PR just adds one case.

Currently there are no settings for deduplication for this parser, so the default settings are used, which don't work very reliable. It would be good to think about a setting how to calculate the hash_code and to use the hash_code for deduplication.

StefanFl avatar May 27 '22 05:05 StefanFl

I agree, the parser should not try to put fake id in unique_id_from_tool field. @StefanFl the deduplication conf is not set? Maybe that's the reason for this PR, @madeoninfo ?

damiencarol avatar May 28 '22 09:05 damiencarol

Closing as this is not an optimal solution

Maffooch avatar Sep 30 '22 06:09 Maffooch