CodeSonar for JIRA (Plugin)

September 23, 2016 Travis Hidlay

I'm pleased to inform the masses of our new integration plugin designed to work with CodeSonar and Atlassian JIRA Server software. This plugin will allow companies to seamlessly add the use of CodeSonar into workflows that make use of JIRA for issue tracking.

Here is an overview of some of the supported features:

  • Automatic creation of new JIRA issues from CodeSonar warnings.
  • Linking existing CodeSonar warnings to JIRA issues.
  • Automatically tracking state changes between a JIRA issue and a CodeSonar warning.

The plugin is composed of two separate pieces: a set of warning processors that run on the CodeSonar Hub, and an add-on for JIRA server that can be downloaded from the Atlassian marketplace.

To install the CodeSonar-JIRA add-on for a JIRA server installation, start by logging in as an administrator. Click the “Add-ons” link, shown below:


Click on “Find new add-ons”, then in the search bar, type “codesonar”:


Click the “Install” button. When the installation is finished, click the “configure” button to navigate to the configuration page and set up the mapping between the JIRA Server instance and the CodeSonar hub:


After installing the warning processors and the JIRA Add-on, you should be ready to start linking CodeSonar warnings to JIRA issues!

A common use case is to open a new issue in JIRA that is linked to an existing CodeSonar warning. To do this, simply:

  1. Navigate to a CodeSonar warning page.
  2. Scroll to the bottom of the page, and click on the checkbox labeled “Create JIRA Issue”.
  3. Click "Save changes."


After saving the changes to the CodeSonar warning, you should see a link in the warning’s comment history that will point to the new JIRA issue!


For detailed instructions on how to install and configure both the JIRA add-on as well as the warning processors, please refer to the following documentation:


Previous Article
The Advantages of Hybrid Source and Binary Static Analysis
The Advantages of Hybrid Source and Binary Static Analysis

INTRODUCTION: GrammaTech brought unique binary code analysis to the market in 2013. Before then...

Next Document
Eliminating Vulnerabilities in Third-Party Code with Binary Analysis
Eliminating Vulnerabilities in Third-Party Code with Binary Analysis