Why do we need SafeNote?

Sharing notebooks is very common within research groups and even with the public. It is important to protect your secrets from being used without your intention, especially for API keys that can incur significant cost (for example, an OpenAI API key). SafeNote injects your variables into the environment at runtime, so collaborators can run your notebook without ever seeing secrets in plain text.

We are also exploring a SaaS companion that helps teams avoid manually copying, pasting, or typing environment variables. If we ship it, it will be delivered alongside this package.

Installation

Bash
pip install safenote

Usage

Python
import safenote
env = safenote.request(keys=['OPENAI_API_KEY', 'SERPER_API_KEY'])

After this call, the env variable contains all values you enter at the prompt. These keys are also populated into os.environ, so other packages (for example, LangChain) can read them.

You can also access OPENAI_API_KEY and SERPER_API_KEY directly as environment variables.

Frequently Asked Questions

Only need one key and prefer not to pass a list? You can pass a single key argument into the request function:

Python
import safenote
safenote.request(key='OPENAI_API_KEY')

Only need to inject into the system environment? In that case, you do not need the return value:

Python
safenote.request(keys=['OPENAI_API_KEY'])

Do not want to inject into os.environ? Set inject_env to False:

Python
env = safenote.request(keys=['OPENAI_API_KEY'], inject_env=False)

Do not want to have global variables assigned? We currently rely on global variables to populate these secrets, so you cannot avoid assigning them to globals yet. Making this behavior more secure and configurable is on the roadmap, so in the future you will be able to turn off global assignment from SafeNote.

Contributions

SafeNote is open source on GitHub, and contributions are welcome via the repository guidelines.