[CCI] Run `Mend Security Check` pipeline only when `yarn.lock` is changed

[SergeyMyssak]

Is your feature request related to a problem? Please describe.

Mend Security Check pipeline is run every time, regardless of whether yarn.lock has been changed.

Describe the solution you'd like

We can optimize this using GitHub Actions rather than Mend for GitHub.com (GitHub App). This issue is supposed to understand what will be more effective and useful to use.

Also, I suppose it could help to avoid a permanent pipeline failure when we do backports.

Documentation that we can base on - Integrate Scans with the Mend CLI Tool

[joshuarrrr]

At first glance, this sounds like an awesome improvement! @AMoo-Miki Any additional considerations here?

[AMoo-Miki]

I believe this is very logical; we should do it. The automation should trigger when the lockfile or package manifests change.