From 1f705057fadf6b55848ac4b876cca4fe46986d04 Mon Sep 17 00:00:00 2001
From: Stephan Krusche <krusche@tum.de>
Date: Mon, 18 Nov 2024 20:41:56 +0100
Subject: [PATCH] Add whitesource/mend configuration to detect security issues
 in dependencies

---
 .whitesource | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 .whitesource

diff --git a/.whitesource b/.whitesource
new file mode 100644
index 0000000..cc55465
--- /dev/null
+++ b/.whitesource
@@ -0,0 +1,23 @@
+{
+  "scanSettings": {
+    "enableScan": true,
+    "baseBranches": ["main"],
+    "scanDependabotPR": false
+  },
+  "checkRunSettings": {
+    "vulnerableCheckRunConclusionLevel": "failure",
+    "displayMode": "diff",
+    "useMendCheckNames": true
+  },
+  "issueSettings": {
+    "minSeverityLevel": "MEDIUM",
+    "issueType": "DEPENDENCY"
+  },
+  "remediateSettings": {
+    "workflowRules": {
+      "enabled": true,
+        "minVulnerabilityScore": 1.5,
+        "maxVulnerabilityScore": 10
+    }
+  }
+}