It is hard to use the feature to upload a NuGet package without accidentally leaking the API key when you upload the config file to a repository.
It should be possible (or even enforced) to get the API key from a separate file or environment variable.
The current workaround would be to script tooling that generates the config file from a template without API key.
It is hard to use the feature to upload a NuGet package without accidentally leaking the API key when you upload the config file to a repository.
It should be possible (or even enforced) to get the API key from a separate file or environment variable.
The current workaround would be to script tooling that generates the config file from a template without API key.