merge develop (#24)

* create initial CHARTER.md

* modified contributing.md (#23)

'mirror' contributing page from wiki

Author: shsingh

CHARTER.md

@@ -0,0 +1,45 @@
+# OWASP Project MLSec Top 10 - Working Group Charter
+
+## Purpose
+
+The primary aim of of the OWASP Machine Learning Security Top 10 project
+is to deliver a standard awareness document for developers and application
+security practitioners. As such, a major goal of this project is to develop
+a high quality deliverable, reviewed by industry peers.
+
+## Target Audience
+
+The primary audience for the deliverables in this project are developers,
+machine learning engineering and operational practitioners, and
+application security experts. While each of these roles
+build, operate and secure machine learning systems, the content is not
+aimed to be exclusively at them. The content will aim to specify where
+appropriate the level of understanding required for specific technology
+domains.
+
+## Scope
+
+This project will provide an awareness document that lists the risks
+associated with machine learning systems. Due to the rapid adoption
+of machine learning systems, there are related projects within
+OWASP and other organisations, that may have narrower or broader
+scope than this project. As an example, while adversarial attacks
+is a category of threats, this project will also cover
+non-adversarial scenarios, such as security hygiene of
+machine learning operational and engineering workflows.
+
+## Governance
+
+The project will:
+
+- Adhere to the OWASP [Project Policy](https://owasp.org/www-policy/operational/projects.html)
+
+Project Leaders will:
+
+- Follow and adhere to all OWASP Foundation [policies and procedures](https://owasp.org/www-policy/)
+- Lead the project as per the [Project Leader Handbook](https://owasp.org/www-pdf-archive/PROJECT_LEADER-HANDBOOK_2014.pdf)
+-
+
+Project Contributors will:
+
+- Follow and adhere to the [code of conduct](/CODE_OF_CONDUCT.md)

CONTRIBUTING.md

@@ -1,11 +1,73 @@
-# Contributing
+# Contribution Guidelines
 
-We encourage anyone to contribute issues, feedback and so on via logging an issue.
+Thank you for your interest in contributing to the OWASP Machine Learning
+Security Top 10! We are thrilled that you are interested in improving the
+quality of our project. By following these guidelines, you can help us maintain
+a welcoming and collaborative community for everyone.
 
-## Forking
+## Code of Conduct
 
-You are more than welcome to fork the OWASP Machine Learning Security Top 10, but please abide by the Creative Commons BY-SA 4.0 license.
+Before you start contributing, please read and abide by our
+[Code of Conduct](https://github.com/OWASP/www-project-machine-learning-security-top-10/blob/master/CODE_OF_CONDUCT.md).
+We expect all contributors to treat each other with respect and create a
+positive and inclusive environment.
 
-## Pull requests
+## Ways to Contribute
 
-We welcome pull requests for fixes.
+There are several ways you can contribute to our project:
+
+### Participate in Discussions
+
+Our project uses several forms of communication to allow contributors to choose
+their preference:
+
+- [Google Group](https://groups.google.com/u/1/a/owasp.org/g/project-machine-learning-security-top-ten)
+- [Join the OWASP Slack group](https://owasp.org/slack/invite) and the
+  [#project-mlsec-top-10 channel](https://owasp.slack.com/archives/C04PESBUWRZ)
+- [Github Discussions](https://github.com/OWASP/www-project-machine-learning-security-top-10/discussions)
+
+Contributors are encouraged to introduce themselves, and ask questions in the
+discussion groups.
+
+### Reporting Document and Website Issues
+
+Issues with documentation and the project website can be reported using the
+[following form](https://github.com/OWASP/www-project-machine-learning-security-top-10/issues/new?assignees=shsingh&labels=issues/general,issues/triage&projects=&template=feedback-report.yaml&title=[FEEDBACK]:+)
+and choosing either "Documentation Issue Report" or "Website Issue Report" from
+the 'Type' dropdown category.
+
+### Suggestions for Enhancements
+
+If you have a idea or suggestion for an enhancement, feel free to use the
+[enhancement request form](https://github.com/OWASP/www-project-machine-learning-security-top-10/issues/new?assignees=shsingh&labels=issues/general,issues/triage&projects=&template=feedback-report.yaml&title=[FEEDBACK]:+)
+and choosing "Suggestion for Improvement" from the 'Type' dropdown category.
+
+## Github Information
+
+### Pull Requests
+
+We welcome code contributions! If you want to fix an issue or suggestion a new
+enhancement, we ask that you follow these steps:
+
+- Ensure you have configured Github
+  [with your signing key](https://docs.github.com/en/authentication/managing-commit-signature-verification/telling-git-about-your-signing-key)
+  and have verified you are
+  [signing your Git commits](https://docs.github.com/en/authentication/managing-commit-signature-verification/signing-commits)
+- Fork the repository to your GitHub account.
+  - You are more than welcome to fork the OWASP Machine Learning Security Top
+    10, but please abide by the Creative Commons BY-SA 4.0 license.
+- Create a new branch for your fix or enhancement off the 'develop' branch.
+- Make your changes and sign your commit with a concise title and descriptive
+  comment.
+- Push your changes to your repository's fork.
+- Submit a pull request (PR) to our repository's 'develop' branch.
+
+### Commit Messages
+
+Write clear and concise commit messages that describe the changes made in the
+commit.
+
+### Code Review
+
+Be open to feedback during the code review process. Address the feedback
+promptly and make necessary changes if requested.