changes to pr template to provide instructions for managing codeql an…

…d spell check errors
roslynwythe · Oct 9, 2023 · 6b899ce · 6b899ce
1 parent e34a4cc
commit 6b899ce
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
@@ -27,3 +27,24 @@ Fixes #replace_this_text_with_the_issue_number
 ![image](Paste_Your_Image_Link_Here_After_Attaching_Files)
 
 </details>
+Additional Action Items for PR authors:
+- [ ] Check to confirm that changed files have been spell checked using VSCode Spell Checker Extension or cspell npm package.
+- [ ] After creating a Pull Request, the developer/author must wait for the GitHub checks to complete, then check for annotations/warnings displayed in comments as well as in the GitHub check results.  If warnings are displayed, follow the instructions below:
+<details><summary>If CodeQL annotations/warnings are displayed:</summary>
+<li> Alerts of severity Medium and lower will not cause GitHub check failure, but they should be resolved prior to proceeding with pull request reviews.  </li>  
+<li> DO NOT DISMISS ALERTS.  Alerts should be dismissed only by merge team/dev leads following review of a recommendation  to dismiss. </li> 
+<li>In order to determine if/what code changes are required to resolve the alert, read and understand the alert message.  For more information, click "show more details" to view the alert page.  On that page you can click "Show more" to view additional recommendations, example and references.  In order to learn how similar alerts were managed in our repository, browse to [CodeQL alerts](https://github.com/hackforla/website/security/code-scanning) and search for the query (for example "Potentially unsafe external link").  If more help is required, post the question in #hfla-site and if an adequate response is not recieved, send a Slack message to a dev lead.  </li>
+<li> If you determine that the alert is a false positive, describe your reasoning below in the section "What changes did you make in response to linter recommendations?".  The alert will be dismissed by a member of the merge/dev lead team following the review of this issue.  </li>
+<li> If code changes are required to resolve the alert, the changes will be considered within the scope of the issue.  Make those changes and describe them below in the section "What changes did you make in response to linter recommendations?"</li>
+</details>
+<details><summary>If spell checker messages are displayed locally or in GitHub check results:</summary>
+<li>if there was a genuine misspelling, make the spelling correction and note that correction in the section "What changes did you make in response to code linter recommendations?" below.  </li>
+<li>if the "unknown word" should be considerd a "word" (ie "markdownify"), edit the file `cspell.json` and add the term to the "words" array, then note that change in the section "What changes did you make in response to code linter recommendations?" below.  </li>
+<li> if the "unknown word" should be ignored by the spell checker (such as the name of an individual) edit the file 'cspell.json` and add the term to the "ignoreWords" array, then note that change in the section "What changes did you make in response to code linter recommendations?" below.  </li>
+</details>
+
+### What changes did you make in response to linter recommendations?
+-
+-
+-
+