GH-500 Question #112: Real Exam Question with Answer & Explanation

The correct answer is C: creating a pull request to resolve the vulnerability that will be approved and merged. {"question_number": 6, "correct_answer": "C", "explanation": "A Dependabot alert is automatically closed when the vulnerable dependency is updated to a non-vulnerable version via a merged pull request. Simply viewing the alert, viewing the dependency graph, or leaving the reposit

Configure and use Dependabot and Dependency Review

Question

Which of the following options would close a Dependabot alert?

Options

Aviewing the dependency graph
Bleaving the repository in its current state
Ccreating a pull request to resolve the vulnerability that will be approved and merged
Dviewing the Dependabot alert on the Dependabot alerts tab of your repository

Explanation

{"question_number": 6, "correct_answer": "C", "explanation": "A Dependabot alert is automatically closed when the vulnerable dependency is updated to a non-vulnerable version via a merged pull request. Simply viewing the alert, viewing the dependency graph, or leaving the repository unchanged does not resolve or close the alert. Dismissing an alert manually is also an option, but that is different from actually resolving the vulnerability.", "generated_by": "claude-sonnet", "llm_judge_score": 4}

Topics

#Dependabot alerts#Vulnerability resolution#Dependency management#Security remediation

Community Discussion

No community discussion yet for this question.

Full GH-500 Practice Browse All GH-500 Questions