Recently at the Bugcrowd Levelup 0x06 conference there was discussion about how people can help contribute to the projects of others. At some point the question came up on how to create a pull request to do this.
Look no further. This is your simple guide to make a PR with Git.
Note: I am expecting you have already installed Git on your system.
Step 1: Fork and clone the project you want to work on
Let’s try a real world example. Have you ever taken advantage of the training materials in Bugcrowd University? It offers a great set of content for new hunters to learn from, and they are always looking for help from the community to improve it. So let’s help them out!
You can look at their GitHub repo at https://github.com/bugcrowd/bugcrowd_university/
We’ll start by forking their repo and then checking it out to our local machine.
- Fork the repo to your own account by clicking the “fork” button. You have to do this as you probably do not have permissions to create branches in Bugcrowd’s repo.
- Once the fork is complete you will be taken to the repo in your account. Click the green “Clone or download” button and select the git checkout URL belonging to you.
- Copy the URL to your clipboard
- Move to your console window and type:
git clone https://github.com/<youraccount>/bugcrowd_university.git
- Change directory into the new downloaded directory. ie:
That’s it. You now have that project’s codebase locally. Let’s do something fun with it.
Step 2: Figure out what sort of work you want to help with
You might already know what work you want to do. If so, great. Happy hacking. If not, consider looking at the “Issues” section of the repo. If you are using git on a different source control system like Azure DevOps or Atlassian Bitbucket, they have similar “issue backlogs” you can look at. Find some work that interests you, and jump in.
Below is a screenshot of an issue that we will work on here. Seems none of the content for the LevelUp 0x03 event has been posted yet. We can fix that.
Step 3: Branch off from master and do some work!
Once you know what you are going to do, its time to get to work. The best way is to fork a branch from the main code base so you can non-destructively make some changes and then send those to the project owners for ‘peer review’.
Let’s do that. I will name my branch
AddLevelUp0x03 so its easy for me to remember what work I am doing.
git checkout -b AddLevelUp0x03
I’m going to update the readme page with links to the LevelUp 0x03 content on YouTube.
Once I am done making my changes I save the content, and then check my status of the repo.
OK. We can see the README was modified. Let’s add the README to this change set and commit the work into this branch.
git add README.md
git commit -m “Adding LevelUp 0x03 content”
Now that we have those changes committed locally, we want to push them back up into our own forked repo in GitHub.
git push origin AddLevelUp0x03
If you now head back to your GitHub account, you will see your new branch published.
Step 4: Create a pull request (PR) and return the work
OK, so your work is back in Github, but not yet in Bugcrowd’s repo. This is the time where you can submit your work for peer review back to the repo maintainers.
- Click the “Compare & pull request” green button
- Review the comment(s) and look at the changeset diffs. Make sure this is the work you want to submit and then click “Create pull request”
If everything goes well, you should see a message that there are no conflicts, and the PR has been submitted. You will be able to select the “Pull Requests” tab and track the code review status by the project maintainers. You submitted your first PR. Good job!
At this point you need to sit and wait. Be prepared to communicate with the maintainer(s) as they review your work. If everything goes well though, it will get approved and merged. If not, you may need to make some changes and update your submission. In either case, you are contributing back.
Community and crowd FTW!
P.S. Put this to good use. That repo still needs 0x04 and 0x05 added (at the time of this writing)… why not give it a try for practice and help the entire BugCrowd community out?