问题描述
遵循在 Android 应用程序中设置 Google Analytics 的指南 (https://developers.google.com/analytics/devguides/collection/android/v4/) 我想知道这个 google-services.json 文件是否可以安全地提交到源代码版本控制中并推送到公共 GitHub 存储库,或者这个文件是否可以包含凭据或机密.
Following the guide on setting up Google Analytics in an Android app (https://developers.google.com/analytics/devguides/collection/android/v4/) I am left wondering if this google-services.json file can safely be committed into source code versioning and pushed to a public GitHub repository or if this file may contain credentials or secrets.
我在其他地方找不到明确的答案,但我可以看到示例应用程序都提交了文件 (https://github.com/google/climb-tracker/blob/master/mobile/google-services.json) 和其他人已将该文件添加到他们的 .gitignore 中.
I cannot find a definite answer elsewhere, but I can see that sample apps both commit the file (https://github.com/google/climb-tracker/blob/master/mobile/google-services.json) and others have added the file to their .gitignore.
推荐答案
它应该被视为机密.生成的 json 文件包含可用于发送推送通知的 api_key
.
It should be considered confidential. The json file that is generated contains an api_key
that you can use to send push notifications.
如果您转到 Google Developer Console 上的凭据页面,您将看到 API 密钥
If you go to Credentials page on the Google Developer Console, you'll see the key in the json file listed under API keys
这篇关于google-services.json 是保密的吗?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!