A. codeql-scan.yml
B. codeql-config.yml
C. codeql-workflow.yml
D. codeql-analysis.yml
A. Dependabot alert
B. Dependency review
C. The repository's Security tab
D. Dependency graph
A. It contacts maintainers to ask them to create security advisories if a vulnerability is found
B. It analyzes a GitHub repository to find security vulnerabilities
C. It scans your entire Git history on branches present in your GitHub repository for any secrets
D. It prevents code pushes with vulnerabilities as a pre-receive hook
A. When you use data-flow analysis to find potential security issues in code
B. After you triage the pull request containing the alert
C. After you find the code and click the alert within the pull request
D. After you fix the code by committing within the pull request
A. Insights
B. Settings
C. Secrets
D. Security
A. Common Weakness Enumeration (CWE)
B. Exploit Prediction Scoring System (EPSS)
C. Common Vulnerabilities and Exposures (CVE)
D. Vulnerability Exploitability exchange (VEX)
A. Users who have Read permissions within the repository
B. Users who have the Triage role within the repository
C. Users who have Write access to the repository
D. Users who have the security manager role within the repository
A. Custom
B. Participating and @mentions
C. All Activity
D. Ignore
