Skip to content

Commit

Permalink
Configure Mend for GitHub.com (#671)
Browse files Browse the repository at this point in the history
Welcome to [Mend for
GitHub.com](https://github.com/apps/mend-for-github-com) (formerly
WhiteSource). This is an onboarding PR to help you understand and
configure settings before Mend starts scanning your repository for
security vulnerabilities.

:vertical_traffic_light: Mend for GitHub.com will start scanning your
repository only once you merge this Pull Request. To disable Mend for
GitHub.com, simply close this Pull Request.



---

### What to Expect

This PR contains a '.whitesource' configuration file which can be
customized to your needs. If no changes were applied to this file, Mend
for GitHub.com will use the default configuration.

Before merging this PR, Make sure the [Issues tab is
enabled](https://docs.mend.io/bundle/community_tools/page/enabling_the__issues__tab_for_the_github_repository.html).
Once you merge this PR, Mend for GitHub.com will scan your repository
and create a GitHub Issue for every vulnerability detected in your
repository.

If you do not want a GitHub Issue to be created for each detected
vulnerability, you can edit the '.whitesource' file and set the
'minSeverityLevel' parameter to 'NONE'.

If [Mend
Remediate](https://docs.mend.io/bundle/integrations/page/mend_remediate_and_renovate.html)
Workflow Rules are set on your repository (from the Mend 'Integrate'
tab), Mend will also generate a fix Pull Request for relevant
vulnerabilities.

---

:question: Got questions? Check out Mend for GitHub.com
[docs](https://docs.mend.io/bundle/integrations/page/mend_for_github_com.html).
If you need any further assistance then you can also [request help
here](https://whitesourcesoftware.force.com/CustomerCommunity/s).<!--
<WHITESOURCE>{ "installationId": "20616559"}</WHITESOURCE> -->

Co-authored-by: mend-for-github-com[bot] <50673670+mend-for-github-com[bot]@users.noreply.github.com>
  • Loading branch information
mend-for-github-com[bot] authored Feb 26, 2024
1 parent 2baef6c commit f4f8b77
Showing 1 changed file with 41 additions and 0 deletions.
41 changes: 41 additions & 0 deletions .whitesource
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
{
"scanSettings": {
"configMode": "AUTO",
"configExternalURL": "",
"projectToken": "",
"baseBranches": []
},
"scanSettingsSAST": {
"enableScan": false,
"scanPullRequests": false,
"incrementalScan": true,
"baseBranches": [],
"snippetSize": 10
},
"checkRunSettings": {
"vulnerableCheckRunConclusionLevel": "failure",
"displayMode": "diff",
"useMendCheckNames": true
},
"checkRunSettingsSAST": {
"checkRunConclusionLevel": "failure",
"severityThreshold": "high"
},
"issueSettings": {
"minSeverityLevel": "LOW",
"issueType": "DEPENDENCY"
},
"remediateSettings": {
"workflowRules": {
"enabled": true
}
},
"imageSettings":{
"imageTracing":{
"enableImageTracingPR": false,
"addRepositoryCoordinate": false,
"addDockerfilePath": false,
"addMendIdentifier": false
}
}
}

0 comments on commit f4f8b77

Please sign in to comment.