nerdexam
Microsoft

AZ-400 · Question #41

You have 50 Node.js-based projects that you scan by using WhiteSource. Each project includes Package.json, Package-lock.json, and Npm-shrinkwrap.json files. You need to minimize the number of librarie

The correct answer is D. Add a devDependencies section to Package-lock.json.. Within your package.json file be sure you split out your npm dependencies between devDependencies and (production) dependencies https://docs.microsoft.com/en-us/archive/blogs/visualstudioalmrangers/manage-your-open- source-usage-and-security-as-reported-by-your-cicd-pipeline

Submitted by the_admin· Mar 6, 2026Develop a security and compliance plan

Question

You have 50 Node.js-based projects that you scan by using WhiteSource. Each project includes Package.json, Package-lock.json, and Npm-shrinkwrap.json files. You need to minimize the number of libraries reports by WhiteSource to only the libraries that you explicitly reference. What should you do?

Options

  • AConfigure the File System Agent plug in.
  • BDelete Package lock.json.
  • CConfigure the Artifactory plug-in.
  • DAdd a devDependencies section to Package-lock.json.

How the community answered

(54 responses)
  • A
    11% (6)
  • B
    6% (3)
  • C
    20% (11)
  • D
    63% (34)

Explanation

Within your package.json file be sure you split out your npm dependencies between devDependencies and (production) dependencies https://docs.microsoft.com/en-us/archive/blogs/visualstudioalmrangers/manage-your-open- source-usage-and-security-as-reported-by-your-cicd-pipeline

Community Discussion

No community discussion yet for this question.

Full AZ-400 Practice