Issue Description:
The .env file currently included in the project contains sensitive API keys (e.g., API_KEY=...). These credentials should never be committed to the repository or made publicly accessible, even in development environments.
Why This Is a Problem:
- Security Risk: Exposes private credentials to unauthorized users.
- Bad Practice: Violates standard DevOps and security best practices.
- Service Abuse: May lead to key revocation or misuse of services.
Suggested Solution:
- Remove the
.env file from version control (git rm --cached .env if needed).
- Add
.env to .gitignore.
- Create a
.env.example file with placeholder values, not actual keys.
- Document the environment variable setup process in the
README.md or a setup guide.
Recommended Steps:
- Remove sensitive keys from the
.env file.
- Revoke and regenerate any exposed API keys, if necessary.
- Add
.env to .gitignore.
- Create a
.env.example with the expected variables (without values).
Issue Description:
The
.envfile currently included in the project contains sensitive API keys (e.g.,API_KEY=...). These credentials should never be committed to the repository or made publicly accessible, even in development environments.Why This Is a Problem:
Suggested Solution:
.envfile from version control (git rm --cached .envif needed)..envto.gitignore..env.examplefile with placeholder values, not actual keys.README.mdor a setup guide.Recommended Steps:
.envfile..envto.gitignore..env.examplewith the expected variables (without values).