Hide Firebase API Key in exported HTML project

How do I…

Hide my Firebase API Key in exported HTML project?
I uploaded my project to GitHub, only to test, and I got an email from Google saying they discovered a leaked API Key. I checked, and it was a part of data.js. This file has a lot of other code required by the game, so I don’t think putting it in the .env file is an option. Is there a way to hide it so that it is not publicly available?

I have taken the necessary steps of regenerating a key, adding http restrictions, etc. but I would like a more permanent solution before I rebuild the project.

Have you solved this problem? I have the same problem, i also tried .env but i couldnt make it work and it seems impossible.