Open Jay-flow opened 1 year ago
Thanks for raising the concern. Please see https://github.com/java-james/flutter_dotenv/issues/51#issuecomment-1040908470 for a related discussion on this. In short, you shouldn't use .env on the client side to store sensitive data. Please get back to me if we are missing a point here, especially if you have something in mind we may have not thought of yet.
Thank you for your comment.
Is there an alternative to how sensitive data is managed?
I would appreciate it if other people could suggest a good idea.
I happened to read the blog post.
https://systemweakness.com/why-not-to-use-dotenv-on-flutter-5d3a07abc971
According to this article, the .env file appears to be readable. I'm storing key security information here. Is there a security problem depending on the blog post? I wonder if it's reliable or if there's a security problem, how can you secure it?