NoMethodError: undefined method `to_hash' for nil:NilClass

Sentry Issue: GITLABCOM-FST2

NoMethodError: undefined method `to_hash' for nil:NilClass
  security/pipeline_vulnerabilities_finder.rb:92:in `block in normalize_report_occurrences'
    occurrence.build_scanner(report_occurrence.scanner.to_hash)
  security/pipeline_vulnerabilities_finder.rb:82:in `map'
    report_occurrences.map do |report_occurrence|
  security/pipeline_vulnerabilities_finder.rb:82:in `normalize_report_occurrences'
    report_occurrences.map do |report_occurrence|
  security/pipeline_vulnerabilities_finder.rb:32:in `block in execute'
    normalized_occurrences = normalize_report_occurrences(
  security/pipeline_vulnerabilities_finder.rb:29:in `each'
    occurrences = requested_reports.each_with_object([]) do |(type, report), occurrences|
...
(141 additional frame(s) were not displayed)

NoMethodError: undefined method `to_hash' for nil:NilClass

Technical Notes

The root cause of the issue is that we have some occurrences in some security reports without scanner information. Therefore when we try to call to_hash method on scanner attribute of those occurrences, we get NoMethodError here https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/finders/security/pipeline_vulnerabilities_finder.rb#L92.

The basic solution would be just discarding those occurrences from the list by following the suggestions here: #221074 (comment 358919150)

Important Note: Please add a warning message to Sentry if you decide to ignore those occurrences from the list to make it visible for us.

Edited by Mehmet Emin INAC