Skip to content

Status change of a finding within finding_group in defectdojo, isn't reflected in assosiated Jira ticket automatically. #14056

New issue
New issue
Open
Open
Status change of a finding within finding_group in defectdojo, isn't reflected in assosiated Jira ticket automatically.#14056
Labels
bug
@thiswillnevelmatch

Description

@thiswillnevelmatch
thiswillnevelmatch
opened on Jan 7, 2026

Behavior described in #14031, motivated team to check whether findings groups are synced up(DefectDojo->Jira) automatically during re-import, and turns out they are NOT.
The following statement are true in my current setup:

  • Jira instance is configured with Automatically sync Findings with JIRA?
Image
  • Auto-creation of Jira ticket from single finding works if enabled("Push all Issues") and if Finding is Active and Verified.
  • Status changes of a finding that is not in group is reflected automatically in JIRA ticket during report reimport (if the there is a change to that finding) or after status change via UI(without clicking "Push to Jira").
  • Auto-grouping of findings does work (reimport is configured with create_finding_groups_for_all_findings=False and group_by).
  • Auto-creation of Jira ticket for finding group works if enabled("Push all Issues") and all findings in a group are Active and Verified.
  • Updates to the Jira Ticket related to finding group DO NOT happen if one or even all findings in within finding group change status. But updates to Jira ticket are happening during manually click on group-finding-sync from UI.

The following status change only happens after Manual sync of finding group using UI.

  1. test-group of 2 findings is reflected in a single Jira ticket.
Image Image
  1. Status change to "Mitigated" is not reflected to Jira-ticket and ticket status also does NOT change.
Image
  1. Manual sync of finding-group via UI lead to finding status change in ticket description and ticket status if all findings are no longer in Active state.
Image Image

Bug description
Don't know whether it's a Bug of a Feature Request since wasn't able to find in Docs any claims that Defectdojo->Jira Automatic Sync of "Finding groups" is supported, only "the Finding Group is what will automatically push to Jira as an Issue, not the individual Findings", which may imply only creation of a Jira Ticket, without further updates if any. However:

  • automatic description change and/or status change of Jira ticket does not happen, if finding experienced a change during reimport of change via UI.

Expected behavior

  • Changes to a finding status within DD finding_group that is associated with a Jira ticket, are reflected within Jira ticket, when "Automatically sync Findings with JIRA" is set(or via other optional configuration for finding_group)

Deployment method

  • Docker Compose
  • Kubernetes
  • GoDojo

Environment information

  • Operating System: [e.g. Ubuntu 24.04]
  • Helm version: 1.9.6
  • DefectDojo version: v. 2.54.0

Thanks, and appreciate your time and effort maintaining this project

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions