Flickr API key

[cnsgithub]

What's the problem? juxtapose includes its Flickr API key in juxtapose.js making it visible to all users. In spite of this disclosure account security should not be at risk.

However, there are two other issues that might arise:

1. According to https://www.flickr.com/services/developer/api/ key usage is limited to 3.600 queries per hour. Sharing your personal key across all juxtapose users may lead to exhaustion of your quota resulting in denial of service.
2. According to https://secure.flickr.com/services/api/misc.api_keys.html commercial use is not allowed. Since juxtapose library is provided under MPL license users or frameworks that in turn allow commercial usage might include juxtapose without knowing this restriction. E.g. the popular JSF library PrimeFaces introduced juxtapose in March 2018, see here: https://github.com/primefaces/primefaces/issues/3251

I would suggest to either remove your Flickr API key and see if it's needed at all. Otherwise I would enable users to specify their own API keys.

[cnsgithub]

Any thoughts?