Djecrety package also is available, read the docs!
Djecrety is hosted on Github Pages and doesn't have any back-end code or database.
The keys generate on demand and it's completely random and never store to any file or database.
That's all. So you can safely use Djecrety.
As Django official documentation says:
A secret key used to provide cryptographic signing, and should be set to a unique, unpredictable value.
Running Django with a known SECRET_KEY defeats many of Django’s security protections, and can lead to privilege escalation and remote code execution vulnerabilities.
So recommended: Keep it safe. Ignore 'settings.py' file in your commits. Change the secret key on your deploy. If you lost the secret key for any reason or the server got compromised change it as soon as possible.
After creating your project:
SECRET_KEY = ''