Secrets are sensitive information like API keys, passwords, etc. that you need for your project but don't want to share publicly. > [!Warning] > Never commit secrets to GitHub! Always include secrets (e.g., the `secrets/` directory) in your [[gitignore]] file. Generally you should store secrets in an [[environment file]] (see the note for how to read these secrets into your script as an [[environment variable]]). However, you may need to store secrets in a [[JSON]] file (as with [[Firebase]] for example). I store secrets in a dedicated `secrets/` directory. ## getpass When creating a [[command line interface|CLI]] tool you can use the library `getpass` to prompt the user to provide their password, API key or other secret. ```bash uv add getpass ``` ```python import getpass if "API_KEY" not in os.environ: os.environ["API_KEY"] = getpass.getpass("API Key:") ```