Skip to content

Latest commit

 

History

History
31 lines (21 loc) · 2.24 KB

File metadata and controls

31 lines (21 loc) · 2.24 KB

🎤 Interview Q&A - Lab 25: Dependency Policy and Safe Upgrades

1. What was the main objective of Dependency Policy and Safe Upgrades?

The main objective was to complete the lab workflow end to end and validate the core concepts, tooling, and verification steps in a realistic Ubuntu 24.04 cloud environment.

2. What practical skills were developed in this lab?

This lab developed hands-on skills such as define and implement dependency upgrade policies, test dependency changes safely before production deployment, identify and mitigate dependency-related risks, automate dependency security scanning.

3. How was the lab structured?

The workflow was broken into staged tasks that covered setup, implementation, validation, and post-task verification. Key phases included Define Upgrade Policies; Test Dependency Changes.

4. Why were dependencies pinned in the Python project?

Pinned versions reduced drift and made it easier to detect unexpected changes during controlled upgrade testing.

5. What was the value of using both Safety and pip-audit?

Using both tools improved visibility into dependency risk and supported policy-driven security review before upgrades.

6. Why did the requests upgrade test fail?

The upgrade changed the installed version while the pinned requirement still expected the previous version, so the version policy test correctly failed and triggered rollback logic.

7. Why compare Python and Node.js dependency risk in one lab?

The comparison highlighted that different ecosystems surface upgrade and security risk differently, which helps build broader package-management awareness.

8. What did the upgrade workflow automate?

It automated outdated-package inspection, policy classification, branch creation, testing, and report generation for safer upgrades.

9. What was one important validation step in Dependency Policy and Safe Upgrades?

An important validation step was confirming that the implementation behaved as expected after setup, testing, and verification checks were completed.

10. What was one important validation step in Dependency Policy and Safe Upgrades?

An important validation step was confirming that the implementation behaved as expected after setup, testing, and verification checks were completed.