Veracode recommends that you do not allow the Jira users in your organization to edit the Mitigations Status and Comments field of imported finding issues. To prevent users from changing this field, you can set it to read-only.
To complete this task:
- On your Jira system, download and install ScriptRunner for Jira from the Atlassian Marketplace.
- In Jira, select Administration > Manage apps > Behaviours.
- In the Add Behaviour section, in the Name field, enter Make Mitigation Status and Comments read-only.
- Select Add.
- Select Add Mapping next to the behaviour you added.
- In the Fields section, select Readonly.
- In the Add Field dropdown menu, select Mitigation Status and Comments and select Add.
- Select Save. In the Jira issues of imported findings, the Mitigation Status and Comments field is shaded to indicate that it is read-only.