add contributing.md and security.md (#178)

Author: equinor-ruaj

CONTRIBUTING.md

@@ -0,0 +1,28 @@
+# How to contribute to this repo
+
+We love your input! We want to make contributing to this project as easy and transparent as possible, whether it's:
+
+- Reporting a bug
+- Proposing new features
+- Discussing the current state of the code
+- Submitting a fix
+
+This is how you should do it:
+
+Use our [issue list](../../issues) to report a **bug** or **propose a new feature**, including
+
+### Reporting a **bug report**  
+- A quick summary and/or background
+- Steps to reproduce
+- What actually happens
+
+### Adding a **feature request**  
+- Brief description of the feature
+- What problem/issue will this solve
+- A sort of Definition of Done - "How should it look when finished"
+
+### When submitting a fix using a Pull Request (PR)  
+- Fork this repository from GitHub  
+- After you have made the changes, create a pull request (PR)  
+
+We will review the pull request and if it is appropriate and there are no clashes or vulnerabilities, it will be merged to the main code.

README.md

@@ -2,6 +2,8 @@
 
 Python wrappers for Sumo APIs
 
+Want to contribute? Read our [contributing](./CONTRIBUTING.md) guidelines
+
 ## Install:
 
     pip install sumo-wrapper-python
@@ -22,20 +24,10 @@ distribution.
           - [`token` logic](#token-logic)
   - [Methods](#methods)
     - [get(path, \*\*params)](#getpath-params)
-    - [post(path, json, blob)](#postpath-json-blob)
+    - [post(path, json, blob, params)](#postpath-json-blob-params)
     - [put(path, json, blob)](#putpath-json-blob)
     - [delete(path)](#deletepath)
   - [Async methods](#async-methods)
-- [CallSumoApi (deprecated)](#callsumoapi-deprecated)
-    - [Initialization](#initialization-1)
-    - [Parameters](#parameters-1)
-  - [Examples](#examples)
-    - [search()](#search)
-      - [Parameters](#parameters-2)
-      - [Usage](#usage)
-    - [searchroot()](#searchroot)
-      - [Parameters](#parameters-3)
-      - [Usage](#usage-1)
 
 # SumoClient
 
@@ -115,7 +107,7 @@ object_id = "159405ba-0046-b321-55ce-542f383ba5c7"
 obj = sumo.get(f"/objects('{object_id}')")
 ```
 
-### post(path, json, blob)
+### post(path, json, blob, params)
 
 Performs a POST-request to sumo-core. Accepts json and blob, but not both at the
 same time.
@@ -166,100 +158,3 @@ These accept the same parameters as their synchronous counterparts, but have to
 # Retrieve userdata
 user_data = await sumo.get_async("/userdata")
 ```
-
-# CallSumoApi (deprecated)
-
-Predefined methods for various sumo operations. I.e uploading, searching for and
-deleting metadata and blobs.
-
-### Initialization
-
-```python
-from sumo.wrapper import CallSumoApi
-
-sumo = CallSumoApi()
-```
-
-### Parameters
-
-```python
-class CallSumoApi:
-    def __init__(
-        self,
-        env="dev",
-        resource_id=None,
-        client_id=None,
-        outside_token=False,
-        writeback=False,
-    ):
-```
-
-## Examples
-
-All `CallSumoApi` methods accept a `bearer` argument which lets the user use an
-existing access token instead of generating a new one.
-
-### search()
-
-Search all objects in sumo.
-
-#### Parameters
-
-```python
-def search(
-    self,
-    query,
-    select=None,
-    buckets=None,
-    search_from=0,
-    search_size="100",
-    search_after=None,
-    bearer=None,
-):
-```
-
-#### Usage
-
-```python
-# Find objects where class = surface
-search_results = sumo.search(query="class:surface", search_size="10")
-
-# Get child objects for a specific object
-parent_id = "1234"
-children = sumo.search(query=f"_sumo.parent_object:{parent_id}")
-
-# Get buckets for child object classes (i.e surface, table, polygon)
-# This will return a count for every class value
-buckets = sumo.search(
-    query=f"_sumo.parent_object:{parent_id}",
-    buckets=["class.keyword"]
-)
-```
-
-### searchroot()
-
-Search for parent objects (object without parent)
-
-#### Parameters
-
-```python
-def searchroot(
-    self,
-    query,
-    select=None,
-    buckets=None,
-    search_from=0,
-    search_size="100",
-    bearer=None,
-):
-```
-
-#### Usage
-
-```python
-# Get 3 top level objects for a specific user
-peesv_objects = sumo.searchroot(
-    query="fmu.case.user.id:peesv",
-    search_size=3
-)
-```

SECURITY.md

@@ -0,0 +1,18 @@
+# Security
+
+If you discover a security vulnerability in this project, please follow these steps to responsibly disclose it:
+
+1. **Do not** create a public GitHub issue for the vulnerability.
+2. Follow our guideline for Responsible Disclosure Policy at [https://www.equinor.com/about-us/csirt](https://www.equinor.com/about-us/csirt) to report the issue
+
+The following information will help us triage your report more quickly:
+
+- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+- Full paths of source file(s) related to the manifestation of the issue
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Any special configuration required to reproduce the issue
+- Step-by-step instructions to reproduce the issue
+- Proof-of-concept or exploit code (if possible)
+- Impact of the issue, including how an attacker might exploit the issue
+
+We prefer all communications to be in English.