GH-500
Configure and use Dependabot and Dependency Review
medium
Question 14 of 71

By default, what happens when the dependency-review-action finds vulnerable packages?

AIts check fails, and the pull request can be blocked from merging if that check is required
BIt silently dismisses the finding
CIt opens a CodeQL alert instead of a dependency review result
DIt disables branch protection for the repository

More Configure and use Dependabot and Dependency Review Questions

71 questions

Full GitHub Advanced Security Practice Test

All topics covered

All GitHub Advanced Security Questions

Browse by topic

Related Questions

Which standard format does GitHub use when exporting an SBOM for a repository from the dependency gr...

easy

When does GitHub generate new Dependabot alerts for a repository?...

easy

When Dependabot security updates is enabled and a patch is available, what does Dependabot attempt t...

easy

Which feature shows dependency changes and vulnerability information on the Files changed tab of a p...

easy

What must be enabled before dependency review becomes available for a repository?...

medium
View all Configure and use Dependabot and Dependency Review questions

Educational Content — CertQnA practice questions are written against official exam objectives, covering the same domains tested on the real exam. All content is original and independent — not actual exam questions, not affiliated with any certification vendor. Learn more about our content policy

Discussion

Be the first to share your understanding of this concept

⚠️ Discussion is for concept clarification only. Do not share or request actual exam questions or answers.

Sign in to join the discussion

Sign InCreate free account