data/ruby-advisory-db/CONTRIBUTING.md in bundler-audit-0.4.0 vs data/ruby-advisory-db/CONTRIBUTING.md in bundler-audit-0.5.0

@@ -1,6 +1,56 @@
 # Contributing Guidelines
 
-## Style
+* All text must be within 80 columns.
+* YAML must be indented by 2 spaces.
+* Have any questions? Feel free to open an issue.
+* Prior to submitting a pull request, run the tests:
 
-1. All text must be within 80 columns.
-2. YAML must be indented by 2 spaces.
+```
+bundle install
+bundle exec rspec
+```
+
+* Follow the schema. Here is a sample advisory:
+
+```yaml
+    ---
+    gem: activerecord
+    framework: rails
+    cve: 2014-3514
+    url: https://groups.google.com/forum/#!msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ
+    title: Data Injection Vulnerability in Active Record 
+    date: 2014-08-18
+
+    description: >-
+      The create_with functionality in Active Record was implemented
+      incorrectly and completely bypasses the strong parameters
+      protection. Applications which pass user-controlled values to
+      create_with could allow attackers to set arbitrary attributes on
+      models.
+      
+    cvss_v2: 8.7
+
+    unaffected_versions:
+      - "< 4.0.0"
+
+    patched_versions:
+      - ~> 4.0.9 
+      - ">= 4.1.5"
+```
+### Schema
+
+* `gem` \[String\]: Name of the affected gem.
+* `framework` \[String\] (optional): Name of framework gem belongs to.
+* `platform` \[String\] (optional): If this vulnerability is platform-specific, name of platform this vulnerability affects (e.g. JRuby)
+* `cve` \[String\]: CVE id.
+* `osvdb` \[Fixnum\]: OSVDB id.
+* `url` \[String\]: The URL to the full advisory.
+* `title` \[String\]: The title of the advisory.
+* `date` \[Date\]: Disclosure date of the advisory.
+* `description` \[String\]: Multi-paragraph description of the vulnerability.
+* `cvss_v2` \[Float\]: The [CVSSv2] score for the vulnerability.
+* `unaffected_versions` \[Array\<String\>\] (optional): The version requirements for the
+  unaffected versions of the Ruby library.
+* `patched_versions` \[Array\<String\>\]: The version requirements for the
+  patched versions of the Ruby library.
+