Hello, what is the purpose of adding package signatures on the line developer console? My understanding was that it can limit usage of channel ID to specific signatures but when I add different SHA than my app uses then I can still use the SDK.

The documentation only explains how to add the signatures, not the purpose of it https://developers.line.biz/en/docs/line-login-sdks/android-sdk/integrate-line-login/#link-app-to-channel

Could you explain what is the benefit of adding SHA signatures? Also should I make my channelID secure by injecting it through the CI?

Thanks!