You use Git for source control.
You enable GitHub code scanning.
You raise a pull request from a non-default branch. In the code scanning output, you receive the following error message: “Analysis not found.”
You need to ensure that the code scanning completes successfully for the pull request.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.
To ensure that the code scanning completes successfully for the pull request, you need to add the name of the non-default branch to the on:push specification in the code scanning workflow. This will enable the code scanning to recognize and analyze the changes in that branch. Additionally, updating the code in the pull request will trigger the code scanning workflow once the non-default branch has been added to the on:push specification, ensuring that the analysis occurs.
From https://docs.github.com/en/<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="c3a6adb7a6b1b3b1aab0a6eeb0a6b1b5a6b183f0edf7">[email protected]</a>/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository There are other situations where there may be no analysis for the latest commit to the base branch for a pull request. These include: The pull request has been raised against a branch other than the default branch, and this branch hasn't been analyzed. The solution in this situation is to add the name of the base branch to the on:push [THIS IS ANSWER B] and on:pull_request specification in the code scanning workflow on that branch and then make a change that updates the open pull request that you want to scan [THIS IS ANSWER D].
I think this answer is more convincing.
Given answer is correct...https://docs.github.com/en/<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="5f3a312b3a2d2f2d362c3a722c3a2d293a2d1f6c716b">[email protected]</a>/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository
The solution in this situation is to add the name of the base branch to the on:push and on:pull_request specification in the code scanning workflow on that branch and then make a change that updates the open pull request that you want to scan.
BD is the answer. https://docs.github.com/en/<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="8beee5ffeef9fbf9e2f8eea6f8eef9fdeef9cbb8a5bf">[email protected]</a>/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository?learn=code_security_actions&learnProduct=code-security#reasons-for-the-analysis-not-found-message The solution in this situation is to add the name of the base branch to the on:push and on:pull_request specification in the code scanning workflow on that branch and then make a change that updates the open pull request that you want to scan.
Its a non default branche so that name must be added
But the pull request push will be to the default branch.
Agree with BD
https://docs.github.com/en/<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="d7b2b9a3b2a5a7a5bea4b2faa4b2a5a1b2a597e4f9e3">[email protected]</a>/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository#reasons-for-the-analysis-not-found-message with example and wording of the "default branch"
So, the trick here seems to be making a small change (any change, really) to the already updated and pushed branch after the on:push branch re-configuration has been made, so that the on:push event will trigger once again, although, this time, with the correct branch setup hence starting the code scan.
The solution in this situation is to add the name of the base branch to the on:push and on:pull_request specification in the code scanning workflow on that branch and then make a change that updates the open pull request that you want to scan. https://docs.github.com/en/<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="781d160c1d0a080a110b1d550b1d0a0e1d0a384b564c">[email protected]</a>/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository 100% BD is the correct answer
The solution in this situation is to add the name of the base branch to the on:push and on:pull_request specification in the code scanning workflow on that branch and then make a change that updates the open pull request that you want to scan. https://docs.github.com/en/<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="66030812031416140f15034b15031410031426554852">[email protected]</a>/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository 100% BD is the correct answer
after read the https://docs.github.com/en/<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="197c776d7c6b696b706a7c346a7c6b6f7c6b592a372d">[email protected]</a>/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository , i think given answer is correct. the base branch mentioned the in article is the branch you want to merge into. so A and D.
B & D This link will explain: https://docs.github.com/en/<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="eb8e859f8e999b9982988ec6988e999d8e99abd8c5df">[email protected]</a>/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository
I think it's bc
I think people here don't really understand what is the "base" branch in the documentation they quote. However, it is explained above in the docs: "base branch (the branch into which you want to merge the pull request)" "topic branch (the branch you used to create the pull request)" In the question, Microsoft states: "You raise a pull request from a non-default branch." -> This means that the non-default branch is named in the documentation "topic branch" -> The default branch is called in the documentation the base branch. So when the documentation says: "The solution in this situation is to add the name of the base branch to the on:push and on:pull_request specification in the code scanning workflow on that branch and then make a change that updates the open pull request that you want to scan." They mean nothing else than: "add the name of the default branch to the on:push "
BD Given the scenario, the two actions that make the most sense are: B. Add the name of the non-default branch to the on:push specification in the code scanning workflow. D. Update the code in the pull request (only because this action might trigger the code scanning if the workflow is set up to run on pull requests).
B. Add the name of the non-default branch to the on:push specification in the code scanning workflow. name: Code Scanning on: push: branches: - feature-dev # we have to add non-default branch NON-DEFAULT branch -> pull request -> DEFAULT branch Add who is pushing the code to 'on: push: branches:' D. Update the code in the pull request. If there's an error in the code, the code scanning workflow wouldn't triggered and you'll get the error "Analysis not found"
https://docs.github.com/en/<a href="/cdn-cgi/l/email-protection" class="__cf_email__" data-cfemail="bedbd0cadbccceccd7cddb93cddbccc8dbccfe8d908a">[email protected]</a>/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/customizing-code-scanning#scanning-pull-requests
I think BC