chore: avoid template injection zizmor issue

[henryiii]

Description

Followup to #991.

Changelog

• Added changelog fragment: docs/changelog/<pr_number>.<type>.rst
  • Types: feature, bugfix, doc, removal, misc
  • Example: 123.feature.rst containing Add custom backend support - by :user:yourname``

Checklist

• Tests pass locally (tox)
• Code follows project style (tox -e fix)
• Type checks pass (tox -e type)
• Documentation builds (tox -e docs)

[henryiii]

By the way, I'm not fond of the release note system using files and PR numbers, because you don't know the PR number till after you make the PR, and you have to repeat yourself in the description and the changelog, at least a little. And you don't have final say in how the end result is polished. In pybind11, I have a system that pulls from a special block in the PR description, and the final result is polished by hand (and edits happen in the PRs, meaning those get cleaned up too). The conventional commit title of the PR helps place the category, too.

[gaborbernat]

By the way, I'm not fond of the release note system using files and PR numbers, because you don't know the PR number till after you make the PR, and you have to repeat yourself in the description and the changelog, at least a little. A

Generally that happens rarely, often you should have the issue. And when you do have that you can always force push and update.

[henryiii]

We don't have an internal/ci category, so this doesn't need one, I assume?

[henryiii]

Formatting on the PR template is off, there's a double tick mark left over. Wow, that's hard to get rid of. I can do with with an extra space:

Example: 123.feature.rst containing Add custom backend support - by :user:`yourname`