From 14e2dd8d3ca1de59e77ecfebaf7544ce10085c85 Mon Sep 17 00:00:00 2001
From: Tyler Milner <tylermilner@gmail.com>
Date: Thu, 19 Jun 2025 11:26:41 -0500
Subject: [PATCH 1/2] Add note about `.env` file not being included in
 `.gitignore` to readme.

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index afe124f3fb..de1545acd7 100644
--- a/README.md
+++ b/README.md
@@ -140,6 +140,8 @@ You can (and should) pass these as environment variables from secrets.
 
 Read the [deployment.md](./deployment.md) docs for more details.
 
+Also note that the `.env` file is not included in `.gitignore` by default. See [development.md](./development.md#the-env-file) for more details.
+
 ### Generate Secret Keys
 
 Some environment variables in the `.env` file have a default value of `changethis`.

From e7941eb7106acc4e4ae14678d63b00f1ccda4117 Mon Sep 17 00:00:00 2001
From: Tyler Milner <tylermilner@gmail.com>
Date: Thu, 19 Jun 2025 11:53:28 -0500
Subject: [PATCH 2/2] Add note about `.copier/.copier-answers.yml` containing
 sensitive information.

---
 README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index de1545acd7..befa5195d4 100644
--- a/README.md
+++ b/README.md
@@ -140,7 +140,7 @@ You can (and should) pass these as environment variables from secrets.
 
 Read the [deployment.md](./deployment.md) docs for more details.
 
-Also note that the `.env` file is not included in `.gitignore` by default. See [development.md](./development.md#the-env-file) for more details.
+**Note**: The `.env` file is not included in `.gitignore` by default. See [development.md](./development.md#the-env-file) for more details.
 
 ### Generate Secret Keys
 
@@ -194,6 +194,8 @@ pipx run copier copy https://github.com/fastapi/full-stack-fastapi-template my-a
 
 **Note** the `--trust` option is necessary to be able to execute a [post-creation script](https://github.com/fastapi/full-stack-fastapi-template/blob/master/.copier/update_dotenv.py) that updates your `.env` files.
 
+**Note**: After generating the project, the `.copier/.copier-answers.yml` file contains the values you provided for the template variables, including secrets. If your project is public, you should remove this file and store it somewhere safe or add it to your `.gitignore` to avoid exposing sensitive information.
+
 ### Input Variables
 
 Copier will ask you for some data, you might want to have at hand before generating the project.