firebase-ios-sdk icon indicating copy to clipboard operation
firebase-ios-sdk copied to clipboard
verified publisher icon firebase

Use the new API and secureCoding protocol

Open Zelimir-Koljesar-ck opened this issue 1 year ago • 1 comments

Description

The reason I am reaching out is because we have an outside vendor that flagged certain lines of codes as a security issue when analyzing our 3rd party dependencies. In order to stay compliant we need to remedy this issue but we need support. https://github.com/firebase/firebase-ios-sdk/blob/b761b15097304b85d8ba3fec42b317498ef8b73a/FirebaseMessaging/Sources/Token/FIRMessagingTokenStore.m#L105 Would it be possible to upgrade the relevant code to use newer, secure APIs. The code in question is tagged with TODOs already, so the team should be aware of the need. We're trying to see if you can help us get this work prioritized and scheduled.

Reproducing the issue

No response

Firebase SDK Version

all

Xcode Version

all

Installation Method

N/A

Firebase Product(s)

Crashlytics

Targeted Platforms

All

Relevant Log Output

N/A

If using Swift Package Manager, the project's Package.resolved

Expand Package.resolved snippet 

Replace this line with the contents of your Package.resolved.

If using CocoaPods, the project's Podfile.lock

Expand Podfile.lock snippet 

Replace this line with the contents of your Podfile.lock!

Zelimir-Koljesar-ck avatar Oct 07 '24 21:10 Zelimir-Koljesar-ck

I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.

google-oss-bot avatar Oct 07 '24 21:10 google-oss-bot

Closing in favor of the duplicate, more detailed #14424

paulb777 avatar Feb 04 '25 15:02 paulb777