Security practice in demos
Practical controls used in published demo projects.
Data
- Prefer synthetic or anonymized datasets.
- Limit data scope to what the demo strictly needs.
Access
- Use least-privilege permissions and isolate demo environments.
- Store secrets in environment variables, never in the repository.
Logs
- Do not log personal data or credentials.
- Keep logs actionable while avoiding sensitive payloads.
Dependencies
- Review and update dependencies regularly.
- Remove unused packages before release.