AZ-400 · Question #496
You manage code by using GitHub. You plan to use Dependabot to scan for code dependencies. You need to identify when scanning will be triggered automatically. Which two actions will trigger a scan? Ea
The correct answer is A. The dependency graph of a repository changes. E. A new advisory is added.. About Dependabot alerts, Detection of insecure dependencies Dependabot performs a scan of the default branch of your repository to detect insecure dependencies, and sends Dependabot alerts when: A new advisory is added to the GitHub Advisory Database. Note: Only advisories that h
Question
Options
- AThe dependency graph of a repository changes.
- BA pull request is created.
- CA branch is forked.
- DAny commit is pushed.
- EA new advisory is added.
How the community answered
(59 responses)- A69% (41)
- B3% (2)
- C8% (5)
- D19% (11)
Explanation
About Dependabot alerts, Detection of insecure dependencies Dependabot performs a scan of the default branch of your repository to detect insecure dependencies, and sends Dependabot alerts when: A new advisory is added to the GitHub Advisory Database. Note: Only advisories that have been reviewed by GitHub will trigger Dependabot alerts. The dependency graph for a repository changes. For example, when a contributor pushes a commit to change the packages or versions it depends on, or when the code of one of the dependencies changes.
Community Discussion
No community discussion yet for this question.