Configure Mend Bolt for GitHub (#1)

Welcome to [Mend Bolt for
GitHub](https://github.com/apps/mend-bolt-for-github) (formerly
WhiteSource). This is an onboarding PR to help you understand and
configure settings before Mend starts scanning your repository for
security vulnerabilities.

:vertical_traffic_light: Mend Bolt for GitHub will start scanning your
repository only once you merge this Pull Request. To disable Mend Bolt
for GitHub, simply close this Pull Request.



---

### What to Expect

This PR contains a '.whitesource' configuration file which can be
customized to your needs. If no changes were applied to this file, Mend
Bolt for GitHub will use the default configuration.

Before merging this PR, Make sure the [Issues tab is
enabled](https://docs.mend.io/bundle/community_tools/page/enabling_the__issues__tab_for_the_github_repository.html).
Once you merge this PR, Mend Bolt for GitHub will scan your repository
and create a GitHub Issue for every vulnerability detected in your
repository.

If you do not want a GitHub Issue to be created for each detected
vulnerability, you can edit the '.whitesource' file and set the
'minSeverityLevel' parameter to 'NONE'.

---

:question: Got questions? Check out Mend Bolt for GitHub
[docs](https://docs.mend.io/bundle/community_tools/page/mend_bolt_for_github.html).
If you need any further assistance then you can also [request help
here](https://whitesourcesoftware.force.com/CustomerCommunity/s).<!--
<WHITESOURCE>{ "installationId": "8000565"}</WHITESOURCE> -->

.whitesource

@@ -0,0 +1,14 @@
+{
+  "scanSettings": {
+    "baseBranches": []
+  },
+  "checkRunSettings": {
+    "vulnerableCheckRunConclusionLevel": "failure",
+    "displayMode": "diff",
+    "useMendCheckNames": true
+  },
+  "issueSettings": {
+    "minSeverityLevel": "LOW",
+    "issueType": "DEPENDENCY"
+  }
+}