The CI/CD pipeline requires code to have close to zero defects and zero vulnerabilities. The current process for any code releases into production uses two-week
Agile sprints. Which of the following would BEST meet the requirement?
The CI/CD pipeline requires code to have close to zero defects and zero vulnerabilities. The current process for any code releases into production uses two-week
Agile sprints. Which of the following would BEST meet the requirement?
A static code analyzer would be the best tool to meet the requirement of having code with close to zero defects and zero vulnerabilities. Static code analysis helps in identifying bugs, vulnerabilities, and code quality issues early in the development process, often before the code is executed. This proactive measure aligns well with the CI/CD pipeline goal of ensuring high code quality and security before deployment.
i believe the answer to be B.. here is why Static Analysis in Agile/DevOps Self-service, automated code checking with static analysis tools can be wired directly into how engineers write code. Static analysis checking can be plugged into each developer's IDE to catch problems while they are coding.
I agree, thanks FORDUDE
I concur