This PR makes the implementation of getting calendar key more secure.
Before when using flutter_dotenv it would be bundled in assets that are so insecure. Now it is in the dart code which gets compiled. So unless you are a reverse engineering expert you won't be able to get hold of it! One other vulnerability would be sniffing the traffic!
We can solve it by restricting the key to be used by community app only in the google cloud console!
This PR makes the implementation of getting calendar key more secure.
Before when using
flutter_dotenv
it would be bundled in assets that are so insecure. Now it is in the dart code which gets compiled. So unless you are a reverse engineering expert you won't be able to get hold of it! One other vulnerability would be sniffing the traffic!We can solve it by restricting the key to be used by community app only in the google cloud console!