fix: frappe semgrep issues flagged by linters

[wreckage0907]

Description

• Added explicit type annotations to function parameters and return types in multiple API modules,
• Added # nosemgrep - trusted Email Template from DB comments to all email template rendering calls, clarifying that these templates are trusted and suppressing security scan warnings.

Relevant Technical Choices

Testing Instructions

Additional Information:

Screenshot/Screencast

Checklist

• I have carefully reviewed the code before submitting it for review.
• This code is adequately covered by unit tests to validate its functionality.
• I have conducted thorough testing to ensure it functions as intended.
• A member of the QA team has reviewed and tested this PR (To be checked by QA or code reviewer)

Fixes #

[Copilot]

Pull request overview

This PR addresses semgrep/linter findings across the Frappe backend by adding explicit type annotations to various whitelisted API/task functions and suppressing specific semgrep warnings on trusted email/template rendering call sites.

Changes:

• Added/updated function parameter type annotations in multiple API modules.
• Added # nosemgrep suppressions (with rationale) on frappe.render_template / render_template usages where the template source is considered trusted.
• Minor cleanup to avoid an unused variable (account → _account).

Reviewed changes

Copilot reviewed 16 out of 16 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
next_pms/www/next-pms/index.py	Adds semgrep suppression rationale for a dev-only guest-accessible method.
next_pms/timesheet/tasks/send_weekly_reminder.py	Suppresses semgrep warnings for rendering Email Template content from DB.
next_pms/timesheet/tasks/reminder_on_approval_request.py	Suppresses semgrep warnings for rendering Email Template content from DB with args.
next_pms/timesheet/tasks/daily_reminder_for_time_entry.py	Suppresses semgrep warnings for rendering Email Template content from DB with args.
next_pms/timesheet/doctype/pms_view_setting/pms_view_setting.py	Adds type annotations to view payload params for create/update whitelisted methods.
next_pms/timesheet/api/timesheet.py	Adds type annotations to timesheet API parameters.
next_pms/timesheet/api/team.py	Adds type annotations to team compact view params; suppresses template rendering semgrep warnings.
next_pms/timesheet/api/task.py	Adds type annotation for projects filter parameter.
next_pms/timesheet/api/project_status_update.py	Suppresses semgrep warnings for rendering trusted on-disk HTML templates.
next_pms/timesheet/api/project.py	Adds type annotations to project list API parameters.
next_pms/timesheet/api/employee.py	Adds type annotations to employee APIs (notably get_employee_from_user).
next_pms/resource_management/tasks/no_allocation_reminder.py	Suppresses semgrep warnings for rendering Email Template content from DB.
next_pms/resource_management/api/team.py	Adds type annotations to resource management team view API parameters.
next_pms/resource_management/api/project.py	Adds type annotations to resource management project view API parameters.
next_pms/project_currency/tasks/reminde_project_threshold.py	Suppresses semgrep warnings for rendering Email Template content from DB with args.
next_pms/api/init.py	Renames unused variable and adds type annotations to get_doc_with_meta.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.