No there are not secure and remains part of the build. If you are using the secrets on the client side, these are public. A way to keep them secrets would be using these on the backend side.

The scope of this article was to hide secrets from public repo. It does not make these private but, less obvious which can be, as in my case, interesting when you share your code in a public repo.