Engineering Practice

Daily engineering practice notes.

---

2026-06-20

• When deploying via GitHub Actions, sensitive information (such as API keys and tokens) should be stored in Secrets rather than hardcoded in the code. This ensures that even if the repository source code is viewed—including by AI agents—these values remain hidden. Secrets can be scoped flexibly by environment, repository, or organization.