Skip to content

chore(deps): bump com.facebook.android:facebook-login from 18.0.3 to 18.3.0#2375

Merged
russellwheatley merged 1 commit into
masterfrom
dependabot/gradle/com.facebook.android-facebook-login-18.3.0
Jul 8, 2026
Merged

chore(deps): bump com.facebook.android:facebook-login from 18.0.3 to 18.3.0#2375
russellwheatley merged 1 commit into
masterfrom
dependabot/gradle/com.facebook.android-facebook-login-18.3.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor

Bumps com.facebook.android:facebook-login from 18.0.3 to 18.3.0.

Release notes

Sourced from com.facebook.android:facebook-login's releases.

sdk-version-18.3.0

No release notes provided.

sdk-version-18.2.3

Changelog

sdk-version-18.1.3

Changelog

Changelog

Sourced from com.facebook.android:facebook-login's changelog.

[18.3.0]

Added

  • Added Single Sign-On (SSO) support via FBLoginSSOLauncher, letting users log in with their existing Facebook account directly through the installed Facebook app without re-entering credentials. When the Facebook app is missing or out of date, a "Continue with Facebook" dialog (FBLoginSSONoAppDialog) falls back to the standard web-based login flow.

[18.2.3]

Added

  • Added redirect_uri support for secure login flows across WebView, CustomTab, and native app (Katana) handlers
  • Added intent_uri_package_target parameter support for CustomTab and Katana login flows
  • Added protected data metadata flag for Integrity
  • Added banned params manager to send banned param names for Integrity
  • Added referrer for Deep Link requests
  • Added Build.VERSION.SDK_INT check before using AdServices APIs

Fixed

  • Fixed ConcurrentModificationException in FetchedAppGateKeepersManager
  • Avoided Kotlin reflection during FetchedAppGateKeepersManager static init
  • Fixed AtomicBoolean misuse in AttributionIdentifiers
  • Fixed identity comparison in ImageDownloader RequestKey.equals
  • Fixed logic bug in FileLruCache content tag check
  • Fixed thread safety by adding @​Volatile to shared mutable fields across multiple classes
  • Fixed variable shadowing in LegacyTokenHelper and Utility
  • Fixed CustomRedirectWebDialog WebView sizing regression
  • Fixed token refresh to execute requests individually for Gaming Graph tokens
  • Only warn about missing FacebookActivity when facebook-common is present

Changed

  • Updated to Gradle 8.5
  • Updated install-referrer dependency
  • Replaced deprecated CookieSyncManager and removeExpiredCookie usage
  • Replaced deprecated BigDecimal.ROUND_HALF_UP with RoundingMode.HALF_UP
  • Replaced java.util.Random with SecureRandom for security compliance
  • Removed SSL bypass flag code path in WebDialog
  • Stopped persisting Access Token with Events
  • Used debug-gated logd() instead of Log.d() in catch block logging
  • Improved resource management with Kotlin .use{} for I/O operations
  • Added logging to previously empty catch blocks

[18.1.3]

Added

  • Added the support for external ID
Commits
  • a01d2c5 Release 18.3.0 (Facebook SSO Feature)
  • 392176b Opt into AGP 8.0 publishing component DSL
  • 65d9891 Parse click_id from deep-link intents
  • 4e981b8 Sync SSO dialog translations from T261701963
  • c7308fa Clean up safe compiler warnings in facebook-common
  • 516601d Clean up safe compiler warnings in facebook-core
  • 7b02b48 Remove deprecated ComposeOptions.kotlinCompilerVersion
  • 236900d Clean up redundant getter visibility in facebook-bolts
  • f5f8eda VVPManager: scrub fb_content[].id in enforce mode
  • bd8014b VVPManager: support isShadowEnabled with fail-open default
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [com.facebook.android:facebook-login](https://github.com/facebook/facebook-android-sdk) from 18.0.3 to 18.3.0.
- [Release notes](https://github.com/facebook/facebook-android-sdk/releases)
- [Changelog](https://github.com/facebook/facebook-android-sdk/blob/main/CHANGELOG.md)
- [Commits](facebook/facebook-android-sdk@sdk-version-18.0.3...sdk-version-18.3.0)

---
updated-dependencies:
- dependency-name: com.facebook.android:facebook-login
  dependency-version: 18.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@russellwheatley russellwheatley merged commit 7cb806e into master Jul 8, 2026
17 checks passed
@russellwheatley russellwheatley deleted the dependabot/gradle/com.facebook.android-facebook-login-18.3.0 branch July 8, 2026 10:42
@github-project-automation github-project-automation Bot moved this from Backlog to Done in studio-2394994192-60a69 Jul 8, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant