Fix Duplicate Findings in Github SAST Scan by Improving Hash Code

[Logicmn]

Description

This is an update to the fields used to generate the hash code for Github SAST Scan findings. As explained in this issue, currently the line field is used in the hash code. Since these alerts in change lines in GitHub often, it creates duplicate findings for the same alert when re-uploading a scan.

To fix this, I propose replacing the line field with the url field in the hash code. The format of the url field is:
https://github.com/OWASP/test-repository/security/code-scanning/35

This includes the organization, the repository, as well as the alert id. Because the alert id is only unique at the repository level, including only the alert id would not be enough; The organization and repository name is necessary as well. The url field conveniently contains all three. The url field is already populated by the parser, which pulls it from the html_url field in the GitHub alert. It can be expected that this field will always exist.

[valentijnscholten]

The url field currently is not allowed as hash_code field. It could be interesting to try out if it works well. Can you add it to HASHCODE_ALLOWED_FIELDS (same file) and do some testing? You may have to recalculate your hash_codes using the dedupe management command.

@Maffooch Another example of where it might be helpful if we would allow parser to calculate a hash based on fields in the report that are not stored in defect dojo.