Update PR template with CodeQL instructions

[santisecco]

Fixes #5196

What changes did you make?

• Modified PR template pull_request_template.md adding CodeQL instructions section. Please refer to the links below. Added more changes to the ones proposed in Update PR template with instructions regarding CodeQL annotations #5196 after conversation in dev meeting to add further clarity to the PR's instructions.

Why did you make the changes (we will use this info to test)?

• We need developers to check the PR for annotations/comments resulting from CodeQL scanning. This will ensure better Security and Code Quality and give the chance of fixing changes before they are merged.

Screenshots of Proposed Changes To The Website (if any, please do not include screenshots of code changes)

No visual changes to the website itself.
Even though, the following links are there to preview the changes to the Pull Request template.

• Previous PR template: https://github.com/hackforla/website/blob/gh-pages/.github/pull_request_template.md

• Updated PR template: https://github.com/santisecco/website/blob/update-pr-template-codeql-5196/.github/pull_request_template.md

[github-actions]

Want to review this pull request? Take a look at this documentation for a step by step guide!

---

From your project repository, check out a new branch and test the changes.

git checkout -b santisecco-update-pr-template-codeql-5196 gh-pages
git pull https://github.com/santisecco/website.git update-pr-template-codeql-5196

[pluto-bell]

Thank you for the descriptive PR, in which you indicated why there are additional changes made that are not found in the original issue. I also appreciate the before and after links to the template files.

Overall, great work on this PR.

[FamousHero]

Availability: 5-7pm, Mon-Fri
ETA: EOD Tues, Oct 21

[Thinking-Panda]

@santisecco Were these suggestions from you approved by any of the dev leads?
#5196 (comment)

[santisecco]

@santisecco Were these suggestions from you approved by any of the dev leads? #5196 (comment)

Yes

[k-cardon]

Availability: evenings / weekends
ETA: EOD Thursday

[codyyjxn]

@santisecco Great Job! Thank you for taking on this issue .

• The branch name is correct
• The issue is linked correctly
• The description is clear and concise.

Thank you for your contribution! Keep it up

[k-cardon]

Branch, PR description, and code all look correct; screenshots of before and after template are helpful, thanks! I am requesting changes because the syntax of the added text is confusing--I know that's language from the original issue, but I think it would be helpful to fix at this stage before merging. I'll mark inline the changes I'm requesting.

[k-cardon]

1/2 changes requested (clarify complexity)

[FamousHero]

LGTM
Things you did well:

• Description clear
• Issue # in PR and branch name
• Reasoning for going deviating from Actionable Items
• Providing before and after

Things to work on:

• N/A

Keep up the good work!

[santisecco]

Fixes #replace_this_text_with_the_issue_number

What changes did you make?

Why did you make the changes (we will use this info to test)?

CodeQL Alerts

After the PR has been submitted and the resulting GitHub actions/checks have been completed, developers should check the PR for CodeQL alert annotations.

Check the PR's comments. If present on your PR, the CodeQL alert looks similar as shown

Please let us know that you have checked for CodeQL alerts. Please do not dismiss alerts.

• I have checked this PR for CodeQL alerts and none were found.
• I found CodeQL alert(s), and (select one):
  • I have resolved the CodeQL alert(s) as noted
  • I believe the CodeQL alert(s) is a false positive (Merge Team will evaluate)
  • I have followed the Instructions below, but I am still stuck (Merge Team will evaluate)

Instructions for resolving CodeQL alerts

If CodeQL alert/annotations appear, refer to How to Resolve CodeQL alerts.

In general, CodeQL alerts should be resolved prior to PR reviews and merging

Screenshots of Proposed Changes To The Website (if any, please do not include screenshots of code changes)

Visuals before changes are applied

Visuals after changes are applied

[k-cardon]

This looks great @santisecco! Could you update the branch and I'll approve it?

[santisecco]

@FamousHero @pluto-bell @codyyjxn I requested again your reviews. I don't know if that could have been skipped had I changed the code differently.

Basically I added what @t-will-gillis and @k-cardon suggested and a new screenshot showing one alert instead of two which was asked by Bonnie in the meeting.

[t-will-gillis]

Hey @santisecco This looks great- thanks for asking the questions and working with everyone to improve this issue!

[k-cardon]

Looks great, very clear now, thanks!

[t-will-gillis]

@FamousHero @pluto-bell @codyyjxn FYI I will merge this since you previously Approved this PR