1 Reply
Hi, you can find our suggestions regarding publishing your repo in a way that is agnostic to the database url on the docs here: https://xata.io/docs/getting-started/installation#committing-files-to-your-repository
Generally speaking, it is safe to publish the URL because unauthenticated API calls do not count against your database's rate limits, so as long the API key is kept secret you shouldn't have any issues. For the additional layer of security through obscurity 🙂 you can avoid publishing the database URL by following the guidelines in the linked docs.
Installation & API keys
How to authenticate against a Xata database