Skip to content

log a line when custom hash method is used #13679

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 14, 2025
Merged

log a line when custom hash method is used #13679

merged 1 commit into from
Nov 14, 2025

Conversation

@valentijnscholten
Copy link
Member

@valentijnscholten valentijnscholten commented Nov 11, 2025
edited
Loading

add some logging to make it explicit and clear when debugging hash code issues.

@valentijnscholten valentijnscholten added this to the 2.53.0 milestone Nov 11, 2025
@dryrunsecurity
Copy link

dryrunsecurity bot commented Nov 11, 2025

DryRun Security

🔴 Risk threshold exceeded.

This pull request modifies a sensitive file (dojo/models.py), and the scanner detected sensitive edits; you can configure sensitive file paths and allowed authors in .dryrunsecurity.yaml. The finding is marked with a failing risk threshold but is not set to block the PR.

🔴 Configured Codepaths Edit in dojo/models.py
Vulnerability Configured Codepaths Edit
Description Sensitive edits detected for this file. Sensitive file paths and allowed authors can be configured in .dryrunsecurity.yaml.

We've notified @mtesauro.

All finding details can be found in the DryRun Security Dashboard.

dogboat
dogboat approved these changes Nov 12, 2025
View reviewed changes
Copy link
Contributor

@dogboat dogboat left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved, one thought that can be safely ignored.

dojo/models.py
def set_hash_code(self, dedupe_option):
from dojo.utils import get_custom_method # noqa: PLC0415 circular import
if hash_method := get_custom_method("FINDING_HASH_METHOD"):
deduplicationLogger.debug("Using custom hash method")
Copy link
Contributor

@dogboat dogboat Nov 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since this is for debug, is there any value in including the method name (either from the given setting or by stringifying the resolved method)?

Copy link
Contributor

@mtesauro mtesauro Nov 13, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@valentijnscholten Before I approve and merged this I wanted to give you a chance to comment here.

@mtesauro mtesauro merged commit 19dc283 into DefectDojo:dev Nov 14, 2025
149 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dogboat dogboat dogboat approved these changes

@Maffooch Maffooch Maffooch approved these changes

@Jino-T Jino-T Jino-T approved these changes

@blakeaowens blakeaowens blakeaowens approved these changes

@mtesauro mtesauro Awaiting requested review from mtesauro mtesauro is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

2.53.0

Development

Successfully merging this pull request may close these issues.

6 participants

@valentijnscholten @mtesauro @dogboat @Maffooch @Jino-T @blakeaowens