Resources · PR template gallery

GitHub pull request templates worth copying

GitLoom is a Slack-first pull request notification tool that watches your GitHub repos and sends one quiet daily digest of stuck PRs; this gallery is the template library we wish every repo we watch had.

Sixteen copyable pull request templates, organized by change type and team, each with a note on when it earns its place. Copy one, save it as .github/pull_request_template.md, and every new PR starts with the right questions.

Before you copy

Where the template file actually goes

GitHub reads pull request templates from a few well-known paths. Commit the file to your default branch and it applies to every PR opened from then on.

One template for everything

Create .github/pull_request_template.md on your default branch. GitHub pre-fills the description of every new pull request with it. The repo root and docs/ also work, but .github/ keeps things tidy.

Multiple templates per repo

Add a .github/PULL_REQUEST_TEMPLATE/ folder with one .md file per template. There is no picker in the UI: you choose one by appending ?template=bugfix.md to the new-PR URL, usually via links in your contributing docs.

One default for the whole org

Put templates in a repository named .github at the organization level. Every repo without its own template inherits them, so new projects start covered instead of starting blank.

Repo layout
your-repo/
└── .github/
    ├── pull_request_template.md      # the default for every new PR
    └── PULL_REQUEST_TEMPLATE/
        ├── feature.md                # open with ?template=feature.md
        ├── bugfix.md
        └── hotfix.md
Section 01

Everyday templates for most PRs

The templates most teams should start with. Pick one, commit it as .github/pull_request_template.md, and adjust after a few weeks of real use.

General purpose

.github/PULL_REQUEST_TEMPLATE/pull_request_template.md

The safe default for any team that has none. It asks for the three things every reviewer needs (what, why, how it was tested) without dictating how the work is done. Start here and specialize later.

## What does this PR do?

<!-- One or two sentences. Link the issue if there is one. -->

Closes #

## Why is it needed?

<!-- The context a reviewer needs to judge the approach, not just the diff. -->

## How was it tested?

- [ ] Unit tests added or updated
- [ ] Tested manually (describe below)

## Anything reviewers should focus on?

<!-- Risky files, tricky logic, decisions you want a second opinion on. -->

## Screenshots (if the UI changed)

Minimal, for small teams

.github/PULL_REQUEST_TEMPLATE/minimal.md

For teams of two to five where everyone already has context and a long form would get deleted anyway. Three prompts, nothing to skip. If your team ignores bigger templates, shrink to this rather than giving up.

## What and why

<!-- Two sentences max. Assume the reviewer knows the codebase. -->

## Test plan

<!-- How you verified it works. "Ran it locally against X" is fine if true. -->

## Notes for the reviewer

<!-- Optional: tricky parts, open questions. Delete this section if empty. -->

New feature

.github/PULL_REQUEST_TEMPLATE/feature.md

For changes that add user-facing behavior. It pushes the author to record decisions and trade-offs while they are still fresh, and gives the reviewer a way to try the feature instead of only reading it.

## Feature

<!-- What can users do now that they could not do before? -->

Closes #

## Implementation notes

<!-- Key decisions and trade-offs. What else did you consider, and why not? -->

## How to try it

1.
2.
3.

## Checklist

- [ ] Tests cover the happy path and at least one failure case
- [ ] Docs or changelog updated if user-facing
- [ ] Feature flag or rollout plan noted (if applicable)
- [ ] Breaking changes called out explicitly (or there are none)

Bug fix

.github/PULL_REQUEST_TEMPLATE/bugfix.md

For fixes to reported or discovered defects. The root cause section is the whole point: a fix without a stated cause invites the same bug back. The regression-test checkbox keeps it out for good.

## The bug

<!-- What was broken, who hit it, how bad it was. Link the issue or report. -->

Fixes #

## Root cause

<!-- Why it happened. This is the most useful part of the whole description. -->

## The fix

<!-- What changed, and why this approach over alternatives. -->

## How do we know it is fixed?

- [ ] Regression test added that fails without this change
- [ ] Verified manually against the original reproduction steps

## Risk

<!-- What could this break? What should we watch after merge? -->
Section 02

High-stakes changes that deserve ceremony

Hotfixes, security patches, migrations, and API changes fail differently: fast, in production, or weeks later. These templates front-load the questions that hurt to answer afterwards.

Hotfix

.github/PULL_REQUEST_TEMPLATE/hotfix.md

For urgent production fixes reviewed under time pressure. It keeps the diff minimal, forces a rollback plan, and explicitly parks the proper fix in a follow-up so the emergency patch does not quietly become permanent.

## Incident

<!-- What is on fire and who is affected. Link the incident channel or ticket. -->

## Minimal fix

<!-- What this PR does. Keep the diff as small as possible. -->

## What this deliberately does NOT fix

<!-- The proper fix goes in a follow-up. Link it here. -->

Follow-up issue: #

## Verification

- [ ] Reproduced the failure before the fix
- [ ] Verified the fix on staging or a production canary
- [ ] Rollback plan: revert this PR (or describe below)

<!-- One approval, merge, monitor. Post-mortem comes later. -->

Security fix

.github/PULL_REQUEST_TEMPLATE/security.md

For patches to vulnerabilities. It reminds authors that PR descriptions are often more visible than they think, and covers the follow-through that actually closes an incident: rotating credentials, checking for the same pattern elsewhere, deciding on disclosure.

<!-- If this fixes an actively exploitable issue, keep specifics out of the
     PR. Discuss details in a private channel and keep this description
     vague until the fix is deployed everywhere. -->

## Summary

<!-- The class of issue this addresses, without a working exploit recipe. -->

## Affected surface

<!-- Which endpoints, inputs, or roles were affected. Since when, if known. -->

## The fix

## Verification

- [ ] Exploit attempt fails after the fix (verified privately)
- [ ] Regression test added (without embedding the exploit, if sensitive)
- [ ] Searched the codebase for the same pattern elsewhere

## After merge

- [ ] Rotate any credentials or tokens that may have been exposed
- [ ] Decide whether users or customers need to be notified

Data / schema migration

.github/PULL_REQUEST_TEMPLATE/migration.md

For anything that alters production data or schemas. Code can be reverted; a botched migration cannot. This template is really a runbook: duration, locks, ordering, and a rollback that has been tested rather than merely written down.

## What this migration does

<!-- Tables or collections touched, and how. -->

## Runbook

- Reversible: yes / no. If yes, how:
- Estimated duration on production-sized data:
- Locks or downtime expected:
- Order of operations (deploy first or migrate first, and why):

## Safety

- [ ] Tested against a production-sized dataset (or a realistic copy)
- [ ] Old and new code can run side by side during rollout
- [ ] Backfill is idempotent (safe to re-run if interrupted)
- [ ] Rollback tested, not just written down

## Data checks

<!-- Queries you will run before and after to confirm nothing was lost. -->

API change

.github/PULL_REQUEST_TEMPLATE/api-change.md

For changes to endpoints, payloads, or error contracts that other code depends on. The key question is "who calls this today?", because the author rarely controls every consumer. It keeps specs, docs, and versioning honest.

## What changed in the API

<!-- Endpoints, request/response shapes, error codes. -->

## Compatibility

- [ ] Backward compatible (additive only)
- [ ] Breaking change: migration path documented below

Who calls this today? <!-- Internal services, mobile clients, public consumers. -->

## Contract

- [ ] OpenAPI spec / schema updated
- [ ] API docs updated
- [ ] Versioning handled (new version, deprecation notice, or sunset date)

## Testing

- [ ] Contract or integration tests updated
- [ ] Verified against at least one real consumer
Section 03

Maintenance and releases the unglamorous PRs

Docs, dependency bumps, refactors, and release PRs get rubber-stamped precisely because they look routine. A short template keeps the review honest without slowing it down.

Documentation

.github/PULL_REQUEST_TEMPLATE/docs.md

For docs-only changes. It swaps code-review questions for the ones that matter here: did you render the preview, did the code samples actually run, are the screenshots current. Docs reviewed like code stay trustworthy.

## What changed

<!-- Pages or sections touched, and why. -->

## Type of change

- [ ] Fixing wrong or outdated information
- [ ] New documentation
- [ ] Restructuring or navigation changes
- [ ] Typos and wording

## Checklist

- [ ] Preview rendered locally (links, images, and code blocks work)
- [ ] Code samples were actually run, not just written
- [ ] Screenshots updated if the UI they show has changed

Dependency bump

.github/PULL_REQUEST_TEMPLATE/dependency.md

For version bumps, whether opened by a human or by Dependabot and edited before review. "Why now" separates security updates from routine churn, and the lockfile check catches the surprise transitive updates that ride along.

## Dependency

Package:
From version:
To version:

## Why now?

- [ ] Security advisory (link):
- [ ] Bug fix we need
- [ ] Routine maintenance
- [ ] Unblocks another upgrade

## Breaking changes

<!-- Summarize from the changelog and link the release notes.
     "None per the changelog" is a valid answer; "did not check" is not. -->

## Verification

- [ ] CI green
- [ ] App boots and core flows work locally
- [ ] Lockfile diff reviewed: only expected packages changed

Refactor

.github/PULL_REQUEST_TEMPLATE/refactor.md

For restructuring with no intended behavior change. Saying "none intended" out loud turns every spotted behavior change into a caught bug instead of a surprise. The review-order hint makes large diffs reviewable.

## What is being refactored, and why

<!-- The pain this removes: duplication, coupling, a pattern being retired. -->

## Behavior change

None intended. If a reviewer spots one, that is a bug in this PR.

## How to review this

<!-- Suggest an order or a lens, e.g. "start with the new module,
     then check the call sites". Large diffs need a map. -->

## Safety net

- [ ] Existing tests pass unchanged (any test edits are mechanical only)
- [ ] No public API changes
- [ ] Mechanical changes (renames, moves) live in their own commits

Release

.github/PULL_REQUEST_TEMPLATE/release.md

For release branches or deploy PRs that gather many changes into one shippable unit. The reviewer is approving a deployment, not code, so the template centers on what ships, who needs to know, and how to get back.

## Release

Version:
Target environment:

## What is shipping

<!-- Bullet the user-facing changes and link the PRs. -->

-
-

## Pre-merge checklist

- [ ] Changelog or release notes drafted
- [ ] Migrations reviewed and reversible
- [ ] Feature flags set to their launch state
- [ ] On-call and support informed

## Rollback plan

<!-- How we get back to the previous version, and how long that takes. -->
Section 04

By team and context because defaults leak

Open source, client work, frontend, and mobile each have review questions a generic template never asks. These four bake them in.

Open source contribution

.github/PULL_REQUEST_TEMPLATE/pull_request_template.md

For public repos receiving PRs from strangers. Contributors do not know your norms, so the template teaches them: read the guide, discuss big changes first, update docs. The maintainer section invites the questions people are shy to ask.

## What does this PR do?

Closes #

## Motivation

<!-- Why this change matters to users of the project. -->

## Checklist

- [ ] I read the CONTRIBUTING guide
- [ ] For non-trivial changes, I opened an issue to discuss this first
- [ ] Tests added or updated
- [ ] Docs updated (README, docs site, or inline comments)
- [ ] Commit messages follow the project convention

## For maintainers

<!-- Anything you were unsure about, or where you would like
     specific feedback. Questions welcome. -->

Agency / client work

.github/PULL_REQUEST_TEMPLATE/client-work.md

For agencies and consultancies shipping into client repos. Every change needs to trace back to a ticket and a scope agreement, and the "in client terms" summary writes your status update for you. Deploy notes protect whoever ships it weeks later.

## Ticket

Client ticket / request:
Billing reference (if tracked per task):

## What changed, in client terms

<!-- One or two sentences you could paste into the client update. No jargon. -->

## Scope check

- [ ] This stays within the agreed scope of the ticket
- [ ] Out-of-scope work spotted along the way was logged separately, not included

## QA

- [ ] Tested on staging (link):
- [ ] Matches the approved design or spec
- [ ] Works on the browsers and devices the client actually uses

## Deploy notes

<!-- Anything the person deploying this (possibly weeks from now) must know:
     env vars, config, manual steps, timing constraints. -->

Design / frontend

.github/PULL_REQUEST_TEMPLATE/frontend.md

For visual and UI changes, where the diff shows almost nothing and the screenshots show everything. Before/after images plus a design reference settle most debates before they start, and the checklist covers what code review alone cannot see.

## What changed visually

<!-- One sentence. Then let the screenshots do the talking. -->

## Before / after

| Before | After |
| ------ | ----- |
|        |       |

## Design reference

<!-- Figma link, or who approved deviating from it. -->

## Checks

- [ ] Responsive: mobile, tablet, desktop
- [ ] Keyboard navigation and visible focus states work
- [ ] Color contrast meets WCAG AA
- [ ] Dark mode (if the product supports it)
- [ ] Empty, loading, and error states covered

Mobile

.github/PULL_REQUEST_TEMPLATE/mobile.md

For iOS and Android changes, where "merged" and "shipped" can be weeks apart. It asks about real devices, release-train safety, backend dependencies, and the store-review risks that can hold a whole release hostage.

## What changed

Closes #

## Platforms

- [ ] iOS
- [ ] Android

## Tested on

<!-- Real devices and OS versions, not just the simulator. -->

## Release awareness

- [ ] Safe for the next release train (no server-side dependency)
- [ ] Depends on an API change (link the backend PR):
- [ ] Behind a remote config or feature flag
- [ ] Store review risk considered (permissions, background modes, payments)

## Screenshots / screen recording
The part a template cannot fix

A great template does not get your PR reviewed

A template fixes the first minute of a pull request’s life: the author explains the change, the reviewer gets context. It does nothing for the days after, when the perfectly described PR sits in a queue nobody is looking at.

That is a visibility problem, not a writing problem. The official GitHub Slack app attacks it by announcing every push, comment, and status check, and the channel gets muted within a week. After that, even the best descriptions sit unread.

GitLoom takes the opposite approach. It stays silent until something is actually stuck, then posts one plain-English digest to Slack on weekday mornings. One quiet digest, not forty notifications.

eng·GitLoom digestweekdays 09:00
GitLoom
GitLoomApp9:04 AM

Good morning. 4 pull requests need a nudge across 3 repos:

Waiting on first review: api#482 Add rate limiting to webhook delivery (Priya)

Opened Monday, still no first review. Marcus touched this code last.

Approved, not merged: billing#517 Migrate billing webhooks to v2 (Jonas)

Sara approved it two days ago. One click from shipping.

Merge conflict: web#495 Refactor session storage (Ale)

Conflicts with main since yesterday’s auth merge. Needs a rebase.

Failing CI: api#490 Upgrade the payments SDK (Marcus)

CI has been red since yesterday: two unit tests. Green checks are all that stand between this and merge.

Everything else is moving normally. Nothing else needs you today.

21
Reply to GitLoom in thread

One quiet digest, not forty notifications.

Waiting on a first review

The well-described PR that nobody has opened since Tuesday gets a line in the morning digest, with who can unblock it.

Approved but never merged

The review is done and the template did its job, but the merge button was never clicked. GitLoom notices the gap.

Stuck in a merge conflict

Main moved on and the branch quietly rotted. One line in the digest before the rebase gets any bigger.

Small and forgotten

The twelve-line fix with the tidy description that fell through the cracks. It gets called out as the two-minute review it is.

Red on failing CI

The PR whose checks broke after the last push and nobody circled back. The morning digest flags it before it blocks anything else.

Two-minute setup

Templates take five minutes. GitLoom takes two.

No YAML, no webhooks, no bot commands to memorize. Three steps and the first digest is on its way.

Step 01

Install the GitHub App

Grant the repos you want watched. They are tracked automatically, and your code never leaves GitHub.

Step 02

Connect Slack

Authorize GitLoom in your workspace. It only posts to the channels you pick; it never reads channel history.

Step 03

Pick a channel

Turn on the Stuck PRs report and choose where it posts. From the next weekday morning, stuck PRs surface themselves.

Common questions

Pull request templates, answered

Where the file goes, how multiple templates work, and what a template can and cannot fix.

The template is the easy half.

Copy a template today. Tomorrow at 9:00 AM, GitLoom tells you which of those well-described PRs are still waiting.

Start your 14-day free trial

Two minutes to install · 14 days free · Quiet by default