I’m currently working on a React Native project using Expo and need guidance on securely storing keys and public URLs. I want to ensure that sensitive information is handled properly to maintain security.

Specific Issues:
I have two main concerns:

1. Storing public API URLs securely.
2. Managing sensitive information like keys in a safe and reliable
   manner.

Current Approach:

Following the Expo documentation, I’ve stored public URLs in the .env file in the root folder using the format EXPO_PUBLIC_[NAME]=VALUE. Additionally, I’ve used the eas secret:create command to generate keys.

Actual vs. Expected Output:

When I list the secrets using eas secret:list, the output doesn’t match what I expected based on the documentation. I’m seeing a different format, and I’m unsure if I’m following the correct procedure.

Request for Help:

What are the best practices for securely storing public API URLs in an Expo React Native project?
How should I manage sensitive information like keys to ensure security and reliability?
Can anyone provide guidance on interpreting the output of eas secret:list and ensuring it aligns with the expected format?

  # .env file
EXPO_PUBLIC_API_URL=https://example.com/api
CONSUMER_KEY=key_number
CONSUMER_SECRET=consumer_secrets

what i got:

eas secret:list
Secrets for this account and project:
ID          _id
Name        SECRET_NAME
Scope       project
Type        STRING
Updated at  Apr 23 17:32:46

what i expected:

eas secret:list
Secrets for this account and project:
┌────────────────┬────────┬─────────┬──────────────────────────────────────┬─────────────────┐
│ Name           │ Type   │ Scope   │ ID                                   │ Updated at      │
├────────────────┼────────┼─────────┼──────────────────────────────────────┼─────────────────┤
│ APP_UPLOAD_KEY │ string │ account │ 366bd434-b538-4192-887c-036c0eddedec │ Oct 05 11:51:46 │
├────────────────┼────────┼─────────┼──────────────────────────────────────┼─────────────────┤
│ NPM_TOKEN      │ string │ project │ 03f4881f-88fd-4d94-9e35-a5c34d39c2f2 │ Oct 05 11:51:33 │
├────────────────┼────────┼─────────┼──────────────────────────────────────┼─────────────────┤
│ SECRET_FILE    │ file   │ project │ 72c7ac1e-78d0-4fa2-b105-229260cecc88 │ Oct 05 11:52:12 │
├────────────────┼────────┼─────────┼──────────────────────────────────────┼─────────────────┤
│ sentryApiKey   │ string │ project │ 88dd0296-9119-4d50-a91b-1f646733f569 │ Oct 05 11:51:40 │
└────────────────┴────────┴─────────┴──────────────────────────────────────┴─────────────────┘

I appreciate any insights or recommendations on how to handle these aspects of Expo React Native development securely. Thank you in advance for your help!