By integrating with Jira and/or GitHub, SOOS can generate fix tickets and/or pull requests for your team to triage and implement at their own discretion. 

When viewing SCA vulnerability, typo, or substitution issues Create Ticket and Create Pull Request buttons will be available at the bottom of the issue detail view for integrated accounts.  These buttons will be visible but unavailable to click when an integration has not been completed.

  1. Use the Syntax dropdown to select either Update or Manifest. SOOS will provide fix information using the syntax that corresponds with the format that was selected.
  2. Select the desired package version to include in the fix information.
To create a fix ticket
  1. To push fix information to an integrated issue management system select Create Ticket.  
  2. SOOS will display the Title and Description contents for the ticket to be submitted.  Notice the fix information following the chosen syntax is included.  Both the title and description can be edited by the user to enhance or modify the information that will display in the ticketing system.
  3. Select Create when complete.
    • If both a fix ticket and pull request are desired click the Create Pull Request checkbox at the bottom of the window to perform both actions together.


  • Some issues may not have a vulnerability-free package version available to implement.  SOOS will flag these cases and will not include the Syntax selection option.  
    • A ticket may still be created to allow developers to research and fix independently.
  • DAST web vulnerabilities will also not include the Syntax selection, but will provide recommend actions to take to correct the identified vulnerability, and will allow a ticket to be created for developers to follow-up on.
To create a pull request
  1. To send a pull request to GitHub , independent of a fix ticket, select Create Pull Request.
  2. SOOS will automatically create a pull request in GitHub and display the following message to indicate a successful pull request generation.  Read our GitHub Pull Requests article for details about this feature.
Keeping track of pending fixes
  1. Once a ticket or pull request is created, it will get moved to the Pending Issues list.  The issue will now display a link that can be used to view the corresponding ticket and/or pull request.

  2. The next time SOOS runs a scan and no longer finds the issue, it will be moved to the Resolved Issues list.