The default software repository in /etc/sources.list is just the PureOS repo. While I think this certainly makes sense, I think we should add all of the Debian testing repos below it, commented out and with the appropriate caveats in comments.
It also makes sense to me to include the CLI commands required ("To add key: sudo...") as well as other popular repos for the privacy/security community (Signal Desktop, Wire, Tor Project, etc.)
As we look at wider deployment in larger organizations, this is a bridge we'll have to cross anyway. Better to have the pump primed for users who will need software available outside of the PureOS repo.