Add note about .copier/.copier-answers.yml containing sensitive information.

tylermilner · tylermilner · commit e7941eb7106a · 2025-06-19T11:53:28.000-05:00
diff --git a/README.md b/README.md
@@ -140,7 +140,7 @@ You can (and should) pass these as environment variables from secrets.
 
 Read the [deployment.md](./deployment.md) docs for more details.
 
-Also note that the `.env` file is not included in `.gitignore` by default. See [development.md](./development.md#the-env-file) for more details.
+**Note**: The `.env` file is not included in `.gitignore` by default. See [development.md](./development.md#the-env-file) for more details.
 
 ### Generate Secret Keys
 
@@ -194,6 +194,8 @@ pipx run copier copy https://github.com/fastapi/full-stack-fastapi-template my-a
 
 **Note** the `--trust` option is necessary to be able to execute a [post-creation script](https://github.com/fastapi/full-stack-fastapi-template/blob/master/.copier/update_dotenv.py) that updates your `.env` files.
 
+**Note**: After generating the project, the `.copier/.copier-answers.yml` file contains the values you provided for the template variables, including secrets. If your project is public, you should remove this file and store it somewhere safe or add it to your `.gitignore` to avoid exposing sensitive information.
+
 ### Input Variables
 
 Copier will ask you for some data, you might want to have at hand before generating the project.
