Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Do not review PR] Update PR template with CodeQL instructions #7546

Closed

Conversation

santisecco
Copy link
Member

@santisecco santisecco commented Sep 30, 2024

Fixes #5196

What changes did you make?

  • Modified PR template pull_request_template.md adding CodeQL instructions section. Please refer to the links below.

Why did you make the changes (we will use this info to test)?

  • We need developers to check the PR for annotations resulting from CodeQL scanning. This will ensure better Security and Code Quality.

Screenshots of Proposed Changes To The Website (if any, please do not include screenshots of code changes)

No visual changes to the website itself.
Even though, the following links are there to preview the changes to the Pull Request template.

Copy link

Want to review this pull request? Take a look at this documentation for a step by step guide!


From your project repository, check out a new branch and test the changes.

git checkout -b santisecco-update-pr-template-codeql-5196 gh-pages
git pull https://github.com/santisecco/website.git update-pr-template-codeql-5196

@github-actions github-actions bot added role: front end Tasks for front end developers role: back end/devOps Tasks for back-end developers Complexity: Small Take this type of issues after the successful merge of your second good first issue size: 0.5pt Can be done in 3 hours or less Feature: Code Alerts labels Sep 30, 2024
@santisecco santisecco marked this pull request as ready for review September 30, 2024 19:56
@codyyjxn codyyjxn self-requested a review October 1, 2024 00:35
Copy link
Member

@codyyjxn codyyjxn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey @santisecco good job on taking on this issue.

Things that went well:

  • The branch name is correct
  • The issue is linked
  • The changes are correct on the correct template.md

Things that need to be changed:

  • Could we move the issue from the "Prioritized Backlog" to the "In Progress" tab, as it's now being addressed?
  • It would be helpful to update the title to something more descriptive, such as "Updated".
  • Additionally, please add a "Screenshots" section, noting that there are no visual changes for this update.
  • The sections What changes did you make? Why did you make the changes (we will use this info to test)? can be a little more descriptive.

@santisecco santisecco requested a review from codyyjxn October 1, 2024 13:58
@santisecco
Copy link
Member Author

santisecco commented Oct 1, 2024

Hi @codyyjxn thanks for the feedback.
You are right, I moved the issue from "Prioritized Backlog" to the "In Progress" tab, my bad there.
I think that "Update" is ok if the other option is changing it to "Updated".

The What and Why sections I believe are ok, because the idea was just to add that section to the PR template. But I somehow changed them.

I added the "Screenshot" section, with the PR template and its changes, even though the website code was not modified.
Perhaps seeing the changes visually and the code there it's easier to understand what was made.

But before reviewing let me ask something to the team leads, because honestly I believe this new PR template will be confusing to new developers and it will affect every single PR that is made.

@santisecco santisecco removed the request for review from codyyjxn October 1, 2024 14:20
@santisecco santisecco closed this Oct 1, 2024
@santisecco santisecco changed the title Update PR template with CodeQL instructions [Do not review PR] Update PR template with CodeQL instructions Oct 1, 2024
@santisecco santisecco reopened this Oct 13, 2024
@santisecco santisecco closed this Oct 13, 2024
@santisecco
Copy link
Member Author

santisecco commented Oct 15, 2024

Fixes #replace_this_text_with_the_issue_number

What changes did you make?

Why did you make the changes (we will use this info to test)?

CodeQL Alerts

After the PR has been submitted and the resulting GitHub actions/checks have been completed, developers should check the PR for CodeQL alert annotations.

If present on your PR, the CodeQL alert looks similar as shown

Screenshot 2024-10-15 153738

If your issue has a CodeQL alert and is complexity: medium or higher, please let us know that you have checked and resolved. Please do not dismiss alerts.

  • I have checked this PR for CodeQL alerts. If CodeQL alerts were found:
    • I have resolved CodeQL alerts
    • I believe this CodeQL alerts is a false positive (merge team will evaluate)
    • I am stuck (after reading instructions below)
Instructions

If CodeQL alert/annotations appear, refer to How to Resolve CodeQL alerts.

In general, CodeQL alerts should be resolved prior to PR reviews and merging

Screenshots of Proposed Changes To The Website (if any, please do not include screenshots of code changes)

Visuals before changes are applied

image

Visuals after changes are applied

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Complexity: Small Take this type of issues after the successful merge of your second good first issue Feature: Code Alerts role: back end/devOps Tasks for back-end developers role: front end Tasks for front end developers size: 0.5pt Can be done in 3 hours or less
Projects
Development

Successfully merging this pull request may close these issues.

Update PR template with instructions regarding CodeQL annotations
2 participants