Closed chrisvanpatten closed 2 years ago
@chrisvanpatten thank you, I will check your pr nowl.
@chrisvanpatten you're right, the credentials should not be included within a public repo. I will merge your pr with some modifications to notice developers when they use Facebook Graph without client key/secret.
Does not touch unit tests, which would not be included in a compiled package and thus are not susceptible to credential leak in the same way.
However, it might be worth updating those to pull from
process.env
as well, and removing all credentials from the repo.