Although Ingredients doesn't save any personal user data, I take security vulnerabilities seriously and appreciate your help in identifying and addressing them. If you believe you have found a security vulnerability in my web app or API, please follow these steps to report it:
-
Confirm the vulnerability: Before reporting a potential security vulnerability, please make sure it is a genuine issue. I encourage you to test thoroughly and ensure that the behavior you're observing is indeed a security vulnerability.
-
Privately notify me: Please report security vulnerabilities by emailing me at security@ingredients.work, or by clicking the "Report a Vulnerability" button in the Security tab of this repository. Please refrain from disclosing the vulnerability publicly until I had an opportunity to address it.
-
Provide necessary details: When reporting the vulnerability, please include detailed information such as:
- A brief description of the vulnerability.
- Steps to reproduce the vulnerability.
- Any proof-of-concept or exploit code, if applicable.
- Any other relevant details that could help us understand and address the issue.
Since this is a small, hobby, and non-profit project, Ingredients does not have a bug bounty program. Any reported vulnerabilities will be published and credited to you, if you want.
Thank you for helping me keep Ingredients safe and secure for all users. ❤️
Only the latest release version of Ingredients is supported. The current latest release can be found on the latest release page of this repository.