ci: add GitHub Actions workflow and CONTRIBUTING.md

Author: mfazrinizar

example/flutter_secure_dotenv_generator_example.dart

@@ -2,26 +2,28 @@ import 'package:flutter_secure_dotenv/flutter_secure_dotenv.dart';
 
 part 'env.g.dart';
 
-@DotEnvGen(
-  filename: '.env',
-  fieldRename: FieldRename.screamingSnake,
-)
+/// Example using the "Hardcoded Key + Gitignore" pattern.
+///
+/// This file (env.dart) is GITIGNORED. A template `env.example.dart` with
+/// placeholder values is committed instead. See SECURITY.md in
+/// flutter_secure_dotenv for details.
+
+@DotEnvGen(filename: '.env', fieldRename: FieldRename.screamingSnake)
 abstract class Env {
-  static Env create() {
-    String encryptionKey = const String.fromEnvironment(
-        "APP_ENCRYPTION_KEY"); // On build, change with your generated encryption key (use dart-define for String.fromEnvironment)
-    String iv = const String.fromEnvironment(
-        "APP_IV_KEY"); // On build, change with your generated iv (use dart-define for String.fromEnvironment)
-    return Env(encryptionKey, iv);
-  }
+  // These values come from the temporary encryption_key.json generated by
+  // build_runner. Copy them here, then delete the JSON file.
+  static const _encryptionKey = 'YOUR_BASE64_ENCRYPTION_KEY';
+  static const _iv = 'YOUR_BASE64_IV';
+
+  static Env create() => Env(_encryptionKey, _iv);
 
   const factory Env(String encryptionKey, String iv) = _$Env;
 
   const Env._();
 
-  @FieldKey(defaultValue: "")
+  @FieldKey(defaultValue: '')
   String get apiBaseUrl;
 
-  @FieldKey(defaultValue: "")
+  @FieldKey(defaultValue: '')
   String get apiWebSocketUrl;
 }