google-oss-bot
commented
3 years ago I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.
Open angelapanlu opened 3 years ago
google-oss-bot
commented
3 years ago I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.
eldhosembabu
commented
3 years ago In the latest PR where we migrated to Glide from Picasso, we have removed our dependency on okhttp in FIAM Display SDK.
Please see: https://github.com/firebase/firebase-android-sdk/pull/2068/files
Please take the latest version of FIAM SDK for the changes and let us know if that helps.
angelapanlu
commented
3 years ago @eldhosembabu Thank you for your reply. I just ran dependency check
com.google.firebase:firebase-inappmessaging-display:19.1.5 | | +--- androidx.appcompat:appcompat:1.1.0 -> 1.3.1 () | | +--- androidx.browser:browser:1.0.0 () | | +--- androidx.cardview:cardview:1.0.0 () | | +--- androidx.constraintlayout:constraintlayout:1.1.3 () | | +--- androidx.legacy:legacy-support-v4:1.0.0 () | | +--- com.google.android.gms:play-services-tasks:17.1.0 () | | +--- com.google.auto.value:auto-value-annotations:1.6.6 | | +--- com.google.firebase:firebase-common:19.5.0 () | | +--- com.google.firebase:firebase-components:16.1.0 () | | +--- com.google.firebase:firebase-inappmessaging:19.1.5 () | | +--- com.google.firebase:firebase-measurement-connector:18.0.0 () | | +--- com.squareup.okhttp:okhttp:2.7.5 (*)
The way I include FIAM display SDK is implementation("com.google.firebase:firebase-inappmessaging-display-ktx") How can I used the latest library version?
eldhosembabu
commented
3 years ago The change is public in this version : https://firebase.google.com/support/release-notes/android#inappmessaging-display_v20-1-0
You might be using the firebase BOM, so please try updating its version to the latest and check :
implementation platform('com.google.firebase:firebase-bom:28.4.1')
kran-rana87
commented
2 years ago Issue still seems to be happening after updating the Bom version to latest i.e. 29.0.1. Following is my dependency tree and it seems In-app messaging is still using an older version of okhttp and because of that my app update was rejected by Google.
Dependencies used in the app:
implementation platform('com.google.firebase:firebase-bom:29.0.1') implementation 'com.google.firebase:firebase-inappmessaging-display' implementation 'com.google.firebase:firebase-crashlytics' implementation 'com.google.firebase:firebase-analytics'
| +--- com.google.firebase:firebase-inappmessaging:20.1.1 | | +--- com.google.android.datatransport:transport-api:3.0.0 | | | --- androidx.annotation:annotation:1.1.0 | | +--- com.google.android.gms:play-services-tasks:17.0.2 -> 17.1.0 () | | +--- com.google.auto.value:auto-value-annotations:1.6.6 | | +--- com.google.firebase:firebase-abt:21.0.0 | | | +--- com.google.android.gms:play-services-basement:17.0.0 -> 17.3.0 () | | | +--- com.google.firebase:firebase-common:20.0.0 () | | | +--- com.google.firebase:firebase-components:17.0.0 () | | | --- com.google.firebase:firebase-measurement-connector:18.0.0 -> 19.0.0 | | | +--- com.google.android.gms:play-services-basement:17.0.0 -> 17.3.0 () | | | --- com.google.firebase:firebase-annotations:16.0.0 | | +--- com.google.firebase:firebase-common:20.0.0 () | | +--- com.google.firebase:firebase-components:17.0.0 () | | +--- com.google.firebase:firebase-datatransport:18.1.0 | | | +--- androidx.annotation:annotation:1.1.0 | | | +--- com.google.android.datatransport:transport-api:3.0.0 () | | | +--- com.google.android.datatransport:transport-backend-cct:3.1.0 -> 3.1.1 | | | | +--- androidx.annotation:annotation:1.1.0 | | | | +--- com.google.android.datatransport:transport-api:3.0.0 () | | | | +--- com.google.android.datatransport:transport-runtime:3.1.1 | | | | | +--- androidx.annotation:annotation:1.1.0 | | | | | +--- com.google.android.datatransport:transport-api:3.0.0 () | | | | | +--- com.google.firebase:firebase-encoders:17.0.0 | | | | | | --- androidx.annotation:annotation:1.1.0 | | | | | +--- com.google.firebase:firebase-encoders-proto:16.0.0 | | | | | | +--- androidx.annotation:annotation:1.1.0 | | | | | | --- com.google.firebase:firebase-encoders:17.0.0 () | | | | | --- javax.inject:javax.inject:1 | | | | +--- com.google.firebase:firebase-encoders:17.0.0 () | | | | --- com.google.firebase:firebase-encoders-json:18.0.0 | | | | +--- androidx.annotation:annotation:1.1.0 | | | | --- com.google.firebase:firebase-encoders:17.0.0 () | | | +--- com.google.android.datatransport:transport-runtime:3.1.0 -> 3.1.1 () | | | +--- com.google.firebase:firebase-common:20.0.0 () | | | --- com.google.firebase:firebase-components:17.0.0 () | | +--- com.google.firebase:firebase-installations:17.0.0 | | | +--- com.google.android.gms:play-services-tasks:17.0.0 -> 17.1.0 () | | | +--- com.google.firebase:firebase-common:20.0.0 () | | | +--- com.google.firebase:firebase-components:17.0.0 () | | | --- com.google.firebase:firebase-installations-interop:17.0.0 | | | +--- com.google.android.gms:play-services-tasks:17.0.0 -> 17.1.0 () | | | --- com.google.firebase:firebase-annotations:16.0.0 | | +--- com.google.firebase:firebase-installations-interop:17.0.0 () | | +--- com.google.firebase:firebase-measurement-connector:18.0.2 -> 19.0.0 () | | +--- com.google.firebase:protolite-well-known-types:18.0.0 | | | --- com.google.protobuf:protobuf-javalite:3.14.0 -> 3.17.2 | | +--- io.grpc:grpc-okhttp:1.41.0 | | | +--- io.grpc:grpc-core:1.41.0 | | | | +--- io.grpc:grpc-api:1.41.0 | | | | | +--- io.grpc:grpc-context:1.41.0 | | | | | +--- com.google.code.findbugs:jsr305:3.0.2 | | | | | +--- com.google.guava:guava:30.1-android | | | | | | +--- com.google.guava:failureaccess:1.0.1 | | | | | | +--- com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava | | | | | | +--- com.google.code.findbugs:jsr305:3.0.2 | | | | | | +--- org.checkerframework:checker-compat-qual:2.5.5 | | | | | | +--- com.google.errorprone:error_prone_annotations:2.3.4 -> 2.9.0 | | | | | | --- com.google.j2objc:j2objc-annotations:1.3 | | | | | --- com.google.errorprone:error_prone_annotations:2.9.0 | | | | +--- com.google.code.gson:gson:2.8.6 | | | | +--- com.google.android:annotations:4.1.1.4 | | | | +--- org.codehaus.mojo:animal-sniffer-annotations:1.19 | | | | +--- com.google.errorprone:error_proneannotations:2.9.0 | | | | +--- com.google.guava:guava:30.1-android (*) | | | | --- io.perfmark:perfmark-api:0.23.0 | | | +--- ### com.squareup.okhttp:okhttp:2.7.4_ | | | | --- com.squareup.okio:okio:1.6.0 -> 1.17.5 | | | +--- com.squareup.okio:okio:1.17.5 | | | +--- com.google.guava:guava:30.1-android () | | | --- io.perfmark:perfmark-api:0.23.0 | | +--- io.grpc:grpc-protobuf-lite:1.41.0 | | | +--- io.grpc:grpc-api:1.41.0 () | | | +--- com.google.protobuf:protobuf-javalite:3.17.2 | | | +--- com.google.code.findbugs:jsr305:3.0.2 | | | --- com.google.guava:guava:30.1-android () | | +--- io.grpc:grpc-stub:1.41.0 | | | +--- io.grpc:grpc-api:1.41.0 () | | | +--- com.google.guava:guava:30.1-android () | | | --- com.google.errorprone:error_prone_annotations:2.9.0 | | +--- io.reactivex.rxjava2:rxandroid:2.0.2 | | | --- io.reactivex.rxjava2:rxjava:2.1.9 -> 2.1.14 | | | --- org.reactivestreams:reactive-streams:1.0.2 | | +--- io.reactivex.rxjava2:rxjava:2.1.14 () | | --- javax.inject:javax.inject:1 | --- javax.inject:javax.inject:1
What feature would you like to see?
The current version of com.google.firebase:firebase-inappmessaging-display-ktx has dependency on a lower version of okhttp 2.7.5, in the rest of our project we are using 4.2.2. And we can't use 2.7.5 due to risk "OkHttp Non-ASCII ETag Header Handling Remote DoS". Can we upgrade the okhttp version to at least okhttp3 for this library so we can enable inapp messaging feature in our app?
How would you use it?
We will enable inapp messaging in the app.