TypeError in set_hash_code of Finding by calling deduplicationLogger.debug() with self.id caused by process_findings()

I have this ENV set in my self-hosted DefectDojo Server:
`DD_DEBUG: 'True'`

If I use the `reimport-scan` API to upload a scan with new findings, I see this error in my logs:
```
11/Dec/2025 20:58:44] DEBUG [dojo.importers.default_importer:105] IMPORT_SCAN: parameters: {'self': <dojo.importers.default_importer.DefaultImporter object at 0x7efc66068ec0>, 'scan': <TemporaryUploadedFile: pip-audit.test.json (application/octet-stream)>, 'args': (), 'kwargs': {}}
[11/Dec/2025 20:58:44] DEBUG [dojo.importers.default_importer:392] IMPORT_SCAN: Parse findings
[11/Dec/2025 20:58:44] DEBUG [dojo.importers.default_importer:173] starting import of 2 parsed findings.
[11/Dec/2025 20:58:44] DEBUG [dojo.importers.default_importer:197] process_parsed_finding: unique_id_from_tool: None, hash_code: None, active from report: True, verified from report: False
[11/Dec/2025 20:58:44] DEBUG [dojo.specific-loggers.deduplication:2242] using HASHCODE_FIELDS_PER_SCANNER for test_type.name: pip-audit Scan
[11/Dec/2025 20:58:44] DEBUG [dojo.specific-loggers.deduplication:2253] HASHCODE_FIELDS_PER_SCANNER is: ['vuln_id_from_tool', 'component_name', 'component_version'] + HASH_CODE_FIELDS_ALWAYS: ['service']
[11/Dec/2025 20:58:44] DEBUG [dojo.specific-loggers.deduplication:2950] computing hash_code for finding id None based on: vuln_id_from_tool, component_name, component_version
[11/Dec/2025 20:58:44] DEBUG [dojo.specific-loggers.deduplication:2967] vuln_id_from_tool : PYSEC-2019-179
[11/Dec/2025 20:58:44] DEBUG [dojo.specific-loggers.deduplication:2967] component_name : flask
[11/Dec/2025 20:58:44] DEBUG [dojo.specific-loggers.deduplication:2967] component_version : 0.5
[11/Dec/2025 20:58:44] DEBUG [dojo.specific-loggers.deduplication:2975] compute_hash_code - fields_to_hash = PYSEC-2019-179flask0.5
[11/Dec/2025 20:58:44] DEBUG [dojo.models:3044] fields_to_hash      : PYSEC-2019-179flask0.5
[11/Dec/2025 20:58:44] DEBUG [dojo.models:3045] fields_to_hash lower: pysec-2019-179flask0.5
--- Logging error ---
Traceback (most recent call last):
  File "/usr/local/lib/python3.13/logging/__init__.py", line 1151, in emit
    msg = self.format(record)
  File "/usr/local/lib/python3.13/logging/__init__.py", line 999, in format
    return fmt.format(record)
           ~~~~~~~~~~^^^^^^^^
  File "/usr/local/lib/python3.13/logging/__init__.py", line 712, in format
    record.message = record.getMessage()
                     ~~~~~~~~~~~~~~~~~^^
  File "/usr/local/lib/python3.13/logging/__init__.py", line 400, in getMessage
    msg = msg % self.args
          ~~~~^~~~~~~~~~~
TypeError: %i format: a real number is required, not NoneType
Call stack:
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/wsgi.py", line 124, in __call__
    response = self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/base.py", line 140, in get_response
    response = self._middleware_chain(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/utils/deprecation.py", line 129, in __call__
    response = response or self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/app/dojo/middleware.py", line 190, in __call__
    response = self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/app/dojo/middleware.py", line 120, in __call__
    return self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/utils/deprecation.py", line 129, in __call__
    response = response or self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/utils/deprecation.py", line 129, in __call__
    response = response or self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/utils/deprecation.py", line 129, in __call__
    response = response or self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/utils/deprecation.py", line 129, in __call__
    response = response or self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/utils/deprecation.py", line 129, in __call__
    response = response or self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/utils/deprecation.py", line 129, in __call__
    response = response or self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/utils/deprecation.py", line 129, in __call__
    response = response or self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/app/dojo/middleware.py", line 80, in __call__
    return self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/app/dojo/middleware.py", line 211, in __call__
    return self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.13/site-packages/social_django/middleware.py", line 29, in __call__
    return self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/app/dojo/middleware.py", line 225, in __call__
    return self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.13/site-packages/crum/__init__.py", line 97, in __call__
    response = self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/app/dojo/middleware.py", line 225, in __call__
    return self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/utils/deprecation.py", line 129, in __call__
    response = response or self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/utils/deprecation.py", line 129, in __call__
    response = response or self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/app/dojo/middleware.py", line 261, in __call__
    response = self.get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/exception.py", line 55, in inner
    response = get_response(request)
  File "/usr/local/lib/python3.13/site-packages/django/core/handlers/base.py", line 197, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/local/lib/python3.13/site-packages/django/views/decorators/csrf.py", line 65, in _view_wrapper
    return view_func(request, *args, **kwargs)
  File "/usr/local/lib/python3.13/site-packages/rest_framework/viewsets.py", line 125, in view
    return self.dispatch(request, *args, **kwargs)
  File "/usr/local/lib/python3.13/site-packages/rest_framework/views.py", line 512, in dispatch
    response = handler(request, *args, **kwargs)
  File "/usr/local/lib/python3.13/site-packages/rest_framework/mixins.py", line 19, in create
    self.perform_create(serializer)
  File "/app/dojo/api_v2/views.py", line 2667, in perform_create
    serializer.save(push_to_jira=push_to_jira)
  File "/app/dojo/api_v2/serializers.py", line 2617, in save
    self.process_scan(auto_create_manager, data, context)
  File "/app/dojo/api_v2/serializers.py", line 2577, in process_scan
    ).process_scan(
  File "/app/dojo/importers/default_importer.py", line 114, in process_scan
    new_findings = self.determine_process_method(parsed_findings, **kwargs)
  File "/app/dojo/importers/base_importer.py", line 267, in determine_process_method
    return self.sync_process_findings(
  File "/app/dojo/importers/base_importer.py", line 260, in sync_process_findings
    return self.process_findings(parsed_findings, sync=True, **kwargs)
  File "/app/dojo/importers/default_importer.py", line 214, in process_findings
    finding.set_hash_code(True)
  File "/app/dojo/models.py", line 3512, in set_hash_code
    deduplicationLogger.debug("Hash_code computed for finding %i: %s", self.id, self.hash_code)
Message: 'Hash_code computed for finding %i: %s'
Arguments: (None, '04928cb54009348878e79162e1bb62d2c81608e94425d552ed222bfc87c1480a')
```

I think the problem is in `dojo/importers/default_importer.py` in class `DefaultImporter(BaseImporter, DefaultImporterOptions):` and this method `process_findings`.
There is this part:
```
            finding = self.process_cve(unsaved_finding)
            # Calculate hash_code before saving based on unsaved_endpoints and unsaved_vulnerability_ids
            finding.set_hash_code(True)
```
and inside `set_hash_code` there is this part:
```
        elif dedupe_option:
            if self.hash_code is not None:
                deduplicationLogger.debug("Hash_code already computed for finding %i", self.id)
            else:
                self.hash_code = self.compute_hash_code()
                deduplicationLogger.debug("Hash_code computed for finding %i: %s", self.id, self.hash_code)
```
self.id is here None and not an integer as stated in the comment in `process_findings`:
`# Calculate hash_code before saving`so if the finding is not saved, there is no self.id for this finding.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

TypeError in set_hash_code of Finding by calling deduplicationLogger.debug() with self.id caused by process_findings() #13870

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

TypeError in set_hash_code of Finding by calling deduplicationLogger.debug() with self.id caused by process_findings() #13870

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions