Follow

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use
Follow
Facebook Twitter Instagram Youtube
Contact

Firebase android and ios API keys compromised on github

byMR
July 17, 2024

I am working on a flutter chat app on android and ios.

Unfortunately, I pushed my full working folder to my GitHub repository and later on received an email from GitHub that my API keys are compromised.

After I looked online, I found out that Firebase API keys are not secret, thus it doesn’t matter exposing them.

MEDevel.com: Open-source for Healthcare and Education

Collecting and validating open-source software for healthcare, education, enterprise, development, medical imaging, medical records, and digital pathology.

Visit Medevel

Is this true? In the case that it’s not, can anyone explain to me what to do?
Thank you in advance!

>Solution :

Is always recommended to do not share any keys on public directories.
You probably got this warning email because your repository is public
Some recommendations for projects that are having secret keys are the following

  1. Make the GitHub repository Private
  2. Include the file path that has the key in the .gitignore file so it will not committed to the repository
byMR
Published
Add a comment

Leave a Reply

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use

Read more

Discover more from Dev solutions

Subscribe now to keep reading and get access to the full archive.

Continue reading