chore(deps): bump flutter_secure_storage from 10.2.0 to 10.3.0

[dependabot]

Bumps flutter_secure_storage from 10.2.0 to 10.3.0.

Release notes

Sourced from flutter_secure_storage's releases.

v10.3.0

Android

• Added AndroidBiometricType enum and biometricType option to AndroidOptions to control which authentication methods are accepted during biometric prompts (requires KeyCipherAlgorithm.AES_GCM_NoPadding).
  • AndroidBiometricType.biometricOrDeviceCredential (default) accepts Class 3 biometrics or device credentials (PIN/pattern/password), preserving previous behaviour.
  • AndroidBiometricType.strongBiometricOnly restricts authentication to Class 3 (strong) biometrics only; device credentials are explicitly rejected.
• Fully enforced on Android 11+ (API 30+) via setAllowedAuthenticators on BiometricPrompt and setUserAuthenticationParameters on the KeyStore key. On earlier API levels the system may still permit device credentials.
• Added biometricPromptNegativeButton option to AndroidOptions to customise the dismiss button label on the biometric prompt. Required when using strongBiometricOnly or on Android 10 and lower.

iOS / macOS

• Fixed secStoreAvailabilitySink not being called when protected data availability changes.
• Fixed kSecUseDataProtectionKeychain being added to Keychain queries unconditionally; it is now only set when useDataProtectionKeychain is explicitly enabled.

Windows

• Fixed deleteAll and containsKey not acquiring the mutex lock, which could cause data races under concurrent access. If you are on Dart >=3.10.0, this fix is applied automatically. Otherwise, pin flutter_secure_storage_windows: ^4.2.2 in your pubspec.yaml to opt in and make sure your constraint is set for minimum of Dart >=3.10.0.

Linux

• Fixed deleteKeyring storing the string "null" instead of an empty JSON object {}.
• Fixed non-UTF-8 error messages from libsecret causing a FormatException on the Dart side; messages are now sanitised before being sent through the method channel.
• Fixed locked or unavailable keyring now surfacing as a catchable PlatformException with code KeyringLocked.
• Fixed JSON parse errors and other C++ exceptions now surfacing as a PlatformException with code StorageError instead of sending malformed bytes through the channel.

Commits

• a86a1ef release of v10.3.0
• 9d09d99 release of v0.3.2
• 57f83b4 release of v3.0.1
• 8a6e759 release of v4.2.2
• 25ac868 Merge pull request #1146 from juliansteenbakker/doc/linux
• 0061a48 fix: typo, add more details section,
• ff3004b doc: re-add note about libsecret availability
• d5ab2cb Merge pull request #1132 from juliansteenbakker/fix/linux-locked-keyring
• 6959bfd Merge branch 'develop' into fix/linux-locked-keyring
• 301194f Merge pull request #1143 from CORDEA/feature/android-biometric-type
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)