hi, SDK issue

[quitriz]

Hi, I got this from google ...

The SDK provider of com.google.android.recaptcha:recaptcha has added a note for recaptcha:18.1.2. Here's what the SDK provider told us:

A critical security vulnerability was discovered in reCAPTCHA Enterprise for Mobile. The vulnerability has been patched in the latest SDK release. Customers will need to update their Android application with the reCAPTCHA Enterprise for Mobile SDK, version 18.4.0 or above. We strongly recommend you update to the latest version as soon as possible.

P.S.: can we do anything about this ?

thanks

[AdilSoomro]

It is due to Firebase Auth. Currently we're using firebase_auth: 4.14.0 and the latest version for firebase_auth is 4.16.0. A user on Stackoverflow reported that firebase_auth 4.16.0 also doesn't solve this problem. So we've to wait for the next release by firebase team to fix this warning.

Checkout the issue here: https://stackoverflow.com/q/77798636/593709

[AdilSoomro]

As answered by Martin Reindl, you can override reCaptcha version by adding recaptcha_enterprise_flutter: ^18.4.0 or

implementation 'com.google.android.recaptcha:recaptcha:18.4.0'

in dependencies section of your app-level build.gradle file.

This happens because the last version firebase auth, uses recaptcha:18.1.2.

In this github issue it is confirmed that the fix is scheduled for the next release.

[quitriz]

thank you, i will try t hat

[AdilSoomro]

This has been solved by updating the firebase_auth library in pubspec.