Skip to content

Add org-default PR template#7

Merged
bryanbeverly merged 1 commit into
mainfrom
add-org-default-pr-template
Apr 23, 2026
Merged

Add org-default PR template#7
bryanbeverly merged 1 commit into
mainfrom
add-org-default-pr-template

Conversation

@bryanbeverly
Copy link
Copy Markdown
Contributor

@bryanbeverly bryanbeverly commented Apr 23, 2026
edited by cursor Bot
Loading

Summary

Adds .github/PULL_REQUEST_TEMPLATE.md so the org's PR template actually inherits into consumer repos.

Why this is needed. GitHub only honors org-default community health files (PR/issue templates) from a public .github repo, not from private/internal .github-* repos (docs). The template currently lives in trufflesecurity/.github-private, which means it has never propagated. Empirically, before this PR:

gh api graphql -f query='{ repository(owner:"trufflesecurity", name:"thog") { pullRequestTemplates { filename body } } }'
→ {"data":{"repository":{"pullRequestTemplates":[]}}}

After merge, every org repo without a local PULL_REQUEST_TEMPLATE.md will inherit this one, in both:

  • the GitHub web "New pull request" / "Compare & pull request" UI, and
  • gh pr create (since v2.5, via cli/cli#5097, which queries the GraphQL pullRequestTemplates field — that field returns inherited org-default templates).

Content. Verbatim copy of the template from trufflesecurity/.github-private/.github/PULL_REQUEST_TEMPLATE.md, with one tweak: the example path in Key files to focus on was genericized from api/pkg/services/jobs.go to path/to/file.go since this file is now publicly visible.

Review guidance

  • Urgent (needs same-day review): no
  • High complexity (non-obvious logic, careful review): no
  • Estimated review time: 5 min
  • Key files to focus on: .github/PULL_REQUEST_TEMPLATE.md
  • Areas you're unsure about: none

Testing

  • Verified trufflesecurity/.github is public (visibility: public) so org-default inheritance applies.
  • Confirmed via gh CLI source that gh pr create queries the GraphQL pullRequestTemplates field, which returns inherited org-default templates.
  • Confirmed via empirical GraphQL query that consumer repos currently expose no template (returns []), making this the actual fix.

After merge, will verify by:

  • creating a test PR via the web UI on a consumer repo (e.g. interservice-contracts) and confirming the template prefills, and
  • running gh api graphql -f query='{ repository(owner:"trufflesecurity", name:"thog") { pullRequestTemplates { filename body } } }' and confirming a non-empty result.

Deployment notes

Two followup PRs (separate, in trufflesecurity/.github-private):

  1. delete the orphan template from .github-private/.github/PULL_REQUEST_TEMPLATE.md (has never propagated; only causes confusion to read).
  2. update the .github-private README to point at this new home and explain the public-.github-only inheritance rule.

No rollback concerns — this is a single new file with no runtime side effects. If the template content needs revision, edit it here and the change propagates immediately to all consumer repos at next PR creation.

Note

Low Risk
Adds a GitHub PR template file only; no runtime code paths or production behavior are affected.

Overview
Adds .github/PULL_REQUEST_TEMPLATE.md to provide an org-default pull request template.

The template standardizes sections for Summary, review guidance, testing, and deployment notes, with brief instructions to keep PRs consistent and reviewable.

Reviewed by Cursor Bugbot for commit 8844a5f. Bugbot is set up for automated code reviews on this repo. Configure here.

@bryanbeverly
Add org-default PR template
8844a5f 
GitHub only honors org-default community health files (PR/issue templates)
from a public `.github` repo, not from private/internal `.github-*` repos:
https://docs.github.com/en/communities/setting-up-your-project-for-healthy-contributions/creating-a-default-community-health-file

Empirically: until this lands, `pullRequestTemplates` returns `[]` for every
trufflesecurity repo without a local template, so neither the GitHub web
"New pull request" UI nor `gh pr create` populates a template body.

Adding the template here makes it inherit into all org repos that lack a
local override (web UI for everyone; `gh pr create` since v2.5 via
cli/cli#5097, which queries the GraphQL `pullRequestTemplates` field).

Content matches what previously lived in `trufflesecurity/.github-private`
verbatim, with the example file path genericized from `api/pkg/services/jobs.go`
to `path/to/file.go` since this file is now publicly visible.

Followups (separate PR):
- delete the orphan template from `trufflesecurity/.github-private` (it has
  never propagated and only causes confusion)
- update the `.github-private` README to point at this new home and explain
  the public-`.github`-only inheritance rule

Made-with: Cursor
@bryanbeverly bryanbeverly requested review from a team April 23, 2026 19:38
@bryanbeverly bryanbeverly merged commit db237c4 into main Apr 23, 2026
3 checks passed
@bryanbeverly bryanbeverly deleted the add-org-default-pr-template branch April 23, 2026 21:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dustin-decker dustin-decker dustin-decker approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bryanbeverly @dustin-decker