Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resolve CodeQL Alert #44 - Generated by GHA #71

Open
10 tasks
elliot-d-kim opened this issue May 6, 2024 · 1 comment
Open
10 tasks

Resolve CodeQL Alert #44 - Generated by GHA #71

elliot-d-kim opened this issue May 6, 2024 · 1 comment
Labels
Complexity: Missing Feature Missing ready for dev lead role missing size: missing

Comments

@elliot-d-kim
Copy link
Owner

Prerequisite

  1. Be a member of Hack for LA. (There are no fees to join.) If you have not joined yet, please follow the steps on our Getting Started page.
  2. Before you claim or start working on an issue, please make sure you have read our How to Contribute to Hack for LA Guide.

Overview

We need to resolve the new alert (44) and either recommend dismissal of the alert or update the code files to resolve the alert.

Action Items

  • The following action item serves to "link" this issue as the "tracking issue" for the CodeQL alert and to provide more details regarding the alert:
  • https://github.com/hackforla/website/security/code-scanning/44
  • In a comment in this issue, add your analysis and recommendations. The recommendation can be one of the following: dismiss as test, dismiss as false positive, dismiss as won't fix, or update code. An example of a false positive is a report of a JavaScript syntax error that is caused by markdown or liquid symbols such as --- or {%
  • If the recommendation is to dismiss the alert:
    • Apply the label ready for dev lead
    • Move the issue to Questions/In Review
  • If the recommendation is to update code:
    • Create an issue branch and proceed with the code update
    • Test using docker to ensure that there are no changes to any affected webpage(s)
    • Proceed with pull request in the usual manner

Resources/Instructions

This issue was automatically generated from the codeql.yml workflow
@github-actions GitHub Actions
Copy link

github-actions bot commented May 6, 2024

Hi @elliot-d-kim.

Please don't forget to add the proper labels to this issue. Currently, the labels for the following are missing:

  • Complexity, Role, Feature, Size

NOTE: Please ignore this comment if you do not have 'write' access to this directory.

To add a label, take a look at Github's documentation here.

Also, don't forget to remove the "missing labels" afterwards.
To remove a label, the process is similar to adding a label, but you select a currently added label to remove it.

After the proper labels are added, the merge team will review the issue and add a "Ready for Prioritization" label once it is ready for prioritization.

Additional Resources:

@github-project-automation github-project-automation bot moved this to New Issue Approval in Project Board Aug 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Complexity: Missing Feature Missing ready for dev lead role missing size: missing
Projects
Project Board
Status: New Issue Approval
Milestone
No milestone
Development

No branches or pull requests
1 participant
@elliot-d-kim