📖 Add repository guidelines e.g., for project donations

[justaugustus]

What kind of change does this PR introduce?

(Is it a bug fix, feature, docs update, something else?)

ref: https://github.com/ossf/scorecard/issues/4073, https://github.com/ossf/scorecard/issues/3204, https://github.com/UlisesGascon/openssf-scorecard-monitor/pull/74

• [ ] PR title follows the guidelines defined in our pull request documentation

What is the current behavior?

What is the new behavior (if this is a feature change)?**

• [ ] Tests for the changes have been added (for bug fixes/features)

Which issue(s) this PR fixes

Special notes for your reviewer

Does this PR introduce a user-facing change?

For user-facing changes, please add a concise, human-readable release note to the release-note

(In particular, describe what changes users might need to make in their application as a result of this pull request.)

NONE

[justaugustus]

Tagging @UlisesGascon for review on this, as he's actively running through the process in https://github.com/ossf/scorecard/issues/3204, https://github.com/UlisesGascon/openssf-scorecard-monitor/pull/74.

[justaugustus]

Ignoring the TODOs LGTM. Is your intent to remove them in this PR?

@spencerschrock — those TODOs need to be addressed in a follow-up. They're items that were present in the Kubernetes guidelines that we should solve for, but aren't blocking to bootstrap the docs.