DETAILED ACTION
1.	The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
2.	This communication is in response to applicant's amendment dated 7/7/2022 and interview dated 8/1/2022.
3. 	Applicant's arguments with respect to the 112(b) rejection have been fully considered and are persuasive. Therefore, the 112(b) rejection has been withdrawn.
4.	Applicant's remarks, filed on 7/7/2022, with respect to the art rejection of the claims have been fully considered and they are persuasive as amended and in the light of the Examiner's amendments. 
EXAMINER’S AMENDMENT
5.1.	An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee. 
	Authorization for this examiner’s amendment was given in a telephone interview 
with Theodore M. Magee (Reg. No.: #39758) on 8/1/2022.

5.2.	This listing of claims will replace all prior versions and listings of claims in the application:
1-8. (Canceled)	

9. (Previously Presented)	A computer server comprising:
	a memory containing instructions and a database comprising vulnerabilities detected in a previous version of a branch of computer code and vulnerabilities detected in a base branch and a head branch of computer code;
	a processor executing the instructions in the memory to perform steps comprising:
		receiving vulnerabilities detected in a last-committed version of the branch of computer code;
		determining that a vulnerability stored in the database for the previous version of the branch of computer code is not in the received vulnerabilities for the last-committed version of the branch of computer code; 
		in response, instructing an issue tracker to close an issue opened for the vulnerability for the branch of code;
		receiving an indication that a commit of a merge of the head branch into the base branch has been received; and
		reading the vulnerabilities detected in the head branch from the database and adding the vulnerabilities detected in the head branch and read from the database to the vulnerabilities stored in the database for the base branch based on a determination that a latest scan of the base branch failed to detect the vulnerabilities in the base branch.

10. (Original)	The computer server of claim 9 wherein the processor executes the instructions in memory to further perform steps comprising:
	determining that a second vulnerability stored in the database for the previous version of the branch of computer code is in the received vulnerabilities for the last-committed version of the branch of computer code; and
	in response, instructing an issue tracker to add a comment to an open issue for the second vulnerability for the branch to indicate that the second vulnerability was still present in the last-committed version of the branch of computer code.

11. (Original)	The computer server of claim 9 wherein the processor executes the instructions in memory to further perform steps comprising:
	determining that a third vulnerability stored in the database and marked as a false positive vulnerability is in the received vulnerabilities for the last-committed version of the branch of computer code; and
	in response, not opening an issue for the third vulnerability.

12. (Original)	The computer server of claim 11 wherein the third vulnerability marked as a false positive was never present in any version of the branch of computer code before the last-committed version of the branch of computer-code.

13. (Original)	The computer server of claim 9 wherein the processor executes the instructions in memory to further perform steps comprising:
	receiving an indication that a fourth vulnerability in a first branch of computer code stored in a repository is a false positive vulnerability;
	searching for open issues for the false positive vulnerability for other branches of computer code stored in the repository; and
	for each found open issue, instructing the issue tracker to close the found open issue.

14. (Original)	The computer server of claim 9 wherein the processor executes the instructions in memory to further perform steps comprising:
	determining that a fifth vulnerability stored in the database for an earlier version of the branch of computer code is in the received vulnerabilities for the last-committed version of the branch of computer code; and
	in response, instructing the issue tracker to reopen a closed issue for the vulnerability for the branch of code.

15-20. (Canceled)	

21.(New) A method executed by a processor, the method comprising:
	receiving vulnerabilities detected in a last-committed version of a branch of computer code;
	determining that a vulnerability stored in a database for a previous version of the branch of computer code is not in the received vulnerabilities for the last-committed version of the branch of computer code; 
	in response, instructing an issue tracker to close an issue opened for the vulnerability for the branch of code;
	receiving an indication that a commit of a merge of a head branch into a base branch has been received; and
	reading vulnerabilities detected in the head branch from the database and adding the vulnerabilities detected in the head branch and read from the database to vulnerabilities stored in the database for the base branch based on a determination that a latest scan of the base branch failed to detect the vulnerabilities in the base branch.

22. (New)	The method of claim 21 further comprising:
	determining that a second vulnerability stored in the database for the previous version of the branch of computer code is in the received vulnerabilities for the last-committed version of the branch of computer code; and
	in response, instructing an issue tracker to add a comment to an open issue for the second vulnerability for the branch to indicate that the second vulnerability was still present in the last-committed version of the branch of computer code.

23. (New)	The method of claim 21 further comprising:
	determining that a third vulnerability stored in the database and marked as a false positive vulnerability is in the received vulnerabilities for the last-committed version of the branch of computer code; and
	in response, not opening an issue for the third vulnerability.

24. (New)	The method of claim 23 wherein the third vulnerability marked as a false positive was never present in any version of the branch of computer code before the last-committed version of the branch of computer-code.

25. (New)	The method of claim 21 further comprising:
	receiving an indication that a fourth vulnerability in a first branch of computer code stored in a repository is a false positive vulnerability;
	searching for open issues for the false positive vulnerability for other branches of computer code stored in the repository; and
	for each found open issue, instructing the issue tracker to close the found open issue.

26. (New)	The method of claim 21 further comprising:
	determining that a fifth vulnerability stored in the database for an earlier version of the branch of computer code is in the received vulnerabilities for the last-committed version of the branch of computer code; and
	in response, instructing the issue tracker to reopen a closed issue for the vulnerability for the branch of code.

27.(New) A non-transitory computer-readable medium containing computer-executable instructions for performing steps comprising:
	receiving vulnerabilities detected in a last-committed version of a branch of computer code;
	determining that a vulnerability stored in a database for a previous version of the branch of computer code is not in the received vulnerabilities for the last-committed version of the branch of computer code; 
	in response, instructing an issue tracker to close an issue opened for the vulnerability for the branch of code;
	receiving an indication that a commit of a merge of a head branch into a base branch has been received; and
	reading vulnerabilities detected in the head branch from the database and adding the vulnerabilities detected in the head branch and read from the database to vulnerabilities stored in the database for the base branch based on a determination that a latest scan of the base branch failed to detect the vulnerabilities in the base branch.

28. (New)	The non-transitory computer-readable medium of claim 27 further comprising:
	determining that a second vulnerability stored in the database for the previous version of the branch of computer code is in the received vulnerabilities for the last-committed version of the branch of computer code; and
	in response, instructing an issue tracker to add a comment to an open issue for the second vulnerability for the branch to indicate that the second vulnerability was still present in the last-committed version of the branch of computer code.

29. (New)	The non-transitory computer-readable medium of claim 27 further comprising:
	determining that a third vulnerability stored in the database and marked as a false positive vulnerability is in the received vulnerabilities for the last-committed version of the branch of computer code; and
	in response, not opening an issue for the third vulnerability.

30. (New)	The non-transitory computer-readable medium of claim 29 wherein the third vulnerability marked as a false positive was never present in any version of the branch of computer code before the last-committed version of the branch of computer-code.

31. (New)	The non-transitory computer-readable medium of claim 27 further comprising:
	receiving an indication that a fourth vulnerability in a first branch of computer code stored in a repository is a false positive vulnerability;
	searching for open issues for the false positive vulnerability for other branches of computer code stored in the repository; and
	for each found open issue, instructing the issue tracker to close the found open issue.

32. (New)	The non-transitory computer-readable medium of claim 27 further comprising:
	determining that a fifth vulnerability stored in the database for an earlier version of the branch of computer code is in the received vulnerabilities for the last-committed version of the branch of computer code; and
	in response, instructing the issue tracker to reopen a closed issue for the vulnerability for the branch of code.

Allowable Subject Matter
6.1.	Claims 9-14, 21-32 are allowed.
6.2.	a). 	US Patent Application No. 20160291970 to Mallisetty et al discloses a computer-implemented method is disclosed which detects that new source code linked to a defect identifier has been checked in to a source code repository for a given code branch of a software application. The new source code is automatically checked in to additional code branches of the software application based on the defect identifier. For each additional code branch into which the new source code is automatically checked in, code coverage metrics are determined which indicate an extent to which application source code of the code branch is tested by its corresponding test case source code before and after the automatic check in. If a difference between the code coverage metrics indicates that code coverage for the code branch has decreased by more than a predefined threshold, a notification is transmitted that indicates a test case deficiency for the code branch.
	b).	US Patent No. 10579803 to Mueller et al discloses the invention relates to a computer-implemented system and method for management of software application issues such as software application vulnerabilities or software quality. The method may comprise the steps of receiving software vulnerability data from a plurality of vulnerability scanning systems; automatically generating a unique vulnerability ID for a vulnerability using a plurality attributes of the vulnerability; comparing a current load of vulnerability data with a previous load of vulnerability data and generating a table of deltas; grouping vulnerabilities into a group that can be managed and remediated on a group basis as a unit of work rather than individually; and automatically generating entries in the developer task tracking system for each vulnerability group or individual vulnerabilities for resolution.
	c). 	US Patent Application No. 20130167238 to Russell et al discloses a method in one embodiment includes identifying a set of known vulnerabilities and a set of new vulnerabilities in an asset, selecting one or more scripts that include checks for vulnerabilities in a union of the set of known vulnerabilities and the set of new vulnerabilities, and using the selected scripts to scan the asset. Known vulnerabilities and new vulnerabilities may be identified by accessing results of previous scans on the asset. The method may also include identifying a plurality of assets to scan in a network, identifying a plurality of sets of known vulnerabilities and a plurality of sets of new vulnerabilities in substantially all assets in the plurality of assets, and inserting checks for vulnerabilities included in a union of the plurality of sets of known vulnerabilities and the plurality of sets of new vulnerabilities into the selected scripts.

6.3.	This communication warrants No Examiner's Reason for Allowance, applicant's reply make evident the reasons for allowance, satisfying the “record as a whole” proviso of the rule 37 CFR 1.104(e). Specifically, the substance of applicant’s remarks, filed 7/7/2022 are persuasive, and in the light of above the Examiner's amendments (as well as the other features of the independent claims-which applicant did not argued) as such the reasons for allowance are in all probability evident from the record and no statement is deemed necessary (see MPEP 1302.14).

Conclusion
7.	Any inquiry concerning this communication or earlier communications from the examiner should be directed to HARUNUR RASHID whose telephone number is (571)270-7195. The examiner can normally be reached 9 AM to 5PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.

HARUNUR . RASHID
Primary Examiner
Art Unit 2497



/HARUNUR RASHID/
Primary Examiner, Art Unit 2497