Login/Register
Play Store Warning : play-services-safetynet (com.google.android.gms:play-services-safetynet) has reported critical issues with version 17.0.0
Asked Answered
Solved androidfluttergoogle-playwarningsflutter-3.0
P

5

23

I got this warning from play store when I was trying to update my Flutter on play store.

The developer of play-services-safetynet (com.google.android.gms:play-services-safetynet) has reported critical issues with version 17.0.0. Consider upgrading before publishing a new release.

Here's what the SDK developer told us:
The SafetyNet Attestation API is being discontinued and replaced by the new Play Integrity API. Begin migration as soon as possible to avoid user disruption. The Play Integrity API includes all the integrity signals that SafetyNet Attestation offers and more, like Google Play licensing and better error messaging. Learn more and start migrating at https://developer.android.com/training/safetynet/deprecation-timeline

I am not using safe-net implementation in my build.gradle file may be some thirdparty pulgin is using this but tried flutter upgrade also to ensure updating all packages. but still I am getting this critical warning from play store. If any body have solution please let me know. Thanks in advance.

here is my pubspec.yaml implementations:

  cupertino_icons: ^1.0.2
  get: ^4.6.1
  path_provider: ^2.0.2+1
  get_storage: ^2.0.3
  file_picker: ^4.5.1
  cached_network_image: ^3.2.1
  shimmer: ^2.0.0
  introduction_screen: ^3.0.2
  json_serializable: ^6.1.4
  flutter_screenutil: ^5.0.0+2
  url_launcher: ^6.0.5
  google_fonts: ^2.3.1
  carousel_slider: ^4.0.0
  fluttertoast: ^8.0.8
  change_app_package_name: ^1.0.0
  font_awesome_flutter: ^10.1.0
  photo_view: ^0.13.0
  new_version: ^0.2.2
  shared_preferences: ^2.0.13
  bottom_bar: ^2.0.0
  intl: ^0.17.0
  http: ^0.13.4
  pull_to_refresh: ^2.0.0
  connectivity_plus: ^2.3.5
  image_picker: ^0.8.5+3
  syncfusion_flutter_pdfviewer: ^20.1.61-beta
  vdocipher_flutter: ^1.0.0-beta.6
  webview_flutter: ^3.0.4
  get_cli: ^1.8.1
  flutter_linkify: ^5.0.2
  flutter_countdown_timer: ^4.1.0
  webview_flutter_plus: ^0.3.0+2
  flutter_downloader: ^1.8.0+1  #integrate for ios also
  android_path_provider: ^0.3.0
  device_info_plus: ^4.0.0
  permission_handler: ^10.0.0
  open_file: ^3.2.1
  package_info_plus: ^1.4.2

ref image : enter image description here

Picayune answered 18/7, 2022 at 21:50 Comment(4)
I have seen this too, but it appears to be bundled with firebase and maybe some other Google libraries so there really isn't anything you can do about it if you are getting it from there... I think it is safe to ignore.Chessman
some people said that after uploading a new version, it was rejected for that reasonCalces
will it still be published even with this warning. Review is taking too long?Steamship
yes , you can publish and no review is taking too longPicayune
L
22

com.google.gms:google-services itself has contained safetyNet API. As you see in version of gg services to latest 4.3.13, it has safetyNet ver 18.0 and it's OK.

https://developers.google.com/android/guides/setup#list-dependencies How to suppress the "Avoid using bundled version of Google Play services SDK" warning? https://developers.google.com/android/guides/releases

Updated: 13/10/2022

Thanks!

Landlubber answered 20/7, 2022 at 7:19 Comment(10)
From developers.google.com/android/guides/releases, the latest as at today is 4.3.13, not 4.4.13.Bed
My typing mistake, thank you.Landlubber
I have tried this and it does not workCorell
Same tried, but the Play Store still shows the warning for new build.Shackleton
According to that answer is it correct to assume we can ignore the warning and just wait G fix it with their own library?Gulf
Sorry I'm late. Can you try alternative solution, add this in android/app/build.gradle implementation('com.google.firebase:firebase-auth') { exclude module: "play-services-safetynet" }Landlubber
@DoingThingsOccasionally Maybe your problem relates to firebase auth. I updated my answer with issue link and official response. Please check, thank you!Landlubber
@QuyenAnhNguyen is the issue for safetynet which relates to firebase auth still not resolved as i can see the issue still open on github and did you find any work around except the above mentioned solutions?Godinez
@RahulPandey Yes, it has not resolved. You can try solution in Tommy's answer below that configure all in android/app/build.gradle to exclude the module or just ignore the warning.Landlubber
OMG, after reading some of the comments in Github Google teams really doesn't seem to talk to each other, and the best answer for now is that they BELIEVE that they will have a solution by their migration deadlines!!!Alarum
Y
7

Had same issue with Google Play for firebase Auth library. Unfortunately it did not have option to update to version that had updated Safetynet module. So had to find a working way to exclude the module from my project.

This is what I had:

dependencies {
    implementation platform('com.google.firebase:firebase-bom:30.3.2')
    implementation 'com.google.firebase:firebase-auth'
}

For my project the best option was to exclude the safetynet module from all libraries. Fow what ever reason, single library exclusion did not work.

dependencies {
    implementation platform('com.google.firebase:firebase-bom:30.3.2')
    implementation 'com.google.firebase:firebase-auth'
}
configurations.all {
    exclude group: 'com.google.android.gms', module: 'play-services-safetynet'
}

The above solution should work for any project that has this issue regardless of what library actually has the safetynet module included.

For anyone interested, here are easy commands to check your projects dependencies in Android Studio Terminal (this writes them in txt file for easier reading):

./gradlew app:dependencies > dependencies.txt
Yokefellow answered 30/8, 2022 at 10:46 Comment(4)
I had same issue with Firebase Auth. I tried this, and it didn't show the error anymore in the Google Play Console but totally crashes the app. It says that the module was not found.Administrative
This is totally dependent on your implementation. If what part of Firebase Auth you use requires SafetyNet, this will not work. Then the option to ignore the warning is probably the best for you. For me, this worked as most of my apps use only email auth.Yokefellow
I do not use Phone Authentication, only Email auth and Google Sign In, but Google Sign In doesnt use the SafetyNet API, does it?Administrative
Well, I just ignore the warning for now and wait for Firebase to migrateAdministrative
A
2

Update - March 28, 2023

Released Firebase Auth 21.2.0 (BoM 31.4.0) which adds support for Play Integrity in phone auth https://firebase.google.com/support/release-notes/android#auth_v21-2-0

However, as latest comment: https://github.com/firebase/firebase-android-sdk/issues/3890#issuecomment-1488368740

But I still see the warning in the Play console.
=> That's because the SafetyNet SDK is still being used as a fallback.We plan to completely remove the SafetyNet SDK in a future release - I will post a new comment to this thread when that happens.

I wonder if the play integrity API is NOT enabled in my Firebase Console > App Check. Then, ignore this warning, does it cause any blocking/ issue when using my app (with Phone authen method)?

Aiguille answered 20/4, 2023 at 3:11 Comment(0)
U
0

Firebase Authentication library itself import the SafetyNet Attestation API for there internal usage.

In latest version of Firebase Authentication 22.0.0 they have removed SafetyNet Attestation API and now uses the Play integrity.

So update your Authentication library version or if uses the Firebase BOM then update version to 32.0.0 or latest version.

Uranology answered 20/7, 2023 at 6:21 Comment(0)
N
-1

Exclude safetynet module by kotlin dsl (at bottom of your app gradle module):

configurations.all {
    exclude(group = "com.google.android.gms", module = "play-services-safetynet")
}
Nerva answered 21/3 at 9:21 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.