Add whitesource/mend configuration to detect security issues in depen…

…dencies
ls1intum · Nov 18, 2024 · 1f70505 · 1f70505
1 parent 2db81f2
commit 1f70505
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/.whitesource b/.whitesource
@@ -0,0 +1,23 @@
+{
+  "scanSettings": {
+    "enableScan": true,
+    "baseBranches": ["main"],
+    "scanDependabotPR": false
+  },
+  "checkRunSettings": {
+    "vulnerableCheckRunConclusionLevel": "failure",
+    "displayMode": "diff",
+    "useMendCheckNames": true
+  },
+  "issueSettings": {
+    "minSeverityLevel": "MEDIUM",
+    "issueType": "DEPENDENCY"
+  },
+  "remediateSettings": {
+    "workflowRules": {
+      "enabled": true,
+        "minVulnerabilityScore": 1.5,
+        "maxVulnerabilityScore": 10
+    }
+  }
+}