some people forgetting private infos in a comment. when they get build they know comments will remove, but not in source maps. so this might be a problem for someone
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
That's not how api key stealing works, it will be bots looking for keywords like fetch. Besides you shouldn't have any secret like api key on your client app like React. Instead, you should build a proxy server with permission only to your app, and that's where you use your api key.
CRA already warn you on this:
create-react-app.dev/docs/adding-c...
Read more here:
stackoverflow.com/questions/468380...
unicorn-utterances.com/posts/keepi...
some people forgetting private infos in a comment. when they get build they know comments will remove, but not in source maps. so this might be a problem for someone