Github SAST Scan duplicate findings due to hashcode issue
Bug description
Github SAST Scan uses line as field its hashcode. These alerts in GitHub change lines often, causing duplicate findings to be created for the same alert when re-uploading a scan.
"Github SAST Scan": ["vuln_id_from_tool", "severity", "file_path", "line"]
Steps to reproduce
Steps to reproduce the behavior:
- Import a test with findings using Github SAST Scan scan type
- Change the line number on one of the findings
- Re-upload the test/scan
- Observe duplicate finding
Expected behavior
The line field should not factor into the hash code, and the alert should only be uploaded once.