You manage code by using GitHub.
You plan to use Dependabot to scan for code dependencies.
You need to identify when scanning will be triggered automatically.
Which two actions will trigger a scan? Each correct answer presents a complete solution.
NOTE: Each correct solution is worth one point
You have a public GitHub repository named Public1.
A commit is made to Public1. The commit contains a pattern that matches a regular expression.
Who is notified first when the commit is made?
You have an Azure subscription that contains an Azure Pipelines pipeline named Pipeline1 and an app named App1. Pipeline1 is used to automate the building of App1.
You have a Slack channel named App1chat that includes an incoming webhook.
You need to ensure that when a successful build of App1 is created, a notification is sent to App1chat by using the webhook.
What should you use?
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You have an Azure pipeline that is used to deploy a web app. The pipeline includes a test suite named TestSuite1. TestSuite1 is used to validate the operations of the web app.
TestSuite1 fails intermittently.
You identify that the failures are unrelated to changes in the source code and execution environment.
You need to minimize troubleshooting effort for the TestSuite1 failures.
Solution: You increase code coverage.
Does this meet the goal?
Your company is building a new solution in Java.
The company currently uses a SonarQube server to analyze the code of .NET solutions.
You need to analyze and monitor the code quality of the Java solution.
Which task types should you add to the build pipeline?
SonarQube is a set of static analyzers that can be used to identify areas of improvement in your code. It allows you to analyze the technical debt in your project and keep track of it in the future. With Maven and Gradle build tasks, you can run SonarQube analysis with minimal setup in a new or existing Azure DevOps Services build task.
https://docs.microsoft.com/en-us/azure/devops/java/sonarqube?view=azure-devops
