Raven.js: configure() lets DSN be exposed in page source?

The DSN can be public. I replied to another topic here which asked the same question: JS - how avoid anyone mess with my log?