Set the Mitigations Field to Read-Only in Jira
Veracode recommends that you do not allow the Jira users in your organization to edit the Mitigations Status and Comments field of imported finding issues. To prevent users from changing this field, you can set it to read-only.
To complete this task:
- On your Jira system, download and install ScriptRunner for Jira from the Atlassian Marketplace.
- In Jira, select Administration > Manage apps > Behaviours.
- In the Add Behaviour section, in the Name field, enter Make Mitigation Status and Comments read-only.
- Click Add.
- Click Add Mapping next to the behaviour you added.
- In the Fields section, click Readonly.
- In the Add Field dropdown menu, select Mitigation Status and Comments and click Add.
- Click Save. In the Jira issues of imported findings, the Mitigation Status and Comments field is shaded to indicate that it is read-only.