mauricioduarte01 · November 12, 2023 09:14
diff --git a/.yml b/.yml
 Single Ticket vs. Multiple Tickets: Given the number of findings (around 200), it's more manageable to create multiple tickets in JIRA. One ticket for all findings would be overwhelming and difficult to track. Instead, group findings by type, severity, or component, and create a ticket for each group.

 Categorize and Group Findings: Before creating tickets, categorize the findings. Group them into buckets such as 'Critical Bugs', 'Performance Issues', 'Security Vulnerabilities', etc. This will help in creating focused tickets that can be tackled by developers with the right expertise.

 Create JIRA Tickets: For each group of findings, create a JIRA ticket. The ticket should include all necessary information about the findings, such as the file names, line numbers, and a brief description of the issue and suggested fix if available.

 Divide and Conquer:

    Assign tickets based on developer expertise, ensuring the most complex issues are handled by the most experienced developers.
    If possible, allocate simpler tasks to less experienced developers to balance the workload and provide learning opportunities.

 Workflow for Findings: Use a consistent workflow for handling these tickets:

    Analyze: Understand the issue and its impact.
    Fix/Refactor: Apply the necessary code changes.
    Suppress: If a finding is a false positive or acceptable risk, document the rationale and use the analyzer's suppression mechanism.
    Peer Review: Have another developer review the changes or suppression justification.
    Commit: Once reviewed, commit the changes to a feature branch.
	Single Ticket vs. Multiple Tickets: Given the number of findings (around 200), it's more manageable to create multiple tickets in JIRA. One ticket for all findings would be overwhelming and difficult to track. Instead, group findings by type, severity, or component, and create a ticket for each group.

	Categorize and Group Findings: Before creating tickets, categorize the findings. Group them into buckets such as 'Critical Bugs', 'Performance Issues', 'Security Vulnerabilities', etc. This will help in creating focused tickets that can be tackled by developers with the right expertise.

	Create JIRA Tickets: For each group of findings, create a JIRA ticket. The ticket should include all necessary information about the findings, such as the file names, line numbers, and a brief description of the issue and suggested fix if available.

	Divide and Conquer:

	Assign tickets based on developer expertise, ensuring the most complex issues are handled by the most experienced developers.
	If possible, allocate simpler tasks to less experienced developers to balance the workload and provide learning opportunities.

	Workflow for Findings: Use a consistent workflow for handling these tickets:

	Analyze: Understand the issue and its impact.
	Fix/Refactor: Apply the necessary code changes.
	Suppress: If a finding is a false positive or acceptable risk, document the rationale and use the analyzer's suppression mechanism.
	Peer Review: Have another developer review the changes or suppression justification.
	Commit: Once reviewed, commit the changes to a feature branch.
No results found