Repository Integration creates duplicate issues

This article explains why you might see your Developer Integrations bot creating duplicate Issues in your GitHub.com, GitHub Enterprise, or GitLab Server.

If you are using Developer Integrations and the creation of “Issue” is not disabled, then for every vulnerability, the Developer Integrations bot will create an “Issue” with a “security vulnerability” Label. If you find yourself in a situation where the Developer Integrations bot creates Issues for the same vulnerability on the same Library, as shown in the screenshot below:

Make sure that the Vulnerability Label ("security vulnerability" in a red bubble that is autogenerated by the Developer Integrations bot by default) is present on the Issue. The Developer Integrations bot ignores Issues without the Vulnerability Label and will continue creating new Issues for the same Vulnerabilities after each scan if they don’t have a Vulnerability Label:

Once the Vulnerability Label is added back to the Issue, such in the example below, the Integration will not create any additional Issues for that vulnerability:

BitBucket Server doesn’t have a concept of ‘Issues’ like in GitHub and GitLab. That is why Mend creates ‘Issues’ in Bitbucket Server using the plugin. Thus, all of the 'Issues' are created by Mend and no labels are needed.