Vendor Dependencies: Where are vendor dependencies stored?

Prepare for the GitHub Advanced Security Certification Test. Practice with multiple choice questions, detailed explanations, and hints. Achieve success on your first attempt!

Multiple Choice

Vendor Dependencies: Where are vendor dependencies stored?

Explanation:
Vendoring keeps a copy of dependencies in a dedicated vendor directory within the project. The actual library code sits in that vendor folder, so builds can be reproduced without pulling from external sources every time. The manifest (like a dependency file that lists what’s required and the version constraints) simply specifies what needs to be included, but the code itself is stored in the separate vendor directory. This separation is what makes builds more predictable and offline-friendly. Other approaches exist, such as using a submodule or placing dependencies directly in the root, but those are different strategies. The standard pattern described here emphasizes a specific directory that contains the vendored code, not the manifest itself.

Vendoring keeps a copy of dependencies in a dedicated vendor directory within the project. The actual library code sits in that vendor folder, so builds can be reproduced without pulling from external sources every time. The manifest (like a dependency file that lists what’s required and the version constraints) simply specifies what needs to be included, but the code itself is stored in the separate vendor directory. This separation is what makes builds more predictable and offline-friendly.

Other approaches exist, such as using a submodule or placing dependencies directly in the root, but those are different strategies. The standard pattern described here emphasizes a specific directory that contains the vendored code, not the manifest itself.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy