Where is codeql-suppressions.yml typically stored?

Prepare for the GitHub Advanced Security Certification Test. Practice with multiple choice questions, detailed explanations, and hints. Achieve success on your first attempt!

Multiple Choice

Where is codeql-suppressions.yml typically stored?

Explanation:
Codeql-suppressions.yml is a suppression configuration file that GitHub Code Scanning reads to silence specific findings. It belongs in the repository’s GitHub automation area, typically under .github/code-scanning/. This placement matches how Code Scanning expects to find its configuration and ensures the suppression rules are applied when scans run on GitHub Actions. Placing it elsewhere, like in the docs/ directory or at the repository root, generally won’t be automatically recognized by the scanner, so the suppressions wouldn’t take effect unless you explicitly point the scanner to a different path.

Codeql-suppressions.yml is a suppression configuration file that GitHub Code Scanning reads to silence specific findings. It belongs in the repository’s GitHub automation area, typically under .github/code-scanning/. This placement matches how Code Scanning expects to find its configuration and ensures the suppression rules are applied when scans run on GitHub Actions. Placing it elsewhere, like in the docs/ directory or at the repository root, generally won’t be automatically recognized by the scanner, so the suppressions wouldn’t take effect unless you explicitly point the scanner to a different path.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy