nerdexam
ExamsGH-500Questions#61
MicrosoftMicrosoft

GH-500 · Question #61

GH-500 Question #61: Real Exam Question with Answer & Explanation

The correct answer is D: after you find the code and click the alert within the pull request. GitHub automatically closes a code scanning alert when the vulnerable code is fixed in the same branch where the alert was generated, usually via a commit inside a pull request. Simply clicking or triaging an alert does not resolve it. The alert is re-evaluated after each push to

Describe GitHub Advanced Security best practices, results, and how to take corrective measures

Question

As a developer with write access, you navigate to a code scanning alert in your repository. When will GitHub close this alert?

Options

  • Aafter you triage the pull request containing the alert
  • Bafter you fix the code by committing within the pull request
  • Cwhen you use data-flow analysis to find potential security issues in code
  • Dafter you find the code and click the alert within the pull request

Explanation

GitHub automatically closes a code scanning alert when the vulnerable code is fixed in the same branch where the alert was generated, usually via a commit inside a pull request. Simply clicking or triaging an alert does not resolve it. The alert is re-evaluated after each push to the branch, and if the issue no longer exists, it is marked as resolved.

Topics

#Code Scanning#Alert Management#Pull Request Workflow#GitHub Advanced Security

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GH-500 PracticeBrowse All GH-500 Questions