Exam AZ-400 topic 5 question 23 discussion

From https://docs.github.com/en/[email protected]/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository There are other situations where there may be no analysis for the latest commit to the base branch for a pull request. These include: The pull request has been raised against a branch other than the default branch, and this branch hasn't been analyzed. The solution in this situation is to add the name of the base branch to the on:push [THIS IS ANSWER B] and on:pull_request specification in the code scanning workflow on that branch and then make a change that updates the open pull request that you want to scan [THIS IS ANSWER D].

Given answer is correct...https://docs.github.com/en/[email protected]/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository

BD is the right answer

I think people here don't really understand what is the "base" branch in the documentation they quote. However, it is explained above in the docs: "base branch (the branch into which you want to merge the pull request)" "topic branch (the branch you used to create the pull request)" In the question, Microsoft states: "You raise a pull request from a non-default branch." -> This means that the non-default branch is named in the documentation "topic branch" -> The default branch is called in the documentation the base branch. So when the documentation says: "The solution in this situation is to add the name of the base branch to the on:push and on:pull_request specification in the code scanning workflow on that branch and then make a change that updates the open pull request that you want to scan." They mean nothing else than: "add the name of the default branch to the on:push "

Agree with BD

The solution in this situation is to add the name of the base branch to the on:push and on:pull_request specification in the code scanning workflow on that branch and then make a change that updates the open pull request that you want to scan. https://docs.github.com/en/[email protected]/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository 100% BD is the correct answer

The solution in this situation is to add the name of the base branch to the on:push and on:pull_request specification in the code scanning workflow on that branch and then make a change that updates the open pull request that you want to scan. https://docs.github.com/en/[email protected]/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository 100% BD is the correct answer

BD Given the scenario, the two actions that make the most sense are: B. Add the name of the non-default branch to the on:push specification in the code scanning workflow. D. Update the code in the pull request (only because this action might trigger the code scanning if the workflow is set up to run on pull requests).

https://docs.github.com/en/[email protected]/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository#reasons-for-the-analysis-not-found-message with example and wording of the "default branch"

after read the https://docs.github.com/en/[email protected]/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository , i think given answer is correct. the base branch mentioned the in article is the branch you want to merge into. so A and D.

B. Add the name of the non-default branch to the on:push specification in the code scanning workflow. name: Code Scanning on: push: branches: - feature-dev # we have to add non-default branch NON-DEFAULT branch -> pull request -> DEFAULT branch Add who is pushing the code to 'on: push: branches:' D. Update the code in the pull request. If there's an error in the code, the code scanning workflow wouldn't triggered and you'll get the error "Analysis not found"

BD is the answer. https://docs.github.com/en/[email protected]/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository?learn=code_security_actions&learnProduct=code-security#reasons-for-the-analysis-not-found-message The solution in this situation is to add the name of the base branch to the on:push and on:pull_request specification in the code scanning workflow on that branch and then make a change that updates the open pull request that you want to scan.

So, the trick here seems to be making a small change (any change, really) to the already updated and pushed branch after the on:push branch re-configuration has been made, so that the on:push event will trigger once again, although, this time, with the correct branch setup hence starting the code scan.

B & D This link will explain: https://docs.github.com/en/[email protected]/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository

https://docs.github.com/en/[email protected]/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/customizing-code-scanning#scanning-pull-requests

I think it's bc

Its a non default branche so that name must be added