bridgecrewio
Include fingerprint in SARIF output
Describe the feature
Adding support for fingerprints in SARIF (Static Analysis Results Interchange Format) allows for the de-duplication of results across multiple scans or runs. This would be very helpful to track all the findings without the additional noise of duplicate findings.
Examples
For any type of findings, I want to be able to run checkov -d . -o sarif and see fingerprints or partialFingerprints. This way I can compare previous SARIF outputs to see if specific findings were already reported
Additional context
OASIS documentation for fingerprints
Thanks for contributing to Checkov! We've automatically marked this issue as stale to keep our issues list tidy, because it has not had any activity for 6 months. It will be closed in 14 days if no further activity occurs. Commenting on this issue will remove the stale tag. If you want to talk through the issue or help us understand the priority and context, feel free to add a comment or join us in the Checkov slack channel at codifiedsecurity.slack.com Thanks!
![stale[bot] avatar](https://avatars.githubusercontent.com/in/1724?v=4 "Published by a pub.dev verified publisher"){kind=small}