sharang/compliance-scanner-agent
1
0
Fork 0
Code Issues 51 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity
Files
v0.2.0
compliance-scanner-agent/docs/guide/issues.md
Sharang Parnerkar 3ec1456b0d
All checks were successful
CI / Clippy (push) Successful in 4m56s
Details
CI / Security Audit (push) Successful in 1m48s
Details
CI / Tests (push) Successful in 5m36s
Details
CI / Deploy MCP (push) Has been skipped
Details
CI / Format (push) Successful in 6s
Details
CI / Detect Changes (push) Successful in 4s
Details
CI / Deploy Agent (push) Successful in 2s
Details
CI / Deploy Dashboard (push) Successful in 2s
Details
CI / Deploy Docs (push) Successful in 3s
Details
docs: rewrite user-facing documentation with screenshots (#11)
2026-03-11 15:26:00 +00:00

2.8 KiB
Raw Permalink Blame History

Issues & Tracking

Certifai automatically creates issues in your existing issue trackers when new security findings are discovered. This integrates security into your development workflow without requiring teams to check a separate tool.

How Issues Are Created

When a scan discovers new findings, the following happens automatically:

  1. Each new finding is checked against existing issues using its fingerprint
  2. If no matching issue exists, a new issue is created in the configured tracker
  3. The issue includes the finding title, severity, vulnerability details, file location, and a link back to the finding in Certifai
  4. The finding is updated with a link to the external issue

This means every actionable finding gets tracked in the same system your developers already use.

Issues List

Navigate to Issues in the sidebar to see all tracker issues across your repositories.

Issues list showing tracker issues

The issues table shows:

Column Description
Tracker Badge showing GitHub, GitLab, Gitea, or Jira
External ID Issue number in the external system
Title Issue title
Status Open, Closed, or tracker-specific status
Created When the issue was created
Link Direct link to the issue in the external tracker

Click the link to go directly to the issue in your tracker.

Supported Trackers

Tracker How to Configure
GitHub Issues Set up in the repository's issue tracker settings with your GitHub API token
GitLab Issues Set up with your GitLab project ID, instance URL, and API token
Gitea Issues Set up with your Gitea repository details, instance URL, and API token
Jira Set up with your Jira project key, instance URL, email, and API token

Issue tracker configuration is per-repository. You set it up when adding or editing a repository.

Deduplication

Issues are deduplicated using the same fingerprint hash that deduplicates findings. This means:

  • If the same vulnerability appears in consecutive scans, only one issue is created
  • If a finding is resolved and then reappears, the platform recognizes it and can reopen the existing issue rather than creating a duplicate
  • Different findings (even if similar) get separate issues because their fingerprints differ based on file path, line number, and vulnerability type

Linked Issues in Finding Detail

When viewing a finding's detail page, you will see a Linked Issue section if an issue was created for that finding. This provides a direct link to the external tracker issue, making it easy to jump between the security context in Certifai and the development workflow in your tracker.

Reference in New Issue View Git Blame Copy Permalink