diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py index 611bad2b65..9597b395c2 100644 --- a/dojo/settings/settings.dist.py +++ b/dojo/settings/settings.dist.py @@ -1241,7 +1241,7 @@ def saml2_attrib_map_format(dict): 'KubeHunter Scan': ['title', 'description'], 'kube-bench Scan': ['title', 'vuln_id_from_tool', 'description'], 'Threagile risks report': ['title', 'cwe', "severity"], - 'Trufflehog Scan': ['title', 'description', 'line'], + 'Trufflehog Scan': ['url'], 'Humble Json Importer': ['title'], 'MSDefender Parser': ['title', 'description'], 'HCLAppScan XML': ['title', 'description'], @@ -1319,7 +1319,7 @@ def saml2_attrib_map_format(dict): # List of fields that are known to be usable in hash_code computation) # 'endpoints' is a pseudo field that uses the endpoints (for dynamic scanners) # 'unique_id_from_tool' is often not needed here as it can be used directly in the dedupe algorithm, but it's also possible to use it for hashing -HASHCODE_ALLOWED_FIELDS = ['title', 'cwe', 'vulnerability_ids', 'line', 'file_path', 'payload', 'component_name', 'component_version', 'description', 'endpoints', 'unique_id_from_tool', 'severity', 'vuln_id_from_tool', 'mitigation'] +HASHCODE_ALLOWED_FIELDS = ['title', 'cwe', 'vulnerability_ids', 'line', 'file_path', 'payload', 'component_name', 'component_version', 'description', 'endpoints', 'unique_id_from_tool', 'severity', 'vuln_id_from_tool', 'mitigation', 'url'] # Adding fields to the hash_code calculation regardless of the previous settings HASH_CODE_FIELDS_ALWAYS = ['service'] diff --git a/dojo/tools/trufflehog/parser.py b/dojo/tools/trufflehog/parser.py index 77235356c6..b939e2f8dc 100644 --- a/dojo/tools/trufflehog/parser.py +++ b/dojo/tools/trufflehog/parser.py @@ -190,7 +190,7 @@ def get_findings_v3(self, data, test): references="N/A", file_path=file, line=line_number, # setting it to a fake value to activate deduplication - url="N/A", + url=link, dynamic_finding=False, static_finding=True, nb_occurences=1