19
GitHub Copilot, Amazon Code Whisperer emit people's API keys
(www.theregister.com)
A community for all things related to application security.
I think, and i could be wrong, but you should be storing them in a password manager style service, and then have your application pull them out.
Which is just commiting the keys with extra steps I guess :/