Android: why signing configs in Gradle require clear passwords? -

there must missing.

it looks in order sign release apk in android studio, need hardcode in gradle configuration file signature password , exact location of signature file.

is secure?

in eclipse asked type password, , prefered way.

you need hardcode in gradle configuration file signature password

no. need supply build.gradle keystore password. can supply via environment variable, separate properties file (e.g., 1 not committed part of repo), or other means choose groovy can handle.

in eclipse asked type password, , prefered way.

you can too.