Packaging with hidden strings

Kevin Kofler kevin.kofler at
Fri Jul 31 00:49:53 UTC 2015

Jiří Konečný wrote:
> I have a theoretical question. Is it possible to a create package to
> Fedora which is using oauth2 authentication and that means there are
> app_id and secret_code strings generated by api provider? These strings
> are used in the program but can't be shipped in the code because
> everyone could then use these codes to look as this application.

Unfortunately, the concept of an application key is fundamentally 
incompatible with Free Software. Several Free Software projects just ship 
the app key(s) they use in their source code, and usually get away with it. 
I guess that for some popular APIs, there are even projects just using some 
other Free Software project's app key, but that's of course bad form.

        Kevin Kofler

More information about the devel mailing list