Skip to content
Secure Privacy Docs

Dependency Compatibility

OpenAI
Open in ChatGPT Ask questions about this page
Perplexity
Open in Perplexity Ask questions about this page
Claude
Open in Claude Ask questions about this page
Google
Open in Google Search AI Ask questions about this page

The Secure Privacy Android SDK relies on a small set of widely used third-party libraries (e.g., Retrofit, Gson). These dependencies are carefully selected and versioned to ensure stable and predictable behavior across supported environments.

Dependency Strategy

Section titled “Dependency Strategy”

We prioritize production-tested versions instead of always using the latest available releases:

  • Ensures consistent and reliable SDK behavior
  • Avoids unexpected breaking or behavioral changes from newer versions
  • Allows controlled validation during QA and release cycles

Supported Dependency Versions

Section titled “Supported Dependency Versions”
LibraryMinimum SupportedTested VersionNotes
Retrofit2.9.02.11.0Used via transitive dependency
Gson2.9.02.11.0JSON parsing
Converter Gson2.9.02.11.0Retrofit converter
Converter Scalars2.9.02.11.0Retrofit scalar support
Crypto KTX1.0.01.1.0-alpha06Deprecated, retained temporarily

Important Notes

Section titled “Important Notes”

1. SDK Validation Scope

Section titled “1. SDK Validation Scope”
  • The SDK is tested and validated against the versions listed above
  • Compatibility with other versions is not explicitly guaranteed, but may work depending on the library

2. Dependency Resolution (Gradle Behavior)

Section titled “2. Dependency Resolution (Gradle Behavior)”

All listed libraries are transitive dependencies of the SDK.

In Android, Gradle resolves dependency conflicts by selecting the highest version declared in the application:

implementation("com.squareup.retrofit2:retrofit:2.11.0") // SDK dependency
implementation("com.squareup.retrofit2:retrofit:3.0.0") // App dependency → takes precedence
  • The final version used at runtime is controlled by the host application
  • This allows apps to use newer versions if required

Note: While this mechanism enables flexibility, applications should validate their own dependency combinations.

3. Minimum Version Guarantee

Section titled “3. Minimum Version Guarantee”
  • The SDK ensures that a minimum compatible version of each dependency is available
  • This prevents runtime issues due to missing APIs

4. Crypto KTX Deprecation

Section titled “4. Crypto KTX Deprecation”

  • androidx.security:security-crypto-ktx is currently deprecated and no longer actively maintained

  • It is retained temporarily:

    • To support existing SDK users
    • To avoid breaking backward compatibility

This dependency is planned to be removed in a future release

Recommendation

Section titled “Recommendation”
  • You may define your own dependency versions in your app as needed
  • The SDK is designed to co-exist with application-defined versions via Gradle resolution
  • We recommend validating dependency combinations in your own build environment when overriding versions

Summary

Section titled “Summary”
  • SDK uses stable, tested dependency versions
  • Host apps can override versions via Gradle
  • Only listed versions are officially validated
  • Deprecated dependencies are temporary and will be removed