About Security while Vibe Coding

If you or your team use AI assistants for coding, make sure to list the files with software secrets in the .*ignore files of those assistants so that the secrets don't get leaked. Most of the assistants accept the same syntax as .gitignore.

For example, edit the following files:

.gitignore - unrelated to AI assistants, but still necessary for security.
.aiignore - for PyCharm AI.
.augmentignore - for Augment Code.
.codeiumignore - for Windsurf.
.continueignore - for Continue.
.copilotignore - for GitHub Copilot.
.cursorignore - for Cursor.

and add these lines there:

*.sql
*.backup
.env
secrets.json
secrets.yml

Note that some of the editors or plugins might understand each others' ignore files or respect the .gitignore for the ignored files.

Tips and Tricks Development Security Prompt Driven Development

Also by me

Django Paddle Subscriptions app

For Django-based SaaS projects.

Django App for You

Django GDPR Cookie Consent app

For Django websites that use cookies.

Django App for You

Book for You

Django 3 Web Development Cookbook

Learn how to build practical web projects with Django 3.

SaaS for You

Online prioritizer "1st things 1st"

It's not for everyone, but it might be for you!