Stop saving secrets in your frontend repo. Seriously.
ask-secret is a tiny, no-nonsense utility that helps you keep secrets out of your frontend code while developing. Instead of hardcoding API keys, it asks for them via window.prompt and keeps them in localStorage (so you don’t have to type them every time).
- No more committing secrets by accident 🔥
-
Quick and easy – Just call
ask("my key") -
Browser-friendly – Uses
localStorageto remember secrets temporarily - No dependencies – Just drop it in and go!
npm install ask-secretimport { ask } from "ask-secret";
const API_KEY = ask("OpenAI secret key");
if (API_KEY) {
const apiClient = new SomeApiClient({
headers: { Authorization: `Bearer ${API_KEY}` },
});
console.log("✅ API Client initialized with secret.");
} else {
console.error("❌ No secret provided.");
}Need to reset your stored secret? Open the DevTools console and run:
localStorage.clear();Nope. It’s just better than committing secrets. Anyone with access to your browser can see the secret in localStorage, so don’t use this for anything serious!
MIT – Do whatever you want, but don’t blame me if you accidentally paste your API key into Discord. 😅