A repository uses Copilot coding agent for dependency updates. Low-risk patch updates must move quickly when tests, code scanning, and required checks pass. Changes touching authentication, payment processing, or deployment workflows must still require human review. The current process requires two maintainer approvals for every Copilot-created draft pull request, including documentation-only and patch-version dependency updates. Which change best preserves velocity without removing meaningful risk controls? Select one answer.
Choose an answer
Tap an option to check your answer.
Correct answer: Use path and risk-based review requirements.
Why this is the answer
The best change is to use path and risk-based review requirements. This allows for faster merging of low-risk changes, such as documentation or patch-version dependency updates, by bypassing unnecessary human review when automated checks pass. Simultaneously, it maintains critical human oversight for high-risk areas like authentication or payment processing, ensuring these sensitive changes still receive the required scrutiny. Requiring approval for every Copilot-created commit would drastically slow down development and negate the benefits of automation. Disabling reviews for all passing pull requests would remove essential risk controls for sensitive code areas. Moving all approvals to workflowdispatch only would complicate the review process and potentially introduce delays, rather than streamlining it.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed