Can I publish the StoreKey.pfx of an UWP application

Question

I have an open source windows store application (UWP). When I associate the application with the store a Package.StoreAssociation.xml and a _St

Answer 1

Can I commit that information to a public git repository (the certificate must be in the repository because I want to build the package with AppVeyor)?

For public git repository, the Store key .pfx file should not be committed(Add to .gitignore file). If you want to use the CI system, please create a private repository or append the .pfx file to your cloned project in CI backend.

Should I encrypt it?

This file has been encrypted and it's for signing your app before submitting to Windows Store, see also How to create an app package signing certificate

Could I revoke the certificate if it leaked?

You need to reserved a new app name, see here

Are the changes to appxmanifest sensitive?

Depends on what you have changed, it's very important for Identity and package information in .packagemanifest file. See App package manifest