The idea of the plugin is that it reduces the steps required to hide your key from version control—one line to include a plugin, and it does the rest. Yes, there are several attack vectors for retrieving an API key, but the point is to reduce those vectors / make them more difficult to do.
Distraction-free reading. No ads.
Organize your knowledge with lists and highlights.
Tell your story. Find your audience.
Read member-only stories
Support writers you read most
Earn money for your writing
Listen to audio narrations
Read offline with the Medium app
Android Engineer at Instagram Previously: Android Developer Relations Engineer at Google
