Migrate contributing pages.

Some guides were updated to fit current PyCharm UI and to keep up with
Seasonalbot -> Sir-Lancebot changes.

1 files changed, 37 insertions, 0 deletions

diff --git a/pydis_site/apps/content/resources/security-notice.md b/pydis_site/apps/content/resources/security-notice.md
new file mode 100644
index 00000000..15b88cb0
--- /dev/null
+++ b/pydis_site/apps/content/resources/security-notice.md
@@ -0,0 +1,37 @@
+---
+title: Security Notice
+description: How vulnerabilities in our projects should be reported.
+icon: fas fa-lock
+---
+
+This is the security notice for all Python Discord repositories.
+The notice explains how vulnerabilities should be reported.
+
+# Reporting a Vulnerability
+
+If you've found a vulnerability, we would like to know so we can fix it before it is released publicly.
+**Do not open a GitHub issue for a found vulnerability**.
+
+Send details to [[email protected]](mailto:[email protected]) or through a Discord direct message to an Admin of Python Discord, including:
+
+* the website, page or repository where the vulnerability can be observed
+* a brief description of the vulnerability
+* optionally the type of vulnerability and any related [OWASP category](https://www.owasp.org/index.php/Category:OWASP_Top_Ten_2017_Project)
+* non-destructive exploitation details
+
+We will do our best to reply as fast as possible.
+
+# Scope
+
+The following vulnerabilities **are not** in scope:
+
+* volumetric vulnerabilities, for example overwhelming a service with a high volume of requests
+* reports indicating that our services do not fully align with “best practice”, for example missing security headers
+
+If you aren't sure, you can still reach out via email or direct message.
+
+---
+
+This notice is inspired by the [GDS Security Notice](https://github.com/alphagov/.github/blob/master/SECURITY.md).
+
+*Version 2021-03*