Appearance
Issue Management
This guide covers how to discover, triage, fix, and track issues surfaced by BrowserStack Code Quality.
Severity Levels
| Level | Response Target | Description |
|---|---|---|
| Critical | Immediate (same day) | Security flaw or crash risk; blocks release |
| High | Short term (next sprint) | Significant reliability, security, or performance impact |
| Medium | Scheduled (backlog grooming) | Moderate maintainability or quality concern |
| Low | Opportunistic | Minor style / clarity improvement |
| Info | Informational | Context or recommendation; no action required |
Categories
- Security
- Code Quality / Maintainability
- Performance
- Reliability
- Best Practice / Style
Finding Issues
Filtering
Filter by: severity, category, rule tag, file/directory, age (new vs legacy), status (open, in progress, fixed, suppressed), assignee.
Searching
Search across description, file path, rule name, or snippet text. Combine filters + search for precision (e.g., High severity security issues in /services/auth/).
Comparing Scans
Use scan comparison to view delta: new issues, fixed issues, unchanged backlog. Focus remediation on newly introduced Critical/High items first.
Managing Issues
Assignment
Assign to a developer or team lead; optionally include due date or sprint reference.
Suppression
Only suppress with a clear justification: false positive, legacy risk accepted, third‑party code exclusion. Periodically audit suppressed items.
Grouping / Bulk Actions
Select multiple issues to assign, change status, or suppress in batches (use with caution; review representative samples).
Commenting
Use comments for remediation notes, rationale, or links to PRs. Keep history clean and focused on resolution steps.
Lifecycle Workflow
- Triage – Prioritize newly surfaced issues (Critical/High first).
- Assign – Allocate ownership.
- Fix – Apply code change; reference rule guidance.
- Verify – Run next scan or trigger CI analysis.
- Close – Issue auto‑closes when no longer detected.
Optional states: Reopen (regression), Suppressed (accepted / false positive), Deferred (scheduled future sprint).
Metrics & Tracking
Monitor:
- Total backlog size.
- Issues by severity & category.
- New vs fixed (trend arrows).
- Mean time to resolution (MTTR) per severity.
- Suppression rate (keep low; <5% preferred).
Use dashboards for trending views and SLA compliance.
Quality Gates Integration
Quality gates can fail a build when threshold conditions are exceeded (e.g., any new Critical issue, >3 new High issues, quality score drop >2%). Treat gate failures as priority items; fix before merge.
Best Practices
- Triage daily to prevent backlog growth.
- Address new Critical/High issues before merging feature branches.
- Document every suppression with rationale + reviewer approval.
- Track MTTR and aim to reduce sprint by sprint.
- Use rule tags to focus thematic improvements (e.g., security hardening).
Troubleshooting
| Problem | Possible Cause | Resolution |
|---|---|---|
| Many false positives | Rule profile misaligned | Adjust profile; refine rule tags |
| Suppression abuse | Lack of review process | Implement suppression approval workflow |
| Slow verification | Infrequent scans | Increase scan cadence / enable PR scanning |
| Recurring regressions | No pre‑commit checks | Add local/CI pre‑commit analysis |