Configure Mend for github.com

[mend-for-github-com]

Welcome to Mend for github.com (formerly WhiteSource). This is an onboarding PR to help you understand and configure settings before Mend starts scanning your repository for security vulnerabilities.

🚦 Mend for github.com will start scanning your repository only once you merge this Pull Request. To disable Mend for github.com, simply close this Pull Request.

---

What to Expect

This PR contains a '.whitesource' configuration file which can be customized to your needs. If no changes were applied to this file, Mend for github.com will use the default configuration.

Before merging this PR, Make sure the Issues tab is enabled. Once you merge this PR, Mend for github.com will scan your repository and create a GitHub Issue for every vulnerability detected in your repository.

If you do not want a GitHub Issue to be created for each detected vulnerability, you can edit the '.whitesource' file and set the 'minSeverityLevel' parameter to 'NONE'.

If Mend Remediate Workflow Rules are set on your repository (from the Mend 'Integrate' tab), Mend will also generate a fix Pull Request for relevant vulnerabilities.

---

❓ Got questions? Check out Mend for github.com docs.
If you need any further assistance then you can also request help here.

[github-actions]

Compatibility status:

Checks if related components are compatible with change dc163ef

Incompatible components

Incompatible components: [https://github.com/opensearch-project/neural-search.git, https://github.com/opensearch-project/sql.git, https://github.com/opensearch-project/cross-cluster-replication.git]

Skipped components

Compatible components

Compatible components: [https://github.com/opensearch-project/geospatial.git, https://github.com/opensearch-project/security.git, https://github.com/opensearch-project/notifications.git, https://github.com/opensearch-project/alerting.git, https://github.com/opensearch-project/index-management.git, https://github.com/opensearch-project/security-analytics.git, https://github.com/opensearch-project/anomaly-detection.git, https://github.com/opensearch-project/job-scheduler.git, https://github.com/opensearch-project/asynchronous-search.git, https://github.com/opensearch-project/observability.git, https://github.com/opensearch-project/opensearch-oci-object-storage.git, https://github.com/opensearch-project/common-utils.git, https://github.com/opensearch-project/k-nn.git, https://github.com/opensearch-project/reporting.git, https://github.com/opensearch-project/ml-commons.git, https://github.com/opensearch-project/performance-analyzer.git, https://github.com/opensearch-project/performance-analyzer-rca.git]

[github-actions]

Gradle Check (Jenkins) Run Completed with:

• RESULT: FAILURE ❌
• URL: https://build.ci.opensearch.org/job/gradle-check/24697/
• CommitID: dc163ef
  Please examine the workflow log, locate, and copy-paste the failure(s) below, then iterate to green.
  Is the failure a flaky test unrelated to your change?

[kotwanikunal]

@peterzhuamazon Do we still use mend?

[peterzhuamazon]

@peterzhuamazon Do we still use mend?

Yes, but isnt mend already in OS core for a while?

[peterzhuamazon]

Isnt there an old PR to remove mend because it is not correctly report issues?
cc: @bbarani

[opensearch-trigger-bot]

This PR is stalled because it has been open for 30 days with no activity.