How to manage Vulnerabilities


I am using SonarQube to report the vulnerabilities of the code/libraries.
Than take some action to fix/solve few of them.

The next month, I redo a report and each time have to match my previous action to the new report manually.

Is there a way to use a tools or other idea to have a better follow up on my action?

Kind regards,

Hey there.

When you fix a vulnerability in SonarQube, the issue will move to status of Resolved (Fixed), that you can filter on in your SonarQube instance.

These closed issues are eventually cleaned up by housekeeping, but you can adjust how often the issues are purged.