Apply suggestions from code review

Co-authored-by: Felicity Chapman <felicitymay@github.com>

javascript/ql/src/Security/CWE-116/IncompleteHtmlAttributeSanitization.qhelp

@@ -41,7 +41,7 @@
 		<p>
 
 			An even safer alternative is to design the application
-			such that sanitization isn't needed at all, for instance by using HTML
+			so that sanitization is not needed, for instance by using HTML
 			templates that are explicit about the values they treat as HTML.
 
 		</p>

javascript/ql/src/Security/CWE-116/IncompleteSanitization.qhelp

@@ -34,8 +34,8 @@ likely to handle corner cases correctly than a custom implementation.
 
 <p>
 
-An even safer alternative is to design the application such that sanitization isn't
-needed at all, for instance by using prepared statements for SQL queries.
+An even safer alternative is to design the application so that sanitization is not
+needed, for instance by using prepared statements for SQL queries.
 
 </p>
 

javascript/ql/src/Security/CWE-116/UnsafeHtmlExpansion.qhelp

@@ -32,7 +32,7 @@
 		<p>
 
 			An even safer alternative is to design the application
-			such that sanitization isn't needed at all, for instance by using HTML
+			so that sanitization is not needed, for instance by using HTML
 			templates that are explicit about the values they treat as HTML.
 
 		</p>

javascript/ql/src/Security/CWE-843/TypeConfusionThroughParameterTampering.qhelp

@@ -38,8 +38,8 @@
 
 		<p>
 
-			An even safer alternative is to design the application such that sanitization isn't
-			needed at all, for instance by using prepared statements for SQL queries.
+			An even safer alternative is to design the application so that sanitization is not
+			needed, for instance by using prepared statements for SQL queries.
 
 		</p>