Security issue with PAT token displayed in plain text in js file

[nnganesha]

I followed the instructions in the README. After doing npm production build, the main_.js gets created along with index.html. When we host this in any web server, we have to put all files - index.html, main js, etc. But users can simply open the js file in the browser and see the PAT token as well as ORG name in plain text. Any ways to avoid this or get the token securely by putting the js on server side?