Security crypto deprecation

[seve-andre]

Following security crypto deprecation mentioned here and here, io.github.osipxd:encrypted-datastore should probably be preferred over io.github.osipxd:security-crypto-datastore.

[osipxd]

Wow. Thank you for letting me know. They've deprecated this library six months ago, and the only public notice about this change is the line in documentation you've mentioned. Nothing on the library page, nothing in security guidelines where security-crypto is still stated as "the preferred way" to encrypt data.

It looks like I should drop dependency on security-crypto and provide some migration mechanism to not lose data encrypted with it. However, I don't want to rush because it's important for me to understand why they've deprecated security-crypto.

[seve-andre]

I completely understand your point of view. It's frustrating when important changes aren't communicated clearly. It's wise to take time to understand why security-crypto was deprecated before making any big moves. Thank you for your work!

[osipxd]

I don't think it's possible to get any information from the Android team. The security-crypto issue tracker seems to be inactive. So, I've decided to remove security-crypto from the dependencies, but keep using a key specification similar to the one used in security-crypto to maintain backward compatibility.