It's wild how we’v learned not to hardcode API keys,but still routinely ship logs and datasets full of stuff that’s just as sensitive once it leaks.