Skip to content

v6.1.4

Latest
Latest

Choose a tag to compare

View all tags
@mCodex mCodex released this 29 Apr 18:18
· 1 commit to master since this release
v6.1.4
1ee57d6

πŸ” react-native-sensitive-info v6.1.4

πŸ› iOS Biometric Prompt Fix

This release fixes duplicate Face ID / Touch ID prompts on iOS when working with biometric-protected Keychain entries.

✨ What Changed

  • 🧠 Prompted value reads now own an LAContext from the first SecItemCopyMatching call.
  • 🀫 hasItem now uses a dedicated silent existence path on iOS.
  • πŸ”Ž Metadata-only reads and listings avoid triggering biometric UI.
  • 🧩 JS option normalization is now operation-aware, so silent probes do not accidentally forward biometric prompt fields.
  • πŸͺ Hooks now avoid leaking prompt-bearing options into silent fetch/existence checks.

βœ… Fixed Scenarios

  • Calling hasItem() before getItem() no longer causes two Face ID prompts.
  • useHasSecret() remains silent even when callers reuse biometric option bags.
  • useSecureStorage() metadata listings stay prompt-free unless values are explicitly requested.
  • getItem(..., { includeValue: false }) avoids biometric prompts for metadata-only reads.
  • Prompted getItem() reads avoid retry-driven duplicate Face ID / Touch ID sheets.

πŸš€ Why This Matters

On iOS, even Keychain existence or attribute queries can require user presence for biometric-protected items. Previously, an app flow like:

await hasItem('session-token', { service: 'auth' })
await getItem('session-token', {
  service: 'auth',
  authenticationPrompt: { title: 'Unlock session' },
})

could show Face ID twice: once during the existence check and once during the actual unlock.

Now, silent probes stay silent, and authentication is reserved for the operation that actually opens the protected value.

πŸ“± Recommended iOS Validation

For apps using biometric-protected secrets, validate on a real iOS device:

  1. Store an item with biometric access control.
  2. Call hasItem() during initialization.
  3. Call getItem() when the user explicitly unlocks.
  4. Confirm there is no Face ID prompt during initialization and exactly one prompt during unlock.

πŸ™Œ Upgrade Notes

No public API changes are required. Existing apps should benefit automatically, especially flows that perform existence checks before reading a protected value.

Assets 2
Loading