GH-500 Question #86: Real Exam Question with Answer & Explanation

The correct answer is A: Only users with admin access to a repository can enable Dependabot alerts.. Enabling Dependabot alerts is an administrative action that requires repository admin access, as it modifies repository-level security settings.

Configure and use Dependabot and Dependency Review

Question

What are the permissions and roles required to enable Dependabot alerts on GitHub?

Options

AOnly users with admin access to a repository can enable Dependabot alerts.
BOnly repository maintainers can enable Dependabot alerts.
COnly users with write access to a repository can enable Dependabot alerts.
DAny user with access to a repository can enable Dependabot alerts.

Explanation

Enabling Dependabot alerts is an administrative action that requires repository admin access, as it modifies repository-level security settings.

Common mistakes.

B. The maintainer role does not grant permission to change repository-level security settings; admin access is the minimum required permission level to enable Dependabot alerts.
C. Write access allows pushing code and managing issues but does not include the ability to modify repository security settings such as enabling Dependabot alerts.
D. General repository access - such as read or triage level - does not provide the administrative permissions needed to enable Dependabot alerts.

Concept tested. Required admin permissions for enabling Dependabot alerts

Reference. https://docs.github.com/en/code-security/dependabot/dependabot-alerts/configuring-dependabot-alerts

Topics

#Dependabot alerts#Repository permissions#Admin access#GitHub Advanced Security

Community Discussion

No community discussion yet for this question.

Full GH-500 Practice Browse All GH-500 Questions