Can I hard-code a default value for `BraveServiceKey`?

TL;DR: If BraveServiceKey is not a secret, can I hard-code a default value in open source Brave repos? Or, if BraveServiceKey is a secret, how should contributors to Brave projects handle it?

Why BraveServiceKey Matters to Contributors

Some *.brave.com domains require that requests include a valid braveservicekey header. Unsurprisingly, some of those domains are used by code (e.g., tests) in various open-source Brave repos. At the same time, there’s no default value or instructions that I could find for how contributors should manage this key.

Speculation

At least one repo treats BRAVE_SERVICE_KEY as a “secret,” which puts me in a weird spot for a couple of reasons. First, because it’s… not a secret? A valid value for the key is shown in the original GitHub issue, and I know it’s valid because my Brave browser sends the same key. Second, as a would-be contributor, one interpretation of it being a “secret” is that I shouldn’t be hitting those endpoints, which is awkward considering that my browser hits those endpoints already.

Prior Work

A “friend” :wink: asked a similar question on Reddit and didn’t get an answer, so I figured I’d try this site instead.