security: .gitignore missing critical entries for API keys and signing credentials

## Description

The current `.gitignore` does not protect against accidentally committing sensitive files:

### Missing Entries

| File | Risk |
|------|------|
| `android/app/google-services.json` | Firebase API keys for Android |
| `ios/Runner/GoogleService-Info.plist` | Firebase API keys for iOS |
| `android/key.properties` | Android release signing passwords |
| `*.jks` / `*.keystore` | Android signing keystores |
| `.env.local` / `.env.production` | Production API keys |

### Current .gitignore

The current file only has the default Flutter template entries. It ignores `.env` but not `.env.local`, `.env.production`, or any Firebase/signing credential files.

## Impact

Any contributor who adds Firebase or configures release signing could accidentally push API keys or signing credentials to the public repo.

## Expected Fix

Add security-critical exclusions to `.gitignore`.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

security: .gitignore missing critical entries for API keys and signing credentials #41

Description

Missing Entries

Current .gitignore

Impact

Expected Fix

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

File	Risk
`android/app/google-services.json`	Firebase API keys for Android
`ios/Runner/GoogleService-Info.plist`	Firebase API keys for iOS
`android/key.properties`	Android release signing passwords
`.jks` / `.keystore`	Android signing keystores
`.env.local` / `.env.production`	Production API keys

Uh oh!

security: .gitignore missing critical entries for API keys and signing credentials #41

Description

Description

Missing Entries

Current .gitignore

Impact

Expected Fix

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions