Closed cherylli closed 1 year ago
I can work on this but what should I do then instead of putting API in the public repository? can you assign me this?
I'm not the owner of this repo. I just came to checked it out and saw the API is publicly accessible.
Normally you would put something like API keys in the environment variables or just a file not pushed to github
Its fine, if a front end project requires the API key to be publicly accessible for open source contribution, I should not bother making it hidden in .gitignore file. Otherwise it becomes difficult for people to contribute.
In js/config
API keys should not be committed to a public repository