Sentry Expo authToken best practice

Using these docs:

We were told to add:

"hooks": {
      "postPublish": [
          "file": "sentry-expo/upload-sourcemaps",
          "config": {
            "organization": "your organization's short name here",
            "project": "your project name here",
            "authToken": "your auth token here"

However, I want to keep the “authToken” secret, and I was wondering what the best practice for managing this is?
Does it make sense to wish not to commit this token to the repo?
If so, what is the best way of injecting a token into app.json, either from a gitignored file or from an environment variable?

Also, could you better explain how the postPublish hook works when building a standalone app that will be submitted to the app stores? Do we need to publish to expo prior to building the apps, so that the source code publish happens? Or will building the app (exp build) also run the postPublish hook?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.