From 459c46b92f1da3266423cbaa1dedfd1d9e19dd18 Mon Sep 17 00:00:00 2001
From: Zeke <zeketierkel@gmail.com>
Date: Tue, 11 Nov 2025 15:22:20 -0500
Subject: [PATCH 1/2] Remove line and add url to hash code

---
 dojo/settings/settings.dist.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dojo/settings/settings.dist.py b/dojo/settings/settings.dist.py
index 8e636470db4..bf4da477e12 100644
--- a/dojo/settings/settings.dist.py
+++ b/dojo/settings/settings.dist.py
@@ -1354,7 +1354,7 @@ def saml2_attrib_map_format(din):
     "JFrog Xray On Demand Binary Scan": ["title", "component_name", "component_version"],
     "Scout Suite Scan": ["file_path", "vuln_id_from_tool"],  # for now we use file_path as there is no attribute for "service"
     "Meterian Scan": ["cwe", "component_name", "component_version", "description", "severity"],
-    "Github SAST Scan": ["vuln_id_from_tool", "severity", "file_path", "line"],
+    "Github SAST Scan": ["vuln_id_from_tool", "severity", "file_path", "url"], # url is the github alert url
     "Github Vulnerability Scan": ["title", "severity", "component_name", "vulnerability_ids", "file_path"],
     "Github Secrets Detection Report": ["title", "file_path", "line"],
     "Solar Appscreener Scan": ["title", "file_path", "line", "severity"],

From 7945fc0a764c883c3399edd8fe4bfc3bb0fe3fbc Mon Sep 17 00:00:00 2001
From: Zeke <zeketierkel@gmail.com>
Date: Tue, 11 Nov 2025 15:34:51 -0500
Subject: [PATCH 2/2] Add comment to parser docs about edge cases

---
 docs/content/supported_tools/parsers/file/github_sast.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/content/supported_tools/parsers/file/github_sast.md b/docs/content/supported_tools/parsers/file/github_sast.md
index a551d9ea0ef..c7ee802a026 100644
--- a/docs/content/supported_tools/parsers/file/github_sast.md
+++ b/docs/content/supported_tools/parsers/file/github_sast.md
@@ -5,5 +5,7 @@ toc_hide: true
 Import findings in JSON format from Github Code Scanning REST API:
 <https://docs.github.com/en/rest/code-scanning/code-scanning>
 
+It is important to note that DefectDojo creates a hash code for Github SAST Scan findings based on the `html_url` field in the uploaded alert. If your organization goes through an Enterprise Managed Users (EMU) migration, or an Enterprise Cloud or Serve migration, this field could change. This would cause some duplication in findings.
+
 ### Sample Scan Data
 Sample Github SAST scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/github_sast).
\ No newline at end of file