This is not really a question, but I’m wondering what is the best approach to keep your passwords/ api keys safe while working on expo app?
I’ve currently pushed one JSON to github repo that contains sensitive data (google oauth client ids, android api keys), and i use this to repo build standalone apps. I’d like to delete this file (and its git history log) from github for obvious security reasons and wanted to know what is the recommended approach here to ‘save’ and ‘use’ this sensitive info using Expo.
For example, heroku recommends to set config variables
$ heroku config:add S3_KEY=8N029N81 S3_SECRET=9s83109d3+583493190
and then reference these values in code using the ENV variable,
:access_key_id => ENV[‘S3_KEY’],
:secret_access_key => ENV[‘S3_SECRET’]
I’ve borrowed example from here.
Does expo allow something similar, to set config values and use them in our app? Or what is the best recommended approach here?