I have to store my Google Maps API Key in a safe way (not a commited file), but as i'm using Expo, the Google Maps API key is stored in app.json file, as the following example:
"ios": {
"config": {
"googleMapsApiKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
},
"android": {
"config": {
"googleMaps": {
"apiKey": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
}
}
}
The problem is, as my app.json file should be commited, where should I store those keys?
Store them in a .env file like this GOOGLE_API_KEY=yourKey.
Then import to to files as needed with react-native-dotenv package;
import { GOOGLE_API_KEY } from 'react-native-dotenv'
The .env file is also never committed to Github.
Also, a good idea to check the AndroidManifest.xml file to make sure the key has not been exposed there.