If I were to work on an integration app where I have to apply for an API key for it, I cannot just check in the key to the GitHub project as that would most likely violate the ToS and probably invalidate the key.
Is there someplace I can store these keys securely? Since Athom publishes the apps directly from GitHub there is no intermediate step, right?
I am fully aware that storing secrets so they can be read (decrypted) on the end user device is not fool-proof, but this is not my point as keeping them out of hands of rooted Homeys (do they exist?) is (I believe) beyond what’s expected of me.