Versions Compared

Old Version 156

changes.mady.by.user Ray O'Meara

Saved on

compared with

New Version Current

changes.mady.by.user Ray O'Meara

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Version 6.3.2

Child pages (Children Display)

The Black Duck JIRA Jira plugin is a JIRA Jira add-on that enables organizations to use JIRA Jira to manage and track issues detected by Black Duck that are related to your use of open source software.

Black Duck is a risk management tool, designed to help you manage the logistics of using open source software in your organization. JIRA Jira is an issue tracking application that enables software development organizations to track and manage issues related to the software applications they are developing.  

Click here if you are looking for the Black Duck Jira migration tool version.  

Info

Important updates regarding

JIRA

Jira support

Atlassian no longer supports JIRA Jira 7.x versions and has announced its end of life. Synopsys only maintained the JIRA Jira version 6.2.0 plugin for maintenance issues only while Atlassian was supporting a 7.x version of JIRAJira.

The following changes apply to Synopsys’ support model for JIRAJira.

  • Synopsys ceased all JIRA all Jira 7.x support according to Atlassian’s support policy for JIRA versions.
  • You can remain on the JIRA 6the Jira6.2.0 plugin through the end of 2020.
  • Synopsys added the ability to support JIRA support Jira on-prem versions 8.0.0 and above within Synopsys Alert as a new Alert channel, starting with Alert version 5.2.0. 

To migrate from the existing JIRA existing Jira plugin to Alert and move from JIRA from Jira 7 to JIRA 8, use the following process:

  1. Ensure your JIRA your Jira instance is version 8.0 or higher.
  2. Run the migration script that Synopsys provides with the Alert version 5.2.0 release to ensure Alert can successfully identify and manage your legacy and existing Jira issues.
  3. Configure and start using Alert. Configuration information is included in the Alert documentation.

Purpose 

The Black Duck JIRA Duck Jira plugin is designed for organizations that use JIRA use Jira and want to manage open source-related issues within JIRAwithin Jira, the same way you track other software development related issues. It enables you to use Black Duck to detect open source security risks, compliance issues, and policy violations, and to use JIRA use Jira to track those issues through the various steps required to investigate and resolve each one. Black Duck generates notifications as important events occur, and the Black Duck JIRA Duck Jira plugin reads those notifications from Black Duck. Some examples of notification events are:

...

In response to these notification events, the Black Duck JIRA Duck Jira plugin:

  • Responds to a new security vulnerability by creating a security vulnerability JIRA vulnerability Jira ticket to the track work on security vulnerabilities for the component.
  • Responds to a new policy violation by creating a policy violation JIRA violation Jira ticket to the track work on the policy violation for the component.
  • Responds to a manual override of policy violation by resolving the corresponding JIRA corresponding Jira issue.

After the Black Duck JIRA plugin Duck Jira plugin creates an issue in JIRAJira, you can take advantage of JIRAJira's capabilities to track and manage those issues. Issue-specific metadata is pulled from Black Duck into each plugin-created JIRA created Jira ticket, providing access to that data through JIRAJira's search and reporting capabilities.

...