We have four sets of cleartext passwords (http & proxy & db), and secrets such as various API keys and mw cookies and edit tokens.

The passwords are stored in two files in clear text (user-config.py and. passwd). Other secrets are in cached api files, etc.

I would like to introduce an optional dependency on a library to manage (some of?) these secrets. The current secret storage would continue to work correctly.

The keyring package is the obvious candidate. Any objections or improvements on that?

--
John Vandenberg