In a private repository, what minimum requirements does GitHub need to generate a dependencygraph? (Each answer presents part of the solution. Choose two.)
A.
Read-only access to all the repository's files
B.
Dependency graph enabled at the organization level for all new private repositories
C.
Write access to the dependency manifest and lock files for an enterprise
D.
Read-only access to the dependency manifest and lock files for a repository
To generate a dependency graph for a private repository, GitHub requires:
Dependency graph enabled: The repository must have the dependency graph feature enabled. This can be configured at the organization level to apply to all new private repositories.
Access to manifest and lock files: GitHub needs read-only access to the repository's dependency manifest and lock files (e.g., package.json, requirements.txt) to identify and map dependencies.
[References: GitHub Docs – About the dependency graph, ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit