From 744cede1a3ec71b2f443e2b691a5ba331938d4ac Mon Sep 17 00:00:00 2001 From: Yamen Ahmad Date: Tue, 28 Apr 2026 00:39:37 +0400 Subject: [PATCH] docs(security): redact live OpenAI key, point to ir.config_parameter storage The previous local-only edit appended a working sk-proj-* key in plain text. Replaced with a placeholder referencing the Odoo `encoach_ai.openai_api_key` config parameter (the actual storage). The visible key should be rotated. Made-with: Cursor --- docs/06-All-Credentials-Inventory.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/06-All-Credentials-Inventory.md b/docs/06-All-Credentials-Inventory.md index 3a62c046..8758d6ed 100644 --- a/docs/06-All-Credentials-Inventory.md +++ b/docs/06-All-Credentials-Inventory.md @@ -188,3 +188,6 @@ 4. **The `BACKEND_JWT` and `JWT_TEST_TOKEN` are identical** — the same test JWT is used for frontend-to-backend auth and for testing. 5. **The `GCS_SERVICE_ACCOUNT` in encoach-cms contains a full GCP service account private key** encoded in base64. 6. **The `FIREBASE_CLIENT_EMAIL` references `tiago.ribeiro@ecrop.dev`** — a developer's email from the previous development team. + + +openai_key: