is not safe to put my api ?

[GreatUsers]

Select Topic Area

Question

Body

is not safe to put my api ?

[Syeda-Eman]

It is not safe to include your API keys or other sensitive credentials directly in your code when uploading to GitHub. Here are some best practices for handling API keys securely:

1. Never commit API keys to your repository; add them to your .gitignore.
2. Use environment variables to keep keys separate from your code.
3. For local development, store keys in a .env file and include it in .gitignore.
4. Provide a sample .env file in your repository with placeholder values.
5. Use your hosting platform's secret management for production deployments.
6. If you accidentally commit sensitive info, change your API keys and remove them from Git history.
7. Consider a key management service for complex applications.
8. For open-source projects, clear instructions should be offered for users on how to obtain their API keys.

[ghostinhershell]

Hi @GreatUsers, we're happy you're here! You are more likely to get a useful response if you are explicit about what your project entails, giving a few more details might help someone give you a nudge in the right direction.

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬