Creating Tickets & Pull Requests

tickets may be created for any soos issue types docid 8fxcbjqlebogp t7wuesu by integrating with jira docid\ cjyiue8qyifgmtuo gvto , , github docid 3ztttng xh7zn3jdrov9s , and shortcut docid\ o8atzahegdel0zwbeseh3 soos can generate fix tickets for your team to triage and implement at their own discretion the create ticket button will be available at the bottom of the issue detail view for accounts that have integrated with an issue management system the create pull request button will also be available if the account is integrated with github either or both of these buttons will be disabled when an integration has not been setup (as shown below for pull requests) use the syntax dropdown to select either update or manifest soos will provide fix information using the syntax that corresponds with the format that was selected select the desired package version to include in the fix information creating a ticket to push fix information to an integrated issue management system select create ticket soos will display the title and description for the ticket to be submitted notice the fix information following the chosen syntax is included both the title and description can be edited by the user to enhance or modify the information that will display in the ticketing system select create when complete for accounts with github integrations only if both a fix ticket and pull request are desired select the create pull request checkbox at the bottom of the window to perform both actions together this works, even if github is not used as the issue management system ticket creation dialog issues without fixes some issues may not have newer package versions available to upgrade to, or the newer versions may not be vulnerability free soos will indicate when this occurs and will not include the syntax selection option a ticket may still be created to allow developers to research and fix independently (this is also the case for violation and unknown package issue types) alternatively, these issues may be suppressed, using the creating issue suppressions & attestations docid\ inbrolrzqnfvkihn08fnd dast web vulnerabilities & sast code issues dast web vulnerabilities and sast code issues do not have automatic fixes available, but will typically include recommend actions to take to correct the identified problem the only difference from sca, sbom, and container ticket creation is that there will not be any suggested version upgrade syntax included both dast and sast issues allow tickets to be created, so the issue can be tracked in an issue management system moving issues back to unaddressed issues may be moved back to the unaddressed issue state in soos at any point after locating the issue in the pending tab this will remove the link between the issue in soos and the issue management system, but will not remove the ticket in the issue management system move issue back to unaddressed button and dialog