Which ecosystems are commonly covered by Dependency Review?

Prepare for the GitHub Advanced Security Certification Test. Practice with multiple choice questions, detailed explanations, and hints. Achieve success on your first attempt!

Multiple Choice

Which ecosystems are commonly covered by Dependency Review?

Explanation:
Dependency Review focuses on the package ecosystems that GitHub’s security tooling can analyze for changes in a pull request. The most commonly covered ones are npm, Maven, Gradle, Python, Ruby, and Go. This covers Node.js, Java/Android, Python, Ruby, and Go projects, which use manifests like package.json, pom.xml/build.gradle, requirements.txt, Gemfile, and go.mod. PHP isn’t part of this standard coverage, so it wouldn’t appear among the typical ecosystems. Kotlin and Scala aren’t listed as separate ecosystems here because their dependencies typically map to Maven/Gradle, and Swift has its own packaging approach (Swift Package Manager) that isn’t singled out in this set. So the option that lists npm, Maven, Gradle, Python, Ruby, and Go aligns with the commonly supported ecosystems.

Dependency Review focuses on the package ecosystems that GitHub’s security tooling can analyze for changes in a pull request. The most commonly covered ones are npm, Maven, Gradle, Python, Ruby, and Go. This covers Node.js, Java/Android, Python, Ruby, and Go projects, which use manifests like package.json, pom.xml/build.gradle, requirements.txt, Gemfile, and go.mod. PHP isn’t part of this standard coverage, so it wouldn’t appear among the typical ecosystems. Kotlin and Scala aren’t listed as separate ecosystems here because their dependencies typically map to Maven/Gradle, and Swift has its own packaging approach (Swift Package Manager) that isn’t singled out in this set. So the option that lists npm, Maven, Gradle, Python, Ruby, and Go aligns with the commonly supported ecosystems.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy