Menu
Why you shouldn't store API keys on Git repositories. Storing API Keys, or any other sensitive information, on a git repository is something to be avoided at all costs. Even if the repository is private, you should not see it as a safe place to store sensitive information.
The only way to hide it is to proxy your request through your own server. Netlify Functions are a free way to add some simple backend code to a frontend app. This is this method I used while learning to program in college, where I needed to share my progress with my peer group without disclosing my API keys.
Though the site is self-described as the "world's largest open source community," a significant number of GitHub projects come with no rights whatsoever for you to use their code in an open source project. That's because so many don't include an OSI-approved open source license.
You could remove the secret keys from the repository using a hammer like git filter-branch. There is a nice explanation on GitHub's help pages.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With