v6.0.0-rc.9

Changelog:

• chore: normalize formatting in hooks (semicolons/spacing) and bump example iOS Podfile.lock deps (c9087e6)
• Merge pull request #494 from mCodex/refactor/appExample (ed1b003)
• docs: add error-handling section to README and introduce SECURITY.md (69876ac)
• fix(auth): treat authentication cancellations as soft-failures and map native cancel codes (4454883)
• chore: bump dev/example deps and normalize README version notation (0c6bd68)
• Update GitHub Sponsors username in FUNDING.yml (c495d01)
• example: overhaul App.tsx to use hooks-based playground UI (4d3540f)

Release 5.6.2

5.6.2 (2025-11-03)

• chore: bump devDependencies and regenerate lockfiles (006236a)
• Refactor entry point and enhance native fallback logic (91916b1)
• Update src/index.ts (b27dda4)
• Update src/index.ts (04aece9)

What's Changed

• Refactor entry point and enhance native fallback logic #485 by @mCodex in #489

Full Changelog: v5.6.1...v5.6.2

Release 5.6.1

5.6.1 (2025-10-29)

Fixes [#480 ]

• Refactor iOS access control and Keychain handling; add RN Swift module & ObjC bridge; update deps an (4ccb7f1)

Full Changelog: v5.6.0...v5.6.1

v6.0.0-rc.8

Release 6.0.0-rc.5 · 2025-10-27

Highlights

• 🔐 Secure storage now covers iOS, macOS, visionOS, watchOS, and Android with the same Nitro-backed core.
• 🪝 New React Hooks API streamlines listing, mutating, and clearing secrets with metadata.
• 🛠️ Android and iOS CI workflows refreshed for consistent Gradle and CocoaPods builds.

Hooks Included

• useSecureStorage
• useSecret
• useSecretItem
• useHasSecret
• useSecurityAvailability
• useSecureOperation

Platform Support

• 📱 iOS 13+
• 💻 macOS 11+
• 🥽 visionOS 1.0+
• ⌚ watchOS 7.0+
• 🤖 Android API 23+

Tooling & Docs

• ♻️ Android workflow YAML cleaned and Gradle caching restored.
• 📦 iOS workflow installs example dependencies before codegen to prevent missing modules.
• 📚 README platform matrix updated to highlight expanded Apple coverage and Windows removal.

v6.0.0-rc.3

🚀 What's New

🔐 Security & Biometrics

• ⭐ Automatic Class 3 enforcement: Android now locks onto strong (Class 3) biometrics by default when hardware supports them, gracefully falling back to the strongest available authenticator on older devices.
• 🗑️ Removed manual toggle: The androidBiometricsStrongOnly option is gone—strong biometrics are now the default behavior with no user knob to turn off.
• ✅ Simplified API surface: Cleaner Kotlin/JS/C++ bindings reflect the hardened defaults across all request types.

🎨 Example Playground Refresh

• 🎯 Hardware-aware selector: Access-control options now grey out unsupported policies in real-time, reflecting your device's actual capabilities.
• 🔄 Auto-upgrade logic: The UI automatically selects the strongest viable guard when you switch devices.
• 💡 Inline guidance: A helpful note explains that the native layer always picks the best security tier available.

📚 Documentation & Migration

Note

Pick your release track:

• 6.0.0-rc.2 (Nitro hybrid): Fastest path forward with 3.3× bridge speedup, richer metadata, and stronger defaults.
• 5.6.0 (Last bridge): Final pre-Nitro release with latest Android 13 fixes and namespace cleanups—Fabric architecture only.
• 5.5.x (Legacy): Paper architecture support, no new features—users should upgrade to 5.6.0 at minimum.

🔧 Under the Hood

• 📊 Enhanced SecurityAvailabilityResolver now tracks strong biometrics explicitly.
• 🎛️ Tightened AccessControlResolver to ensure secure-enclave requests only run when hardware is ready.
• 🏗️ Generated bindings (Kotlin, C++, Swift) pruned to match the simplified options payload.

📈 Performance & Reliability

• ⚡ Nitro v6 users see 3× faster operations compared to the classic bridge.
• 🛡️ Android 13 prompt hangs resolved via improved activity lifecycle tracking.
• 📱 Restored manual device credential fallback for Android 9 parity.

---

Release 5.6.0

🚀 v5.6.0 - Complete Architectural Refactor + Android 13 Fix

What a Release! 🎉

This is a major architectural refactor of react-native-sensitive-info. We've completely rebuilt the library from the ground up on the Fabric architecture, dropped legacy support, and added cutting-edge security features like Secure Enclave and StrongBox. Plus, we fixed the critical Android 13+ encryption issue that broke device credentials.

In one release: Modern architecture + modern security + Android 13 fix = Production ready. ✨

---

Breaking Changes (But Not Really)

For App Developers

Good news: There are NO breaking changes. Your code from v5.5.8 works as-is.

// v5.5.8
const value = await setSecureValue('my_key', 'my_secret');

// v5.6.0 (same code!)
const value = await setSecureValue('my_key', 'my_secret');  // Works perfectly

The library evolved under the hood to fix Android 13. Your app just works better now.

What Actually Changed

Architecture:

• ✅ Migrated to Fabric (new React Native architecture)
• ✅ Dropped Old Paper Architecture (legacy TurboModules)
• ✅ Modernized codebase throughout

Android 13+ Fixes:

• Keys are now created without AUTH_DEVICE_CREDENTIAL at the keystore level
• Device credential handling moved to application level (transparent to your code)
• Old keys auto-migrated on first encryption attempt
• BiometricPrompt now only offers biometric for keystore-gated auth on Android 13+

Android 10-12:

• Unchanged and working perfectly
• Device credential still at keystore level (no changes needed)

Backward Compatibility:

• v5.5.8 → v5.6.0: ✅ Drop-in replacement
• Existing encrypted data: ✅ Works on Android 9-12, auto-migrates on Android 13+
• Your API calls: ✅ No changes required

---

Quick Stats

Metric	v5.5.8	v5.6.0
Android 13+ Support	❌ Broken	✅ Fixed
Device Credential on A13+	❌ Fails	✅ Works
Auto-Migration	❌ No	✅ Yes
Error Messages	Generic	Specific & helpful
Encryption Standard	AES-256-GCM	AES-256-GCM
Hardware Keys	✅ Yes	✅ Yes
TypeScript Support	✅ Yes	✅ Yes
API Changes	-	None

---

How to Upgrade

Simple (Recommended)

npm install react-native-sensitive-info@^5.6.0
# or
yarn add react-native-sensitive-info@^5.6.0

No code changes required. Just update and you're good to go!

What Happens

1. Android 13+ devices: Old keys detected and auto-deleted on first encryption
2. New key created with proper Android 13+ configuration
3. Everything works transparently
4. Users see no errors or interruption

For Users with Old Encrypted Data on Android 13+

If you have data encrypted with v5.5.8 and want to keep it:

// Option 1: Re-encrypt after upgrade
const oldValue = await getSecureValue('key');  // Returns error (migration)
await setSecureValue('key', 'your_value');     // Creates new encrypted data with v5.6.0

// Option 2: Accept the migration
// Your new app installations will use the new encryption format

Note: Data encrypted on Android 9-12 continues to work perfectly with v5.6.0.

---

The Thank You Moment 🙏

This fix wouldn't be possible without:

• You, for reporting the Android 13 issue and providing logcat output
• Google, for (eventually) documenting the Android 13 KeyMint changes
• The React Native community for patience during the investigation

---

What Happens Next?

We're not stopping here. Coming soon:

• 🔍 Enhanced key rotation strategies
• 📊 Better performance metrics
• 🌍 Additional platform refinements
• � Improved documentation for Android 13+

But for now, let's celebrate this fix. Android 13 is finally working! 🎉

---

Try It Now

Then use it exactly like you always have:

import { RNSensitiveInfo } from 'react-native-sensitive-info';

// Set encrypted value
await RNSensitiveInfo.setSecureValue('secretKey', 'secretValue', {
  keychainService: 'myapp',
  requireAuthentication: true,
});

// Get encrypted value (with biometric prompt)
const value = await RNSensitiveInfo.getSecureValue('secretKey', {
  keychainService: 'myapp',
  requireAuthentication: true,
});

Same simple API you've always loved. Same security you deserve. Better everything else. 🚀

v6.0.0-rc.1

What's Changed

• fix(android): Error is null on invalidateEnrollment set to false by @denissb in #258
• feat: Adding a hasItem method by @denissb in #259
• Adding mavenCentral() as jcenter() is shutting by @maheshwarimrinal in #280
• Use Commit Over Apply by @netshade in #295
• Add kSecAttrAccessible to query in getItem by @geraintwhite in #297
• Convert Android encrypt/decrypt to use chunking by @geraintwhite in #301
• Feat/v6 by @mCodex in #449

New Contributors

• @maheshwarimrinal made their first contribution in #280
• @netshade made their first contribution in #295
• @geraintwhite made their first contribution in #297

Full Changelog: v6.0.0-alpha9...v6.0.0-rc.1

6.0.0-alpha.9

• Fixed build on Xcode 12 #246

v6.0.0

Since last month I started actively maintaining this library once again with the help of the our awesome community.

We updated our docs and released the RNSInfo's website, created a new example project which is under development, started planning new releases, bug fixes and so on...

In this release you will find some of the changes that are coming soon for all of our users. These are the changes available for now in v6.0.0:

BREAKING CHANGES:

This version uses keystore to encrypt/decrypt data. So, if you use the master branch in your project you may not be able to retrieve previous saved data. We still need more work to handle this. The discussion can be found here.

On the other hand, if you already use keystore branch you can give it a try.

---

• The method isHardwareDetected was removed due to isSensorAvailable

More changes

• Finally added keystore to encrypt/decrypt data before saving/retrieving in sharedPreferences
• Migrating JS code to TS
• Added Android's Biometric Prompt for supported devices
• If you were using keystore's branch: Added many bug fixes and improvements which were available only in master's branch

PRs are always welcome ❤️

Installation

To install, run:

yarn add react-native-sensitive-info@next

or

npm i --save react-native-sensitive-info@next

v5.5.0

Added AndroidX support