I lead an independent life based on open source culture. I'm making small improvements with PHP, Python as its software language, and occasionally with React.
some people forgetting private infos in a comment. when they get build they know comments will remove, but not in source maps. so this might be a problem for someone
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
example: maybe you are using a paid service and the api key may be clearly visible.
That's not how api key stealing works, it will be bots looking for keywords like fetch. Besides you shouldn't have any secret like api key on your client app like React. Instead, you should build a proxy server with permission only to your app, and that's where you use your api key.
CRA already warn you on this:
create-react-app.dev/docs/adding-c...
Read more here:
stackoverflow.com/questions/468380...
unicorn-utterances.com/posts/keepi...
some people forgetting private infos in a comment. when they get build they know comments will remove, but not in source maps. so this might be a problem for someone