After releasing on the PlayStore, the pre-launch report is detecting a leaked GCP API Key from library: com.google.android.gms:play-services-ads-lite:23.0.0@aar
Decompiled code is "available" here and seems to show: "gads:safe_browsing:api_key", "AIzaSyDRKQ9d6kfsoZT2lUnZcZnBYvH69HExNPE"
On the play-services-ads-lite:23.0.0 version, the issue seems to come from the com.google.android.gms.internal.ads.zzbii class:
Proposition to hide the secret: get it from backend, AES, or the Google library secrets-gradle-plugin.
Hello, thks for your great work.
After releasing on the PlayStore, the pre-launch report is detecting a leaked GCP API Key from library:
com.google.android.gms:play-services-ads-lite:23.0.0@aar
Decompiled code is "available" here and seems to show:
"gads:safe_browsing:api_key", "AIzaSyDRKQ9d6kfsoZT2lUnZcZnBYvH69HExNPE"
On the
play-services-ads-lite:23.0.0
version, the issue seems to come from thecom.google.android.gms.internal.ads.zzbii
class:Proposition to hide the secret: get it from backend, AES, or the Google library secrets-gradle-plugin.
Related issues:
Thks for your great sample and feel free to tell me if this issue is not related to the sample so should be open on another repository.