secrets-gradle-plugin icon indicating copy to clipboard operation
secrets-gradle-plugin copied to clipboard

Published 20 hours ago verified publisher icon google

Leaked GCP API Keys

Open johnjeremih opened this issue 1 year ago • 3 comments

I still get Leaked GCP API Keys, any idea how to solve this?

It works when displaying maps, but when it comes to Google Places I need to initialize it on the application class

image

image

johnjeremih avatar Sep 27 '23 19:09 johnjeremih

From the README

This plugin is primarily for hiding your keys from version control. Since your key is part of the static binary, your API keys are still recoverable by decompiling an APK.

You have incorrect expectations from the project.

msfjarvis avatar Oct 22 '23 18:10 msfjarvis

Google should create some api to access secret keys from play store or andorid system on device. Something like KeyVault which can be accessed by application within scope.

yuvaraj119 avatar Oct 25 '23 18:10 yuvaraj119

How do I do that? do you have an example?

johnjeremih avatar Oct 25 '23 18:10 johnjeremih