This project uses environment variables to store sensitive configuration data. Never commit API keys or secrets directly in the source code.

Create a .env.local file in the root directory with the following variables:

# GitHub API (for contributor data)
VITE_GITHUB_TOKEN=your_github_token_here

# RapidAPI (for Java code execution)
VITE_RAPIDAPI_KEY=your_rapidapi_key_here

# Other configuration
VITE_GITHUB_REPO=YourUser/YourRepo
VITE_API_URL=your_api_url_here

VITE_GOOGLE_CLIENT_ID=your_google_client_id_here
VITE_GOOGLE_REDIRECT_URI=http://localhost:5173   
VITE_GOOGLE_AUTH_SCOPE=email profile openid
VITE_GOOGLE_API_URL=https://accounts.google.com/o/oauth2/v2/auth

1. Sign up at RapidAPI
2. Subscribe to Judge0 CE API
3. Copy your API key from the dashboard
4. Add it to your .env.local file

1. Go to GitHub Settings > Developer settings > Personal access tokens
2. Generate a new token with public_repo scope
3. Add it to your .env.local file

1. Head to [https://console.cloud.google.com/](Google Console)
2. Create an account and head to Google Auth Platform / Clients
3. Create a client and copy the necessary details to .env.local

• ✅ Use environment variables for all API keys and secrets
• ✅ Add .env.local to .gitignore (already done)
• ✅ Use import.meta.env.VITE_* to access environment variables
• ❌ Never hardcode API keys in source code
• ❌ Never commit .env.local or .env.production files
• ❌ Never share API keys in issues, PRs, or documentation

If you discover a security vulnerability, please email the maintainers directly instead of opening a public issue.

Security updates will be released as soon as possible after a vulnerability is confirmed.