Try on kisski

[SeverusYixin]

This Version base on the Kisski, but still need time for the Kisski API key

[SeverusYixin]

Now as they told me:
we only use one API Key for all Services, so these names should all point to one. However, for some services, you might not be activated. Also, for new Services like RAG for ChatAI, which should become available in January, this API Key will also be usable.

[haesleinhuepf]

Hi Yixin,

never store API keys on Github so that others can read them.

I recommed you to revoke the huggingface and the Kisski key. Otherwise others can use the platforms on your behalf.

https://docs.github.com/en/rest/authentication/keeping-your-api-credentials-secure?apiVersion=2022-11-28#store-your-authentication-credentials-securely

Best,
Robert

[SeverusYixin]

Hi Robert,

Thanks for your advice. I got a message last night, and in my latest version that I replaced it as "KISSKI_API_KEY=your_api_key" and uploaded it yesterday, but I don't know why you can still read it.

Best,
Yixin

[haesleinhuepf]

Because the git history contains it. Again, I recommend to revoke all keys you put on the internet.

[SeverusYixin]

Do you know how to delete them? I tried using the "delete file" function, but it does not seem to work.

[SeverusYixin]

I mean to delete the history

[haesleinhuepf]

You should revoke the key instead of deleting the history.

[haesleinhuepf]

E.g. as shown here: https://huggingface.co/docs/hub/en/security-tokens#how-to-manage-user-access-tokens or by sending an email to the KISSKI folks

[SeverusYixin]

Ahh, ok thank you, I will write an email to them to recreate a new one , thank you again

[SeverusYixin]

They have already created a new one and the HF token has already been deleted.