A security alert just popped up in my Play Console account

This alert isnt for one specific app. All 2 apps made with Kodular have the very same problem. They both appeared today. Both apps are 4 months old (release date). One of them got updated recently. But it has nothing to do with that, coz the other app has the very same problem. It was uploaded 4 months ago & never updated.

And what have the apps in common? Like i said what components and extensions do they use.

1 Like

Vertical arrangement, Vertical scroll, horizontal, cardview,label,space,button,clock,image,notifier, admob banner & interstitial, firebase db, sidemenu, tinydb, sharing, sound, web, bottom sheet

i also received this security alert on my 2 apps.

1 Like

i edit bcj its show personal email id .

I have this also and I think it’s showing this because of Google firebase because it say fix your GCI api key witch is public.

1 Like

so, does it have anything to with the kodular’s firebase db component ?

I don’t know. And have you enable the read and write function in your firebase just wanted to make sure something.

anyone know why this security alert show

ok everyone i have found a way to fix this actually this is happeing because of firebase WEB API.

here’s the fix upload your firebase api key to your own server (you can use tiny web db or MY sql ). and when requiredyou call the api key from your server and use it . moreover you could do this extra step to ensure your app safety when you recieve API from firebase server put that api in ofuscated text block.


same problem

Security alert

Your app contains exposed Google Cloud Platform (GCP) API keys. Please see this Google Help Center article for details.

Vulnerable locations:

  • io.kodular.sandeepkarlapudi781.JANTAFOODHOUSE.BIRYANI->lambda100

can anyone help to solve the problem

1 Like

can you plz make a tutorial to help us plz i also see firebase url error

1 Like

hmmm is that earning app ?

why you ask man i need to slove my prob

No support for earning apps.

1 Like

no earning app

Are you sure about that? From what we can tell from that screenshot it looks like one.

i see all token and url 50 time all are ok but see this problem

Well now that you deleted the screenshots we can be 100% sure you have an earning app.
Thankfully I saved the last one before you delete them:grin: