This is for SonarCloud integrated with Azure DevOps.
We have found some new security hotspots in the Web UI but there appears to be no notification etc in ADO itself. So far as we can see, the only place that the hotspots show up is in the web UI.
This would seem suboptimal, as devs would have to regularly go to the web UI and check each project they are working on to see if new hotspots need to be reviewed.
I can’t see any mechanism in the ADO plugins which would enable notifications, comments to be added in ADO, etc.
What is the intended way for devs to become informed of new security hotspots to review?
Thanks