Closed minhnimble closed 9 months ago
Hi Mr. @minhnimble,
I have added a credentials.cpp
file to hold the secret keys. It will be ignored with git. Now, to build the project, you need to add the attached file to the folder path /data/cpp/
.
Thank you for your concern and if you have any better solutions. Kindly suggest to me.
Here is a credentials.cpp
file.
It is nice to see that you are trying to encapsulate the client's id and secret in a cpp library called
native-lib
, which can potentially protect the sensitive information during app's runtime. However, these credentials are still exposed in git versioning: https://github.com/huuphuoc1396/android-nimble-surveys/blob/2b94876ed1f9fa6995dd5e0f2af7807f0cb85781/data/cpp/libnative-lib.cpp#L4-L20Your speed of submission is appreciated, but as a reminder, we would also love to see development driven with the least compromisation, too.