Public Key Not Ignored by Git Warning #630
Description
I have a public key (with a prefix of pk_live_) in a file not in my .gitignore file. This should be perfectly safe because by its name it's a public key. But I get the following warning:
This Stripe API Key is in a file not ignored by git. For better security, consider using a .env file. See https://stripe.com/docs/keys#safe-keys for more advice.
If you navigate to that URL, the first thing it says is: Your secret API key, so I'm not sure why this extension is telling me to protect a key that is public (not secret) in nature.