nerdexam
Microsoft

AZ-400 · Question #342

You scan a Node.js application using WhiteSource Bolt. The scan finds numerous libraries with invalid licenses, but are only used during development. You have to make sure that only production depende

The correct answer is C. npm install. The npm install command will install the devDependencies along other dependencies when run inside a package directory, in a development environment (the default). Use npm install --only=prod (or --only=production) to install only dependencies, and not devDependencies,regardless o

Submitted by devops_kid· Mar 6, 2026Develop a security and compliance plan

Question

You scan a Node.js application using WhiteSource Bolt. The scan finds numerous libraries with invalid licenses, but are only used during development. You have to make sure that only production dependencies are scanned by WhiteSource Bolt. Which of the following is a command you should run?

Options

  • Anpm edit
  • Bnpm publish
  • Cnpm install
  • Dnpm update

How the community answered

(60 responses)
  • A
    5% (3)
  • B
    2% (1)
  • C
    82% (49)
  • D
    12% (7)

Explanation

The npm install command will install the devDependencies along other dependencies when run inside a package directory, in a development environment (the default). Use npm install --only=prod (or --only=production) to install only dependencies, and not devDependencies,regardless of the value of the NODE_ENV environment variable. https://stackoverflow.com/questions/9268259/how-do-you-prevent-install-of-devdependencies- npm-modules-for-node-js-package

Community Discussion

No community discussion yet for this question.

Full AZ-400 Practice