GitHub Exam GitHub-Advanced-Security Topic 5 Question 9 Discussion

Actual exam question for GitHub's GitHub-Advanced-Security exam

Question #: 9
Topic #: 5

[All GitHub-Advanced-Security Questions]

-- [Configure and Use Dependency Management]

You have enabled security updates for a repository. When does GitHub mark a Dependabot alert as resolved for that repository?

AWhen Dependabot creates a pull request to update dependencies

BWhen you dismiss the Dependabot alert

CWhen the pull request checks are successful

DWhen you merge a pull request that contains a security update

Show Suggested Answer

Suggested Answer: D

A Dependabot alert is marked as resolved only after the related pull request is merged into the repository. This indicates that the vulnerable dependency has been officially replaced with a secure version in the active codebase.

Simply generating a PR or passing checks does not change the alert status; merging is the key step.

by Dana at Jul 08, 2025, 09:03 PM

Limited Time Offer

25%

Off

Get Premium GitHub-Advanced-Security Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!