Create CONTRIBUTING.md

CONTRIBUTING.md

@@ -0,0 +1,60 @@
+---
+layout: default
+---
+
+# Contributing to fafnir-sec
+
+Thanks for checking out this project! We're excited to hear and learn from you. Your experiences will benefit others who read and use these guides.
+
+We've put together the following guidelines to help you figure out where you can best be helpful.
+
+## Table of Contents
+
+0. [Types of contributions we're looking for](#types-of-contributions-were-looking-for)
+0. [Ground rules & expectations](#ground-rules--expectations)
+0. [How to contribute](#how-to-contribute)
+0. [Setting up your environment](#setting-up-your-environment)
+0. [Community](#community)
+
+## Types of contributions we're looking for
+
+There are many ways you can directly contribute to the guides (in descending order of need):
+
+* Fix issues or bugs in the tool reviewed by the owner
+* Include new security tools and technologies supported
+* Include new features that improves the behaviour of the tool
+
+Interested in contributing to this fafnir-sec? Read on!
+
+## Ground rules & expectations
+
+Before we get started, here are a few things we expect from you (and that you should expect from others):
+
+* Be kind and thoughtful in your conversations around this project. Try to listen to others rather than convince them that your way is correct.
+* fafnir-sec are released with a [Contributor Code of Conduct](./CODE_OF_CONDUCT.md). By participating in this project, you agree to abide by its terms.
+* Please ensure that your contribution passes all security and quality tests if you open a pull request. If there are test failures, you will need to address them before we can merge your contribution.
+* When adding content, please consider if it is widely valuable. Please don't add references or links to things you or your employer have created, as others will do so if they appreciate it.
+
+## How to contribute
+
+If you'd like to contribute, start by searching through the [pull requests](https://github.com/syn-4ck/fafnir-sec/pulls) to see whether someone else has raised a similar idea or question.
+
+If you don't see your idea listed, and you think it fits into the goals of this guide, open a pull request.
+
+## Setting up your environment
+
+This tool is powered by python, so you need a Python environment with `pip`.
+
+Once you have that set up:
+
+0. Create a fork and clone it locally. You should create also a new branch with a descriptive name: feature/add-semgrep-configuration, fix/change-semgrep-command or tool/add-semgrep-sast-tool
+1. Create a new virtual environment.
+2. Install 
+
+## Community
+
+Discussions about fafnir-sec issues and features take place on this repository's [Issues](https://github.com/syn-4ck/fafnir-sec/issues) and [Pull Requests](https://github.com/syn-4ck/fafnir-sec/pulls) sections. Anybody is welcome to join these conversations.
+
+Wherever possible, do not take these conversations to private channels, including contacting the maintainers directly. Keeping communication public means everybody can benefit and learn from the conversation.
+
+Note that is a good practice to create first a issue and receive the feedback, before develop a contributing. **It is mandatory to link a issue in the Pull Request**.