The proper restriction and usage of the API keys used by this app should be better documented and possibly added at deploy time, rather than in the repo itself.
These keys aren't problematic as they are restricted somewhat by google and billing for the project accounts attached to the keys has been turned off to further limit abuse
if moving them out of the repository isnt helpful, then maybe adding a gitleaks file to silence scripts that flag it as a leak
The proper restriction and usage of the API keys used by this app should be better documented and possibly added at deploy time, rather than in the repo itself.
These keys aren't problematic as they are restricted somewhat by google and billing for the project accounts attached to the keys has been turned off to further limit abuse
if moving them out of the repository isnt helpful, then maybe adding a gitleaks file to silence scripts that flag it as a leak