• This is a bug report
• This is a feature request
• I searched existing issues before opening this one

Describe the feature

Adding support for fingerprints in SARIF (Static Analysis Results Interchange Format) allows for the de-duplication of results across multiple scans or runs. This would be very helpful to track all the findings without the additional noise of duplicate findings.

Examples

For any type of findings, I want to be able to run hadolint -f sarif Dockerfile and see fingerprints or partialFingerprints. This way I can compare previous SARIF outputs to see if specific findings were already reported.

Additional environment details (OS, stack version, etc.)
OASIS documentation for fingerprints