Our Cybersecurity team have reported that in our app the io/invertase/firebase library is using the external storage of the phone. The file reported is this:
Please, somebody knows why the external storage is mentioned into that file? I don’t see a permission request from this library to access there, but in that case, Why it mention external storage into that file? I couln’t follow the code to understand it.
I’d like to help but unfortunately it’s not something that is maintained by Auth0 I believe.
Copyright (c) 2016-present Invertase Limited & Contributors
- Licensed under the Apache License, Version 2.0 (the “License”);
- you may not use this library except in compliance with the License.
- You may obtain a copy of the License at
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an “AS IS” BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
This is a part of the cybersecurity query