Exam GitHub-Advanced-Security Topic 6 Question 3 Discussion
Actual exam question for GitHub's GitHub-Advanced-Security exam
Question #: 3
Topic #: 6
Question #: 3
Topic #: 6
What should you do after receiving an alert about a dependency added in a pull request?
Suggested Answer: C Vote an answer
If an alert is raised on apull request dependency, best practice is toupdate the dependencyto a secure versionbeforemerging the PR. This prevents the vulnerable version from entering the main codebase.
Merging or deploying the PR without fixing the issue exposes your production environment to known risks.
Merging or deploying the PR without fixing the issue exposes your production environment to known risks.
by Wright at Mar 27, 2026, 04:18 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).