Although Ingredients doesn't save any personal user data, I take security vulnerabilities seriously and appreciate your help in identifying and addressing them. If you believe you have found a security vulnerability in my web app or API, please follow these steps to report it:
-
Confirm the vulnerability: Before reporting a potential security vulnerability, please make sure it is a genuine issue. I encourage you to test thoroughly and ensure that the behavior you're observing is indeed a security vulnerability.
-
Privately notify me: Please report security vulnerabilities by emailing me at security@ingredients.work. Please refrain from disclosing the vulnerability publicly until I had an opportunity to address it.
-
Provide necessary details: When reporting the vulnerability, please include detailed information such as:
- A brief description of the vulnerability.
- Steps to reproduce the vulnerability.
- Any proof-of-concept or exploit code, if applicable.
- Any other relevant details that could help us understand and address the issue.
Since this is a small, hobby, and non-profit project, Ingredients does not have a bug bounty program. Any reported vulnerabilities will be published and credited to you, if you want.
Thank you for helping me keep Ingredients safe and secure for all users. 鉂わ笍
Only the latest release version of Ingredients is supported. The current latest release can be found on the latest release page of this repository.