braintree / braintree-android-drop-in

Braintree Drop-In SDK for Android
https://developers.braintreepayments.com/guides/drop-in/android/v2
MIT License
124 stars 79 forks source link

Google Play Console warning regarding com.braintreepayments.api:data-collector #452

Closed fabiorbap closed 11 months ago

fabiorbap commented 11 months ago

Braintree SDK Version

6.9.0

Environment

Both

Android Version & Device

No response

Braintree dependencies

implementation 'com.braintreepayments.api:google-payment:3.5.0'
implementation 'com.braintreepayments.api:drop-in:6.9.0'

Describe the bug

I just got a warning from the Google Play Console that says the following:

"Your app X version code Y includes SDK com.braintreepayments.api:data-collector or an SDK that one of your libraries depends on, which collects personal or sensitive data that includes but may not be limited to identifiers. Persistent device identifiers may not be linked to other personal and sensitive user data or resettable device identifiers as described in the user data policy.

Starting from 4 February 2024 midnight (UTC), new app releases containing the SDK version(s) that do not comply with the user data policy may be blocked from release. You may consider upgrading to a policy-compliant version of this SDK that does not include the violating code, if available from your SDK provider, or removing this SDK from your app.

According to your SDK provider, you may consider upgrading to 4.31.0, and/or contacting your SDK provider to see if a suitable later version might be available. Google is unable to endorse or recommend any third-party software.

ACTION REQUIRED: Upload a new compliant version AND deactivate the non-compliant version."

Looks like the SDK is using an internal dependency that is non-compliant with the Google Play Console policy.

I received this message today, so I'm not sure there is already a fix for that. I'm also using the google-payment SDK, so it might be there as well, but I don't want to create an issue there before I check where is the problem actually.

The suggestion of updating it or google-payment to 4.31.0 doesn't make sense - it would be a downgrade from the drop-in version I'm using, and that version doesn't exist for google-payment

To reproduce

Google Play Console reviewed the app according to its policies and reported that the app is non-compliant

Expected behavior

The app becoming compliant to Google Play data policies.

Screenshots

Screenshot_08_12_23__16_37
jaxdesmarais commented 11 months ago

Hello @fabiorbap -

Thanks for reaching out and using the Braintree Android Drop-in SDK. Please upgrade to at least version 6.10.0 of the SDK (lastest is version 6.13.0) to resolve this issue. It was resolved in our braintree_android SDK version 6.31.0.

You will need to ensure that all of your build tracks (e.g. open, closed, internal testing) are up to date after updating the version of the SDK.

fabiorbap commented 11 months ago

@jaxdesmarais Thank you for such quick feedback! I'll try doing that then, and I'll post the results, although I'm pretty sure that will fix it. Thanks!

Always-Bijoy commented 9 months ago

Hey can anyone please guide me on where and how I update it? where should I find it 'com.braintreepayments.api:drop-in:6.9.0', in package sdk or implement it app.gradle.

sshropshire commented 9 months ago

@Always-Bijoy you'll have to update the version in your app's build.gradle file (or wherever your app declares its dependencies).

Also when you release to Google Play you'll have to update all Production and Test tracks to point to the latest version of your app.

Always-Bijoy commented 9 months ago

If I add this line to my build.gradle app crashed.[image: Screenshot 2024-02-17 at 1.56.17 AM.png] implementation 'com.braintreepayments.api:drop-in:6.13.0'

On Sat, Feb 17, 2024 at 1:30 AM sshropshire @.***> wrote:

@Always-Bijoy https://github.com/Always-Bijoy you'll have to update the version in your app's build.gradle file (or wherever your app declares its dependencies).

Also when you release to Google Play you'll have to update all Production and Test tracks to point to the latest version of your app.

— Reply to this email directly, view it on GitHub https://github.com/braintree/braintree-android-drop-in/issues/452#issuecomment-1949200514, or unsubscribe https://github.com/notifications/unsubscribe-auth/AG7E3266NM3IBIT6V6XMOFLYT6XUZAVCNFSM6AAAAABANDLPWKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNBZGIYDANJRGQ . You are receiving this because you were mentioned.Message ID: @.***>

-- Best Regards,

Bijoy Ghosh Flutter Developer +880 1688 134326 @.***

sshropshire commented 9 months ago

@Always-Bijoy the screenshot didn't come through. Can you resend the screenshot along with a stack trace of the crash?

I'd also suggest you select File -> Invalidate Caches... in the system menu, check all 3 checkboxes (see below) and click "Invalidate and Restart." Then try to build and see if you get the same error.

Screenshot 2024-02-16 at 2 00 58 PM