Developers rely heavily on the project management tool for tracking of software development task. For them to refer to different portal for different issue is a pain and its against DevOps spirit.
Propose to integrate Azure Board and Jira with SonarCloud so that vulnerabilities and issues identified by SonarCloud scanner are created in Azure Board and Jira as work item.
Also synchronize work item status and remarks between Azure Board and Jira with SonarCloud portal.
We used to have such a feature a long time ago, and we dropped it. At that time, I wrote a blog post to explain why we did that move: Stop planning; fix the leak!. Even if this talks about SonarQube, it is still perfectly relevant even for SonarCloud. Basically, the point is that if development teams apply the “Clean as You Code” principle that we encourage to follow, no one will ever have to create a long list of remediation action tickets which is going to “pollute” the existing backlog (usually already full of things to do).
So as you guessed, this is not a feature that we plan to reintroduce. We strongly believe that fixing issues before they exist (using SonarLint) or just after they were created (Fix the Leak) is way more powerful.
Hope that makes sense!
The need for integration with Jira and Azure Board is not so much about planning.
As there are a huge number of issues identified by the software, we need to help developer with tracking the resolved and unresolved issues in batches.
And this is where Clean as You Code methodology is way more powerful than asking developers to work on issues in batches!