I am trying to develop a chat application using Firebase and I pushed it to github. Instantly I received an email from GitGuardian notifying that it detected and API key from Google. Is it really unsafe ?
Asked
Active
Viewed 1,261 times
2
-
2Yes, secrets should not be in your repo. – Dave Newton Jun 17 '18 at 11:19
-
2Put API keys into untracked configuration files or, better yet, environment variables. They shouldn't be in your tracked source code. – ChrisGPT was on strike Jun 17 '18 at 12:22
-
It's safe, see [what GitGuardian has to say about it](https://twitter.com/search?q=firebase%20api%20key%20gitguardian&src=typd) – Vilokan Labs Jul 05 '18 at 14:35