Why the io/invertase/firebase library use the external storage?

Our Cybersecurity team have reported that in our app the io/invertase/firebase library is using the external storage of the phone. The file reported is this:


Please, somebody knows why the external storage is mentioned into that file? I don’t see a permission request from this library to access there, but in that case, Why it mention external storage into that file? I couln’t follow the code to understand it.

Hey there!

I’d like to help but unfortunately it’s not something that is maintained by Auth0 I believe.

Copyright (c) 2016-present Invertase Limited & Contributors

  • Licensed under the Apache License, Version 2.0 (the “License”);
  • you may not use this library except in compliance with the License.
  • You may obtain a copy of the License at
  • http://www.apache.org/licenses/LICENSE-2.0
  • Unless required by applicable law or agreed to in writing, software
  • distributed under the License is distributed on an “AS IS” BASIS,
  • WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  • See the License for the specific language governing permissions and
  • limitations under the License.

This is a part of the cybersecurity query

import android.content.Context;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.ExecutorService;
import javax.annotation.OverridingMethodsMustInvokeSuper;