Keeping SQUARE_READER_SDK_REPOSITORY_PASSWORD secret?
jessechounard opened this issue · comments
Describe your question
Following the "Getting Started" guide (which worked great, btw!) I've added my square reader sdk repository password to the project level gradle.properties
file, and everything works as expected. This is a secret that I should keep safe, right?
If I understand correctly, that data is only used at build time and won't be exposed if someone was to disassemble my binary. But now that I'm ready to commit my files to my project repo, it seems like I should move it out of the gradle.properties
file to somewhere else. Unfortunately, when I do so (like loading it from an untracked local.properties
file inside build.gradle
) I run into problems because the values aren't found by the build.gradle
inside node_modules/react-native-square-reader-sdk/android
.
Before I spend any more cycles trying to find a workaround, I figure I should ask. Is this something I should be worried about?
Thanks!