Unified Language User Guides
iCR User Guide 5.0
iCR User Guide 5.0
  • Table of contents
    • Introduction
    • Overview
    • Authorizing Access to Your Source Code
      • Authenticating GitHub Cloud Access Using OAuth
      • Authenticating GitHub Cloud Access Using PAT
      • Authenticating GitHub Enterprise Access Using OAuth
      • Authenticating GitHub Enterprise Access Using PAT
      • Authenticating GitLab Cloud Access Using OAuth
      • Authenticating GitLab Cloud Access Using PAT
      • Authenticating GitLab Enterprise Access Using OAuth
      • Authenticating GitLab Enterprise Access Using PAT
      • Authenticating Bitbucket Cloud Access using OAuth
    • Using the Navigator
      • Connecting to the Navigator
      • Setting your User Password
      • Updating your User Information
      • The Navigator top banner
      • The Analysis Engine status
      • Selecting Your Source Code
        • Using a cloud-based VCS
        • Selecting your branch
        • Using a private VCS
        • Using a local project
        • Limiting the files to be analyzed
      • Integrating with your bug tracking system
        • Integrating with Jira - Define Your Project
        • Integrating with Jira - Authorizing Access for iCR
        • Integrating with Jira - Connecting with iCR
    • Using the Analysis Engine
      • Initiating an analysis
      • Monitoring the analysis
      • Interrupting the analysis
    • Reviewing your results
      • Reviewer summary and filters
        • Filter by Severity
        • Filter by Category
        • Filter by CWE
        • Filter by OWASP
        • Filter by Directory
      • Reviewing a fix
      • Accepting a fix
        • Accepting a fix when integrated with your bug system
      • Rejecting a fix
        • Rejecting a fix when integrated with your bug system
      • Undoing a fix
        • Undoing a fix when integrated with your bug system
      • Rejected fix history
      • Providing feedback
      • Applying the fixes
      • Cases needing manual attention
      • Comparing Analyses
      • Capturing results for printing or sharing
      • Ending a reviewer session
    • When you are complete
    • Integrating iCR Into Your CI/CD Workflows
      • Jenkins Workflow
        • Installing the plugin
        • Configuring the plugin
          • Creating a Personal Access Token
          • Copying Your Repository's URL
        • Viewing the Results
      • GitHub Actions Workflow
        • GitHub Actions Overview
        • Preparing the GitHub Workflow
          • Environment Variables
          • User Supplied Secrets
          • Setting the User Defined Secrets Values
        • Executing the Workflow
      • GitLab CI/CD Workflow
        • GitLab CI/CD OverView
        • Configuring the GitLab Script variables
          • Environment Variables
          • User Supplied Variables
          • Creating a Personal Access Token
          • Setting the User Defined Variable Values
        • Executing the Workflow
      • Multiple Workflows
    • Appendix – Language Specific Fixer Lists
    • Appendix - Sample Bug Listing
    • Appendix - Getting a BitBucket App Password for JENKINS
Powered by GitBook
On this page
  1. Table of contents
  2. Reviewing your results
  3. Rejecting a fix

Rejecting a fix when integrated with your bug system

PreviousRejecting a fixNextUndoing a fix

Last updated 2 months ago

If you have , rejecting a fix has an additional consequence. By rejecting a fix, when you are integrated with a bug tracking system, the rejection decision will be reflected into your bug database.

Let's look at how this works when using Jira Software to manage the bug database.

In , we created a new project to track bugs from iCR. We named it iCR-Bug-Tracking with a project key of IBT.

When a fix is rejected in the Reviewer, a new bug report is inserted into the Jira project. Here is what happens:

  • After rejecting the fix, go to the iCR-Bug-Tracking project in Jira

  • List all of the current issues in that project. It will display a new bug with the title matching the iCR fix ID

  • The Description field of the new bug will match the description summary from the Reviewer

  • Scrolling down through the content of the bug, you will see the diffs that are needed to effect the fix identified by iCR

  • At the end of the bug report there is a comment which notes that the fix was rejected along with information about who made that decision

Even though the fix was rejected, it is valuable to know that it was found and consciously rejected. Inserting it into the bug database provides the opportunity to have regular DevOps proecesses review the rejection to ensure that that decision was appropriate.

View these steps in the video below:

integrated iCR into your bug tracking system
Integrating with Jira - Define Your Project