The Smart Wishlist relied on an API key—a secret digital password—to talk to the AI provider. In development ( dev ), they used a fake key. In production ( prod ), they used a real, paid key.
She needed to roll back, but there was a problem: if she simply reverted the code, the prod.keys switch would still be true . The old AI provider’s prod key was already deleted from the vault. Without it, the app would crash entirely. prod.keys switch
This was exactly why the existed separately from the code rollback. The Smart Wishlist relied on an API key—a
The site stayed up. The holiday sale survived. She needed to roll back, but there was
{ "environment": "dev", "api_keys": { "ai_provider": "dev_sk_test_123", "payment_gateway": "dev_pk_test_456" } } She knew the routine. Never, ever commit prod keys to code. Instead, the system used a —an environment variable called PROD_KEYS_ENABLED . When set to false , the app used dev keys. When set to true , it reached into a locked, encrypted vault and loaded the real production keys.
Three days before Black Friday, the CEO announced a last-minute partnership with a major toy brand. The integration required swapping the AI provider’s key for a new one—immediately.