Tutorial Exposes API Keys

[camservo]

Tried to find a better way to notify you but couldn't. Your tutorial exposes people's API keys. I took a look through the forked repos and could find a few the credentials file.

[whitep4nth3r]

Hello! Thanks for your message. These API keys are OK to be exposed as they are read only – and I wanted to make it clear how to use the keys. They are my keys and I'm fine with them being exposed in this instance 🙂

[whitep4nth3r]

Other people will need to take the necessary precautions if they wish to obfuscate their read only keys, but that wasn't the point of the tutorial – and I mention the keys are read only in the accompanying blog post.

[camservo]

Gotcha. The tutorial tells users to save their own keys to their repos and since I can see their forked repos then I can see theirs. If you're happy I'm happy though :).

…

On Fri, Nov 12, 2021, 12:18 PM @whitep4nth3r ***@***.***> wrote: Hello! Thanks for your message. These API keys are OK to be exposed as they are read only – and I wanted to make it clear how to use the keys. They are my keys and I'm fine with them being exposed in this instance 🙂 — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#5 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AARTS7GKHDAHLO6GGD4C2D3ULVLA3ANCNFSM5H5ND6LA> . Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.