I have received a mail from play store that "We are unable to approve your app’s use of QUERY_ALL_PACKAGES permission because the declared task can be done with a less broad app-visibility method." and this issue found in 5.2.0(74) version of my app.
I have removed the QUERY_ALL_PACKAGES from manifest file and verified in merged manifest to made sure that QUERY_ALL_PACKAGES were completely removed. I have updated the new version of the app (5.2.3(84)) to all the tracks of play store and submitted for a review. new app is rolled out to the production and still I am seeing a waring message from play store as below.
Permissions of newly submitted app doesn't contain QUERY_ALL_PACKAGES. See the below image
What am i missing why is that i am still seeing the warning message of app being removed?
Related
Google Play again rejected my app because I'm apparently using REQUEST_INSTALL_PACKAGES permission in my app. I never had this permission ever, I never had this issue before.
I checked merged manifest to find that kind of permission. There is none.
I've added
<uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" tools:node="remove"/>
tag into my AndroidManifest.xml to be certain that my App is not using this kind of permission EVER. Even Merged Manifest is not containing that permission and at the bottom of the Merged Manifest there is Android Studio warning that I'm removing something that is not even present in my app:
Warning uses-permission#android.permission.REQUEST_INSTALL_PACKAGES was tagged at AndroidManifest.xml:25 to remove other declarations but no other declaration present MyApp.app main manifest (this file), line 24
So either I'm missing something or their app validation is broken and Google is false-flagging my app validation for some unknown reason.
There has to be some serious issues with their validation methods past 2 weeks because amount of issues I've got with my app is unacceptable. App has same permissions and using same libraries and their version for past 2 years and I never had any issues like this before.
And I'm not sure what else I can do to get my app validated and accepted again.
If you have previous builds with REQUEST_INSTALL_PACKAGES permission in the Open, Closed, or Internal testing you need to upload a new build without REQUEST_INSTALL_PACKAGES permission to Internal testing and then promote it to production.
If this solution does not work for you check the permissions used in your app at Google Play console. If REQUEST_INSTALL_PACKAGES is not shown there you must contact them and explain your problem and request again.
Google Play Support keeps Rejecting the last deployment of my App.
Below I'm quoting the reason for the reject:
Issue found: Permission use is not directly related to your app's core
purpose. We found that your app is not compliant with how
REQUEST_INSTALL_PACKAGES permission is allowed to be used.
Specifically, the use of the permission is not directly related to the
core purpose of the app.
Additionally, follow these steps to bring your app into compliance:
Please remove the use of REQUEST_INSTALL_PACKAGES permission from your
app.
After removing an unused package that was using the REQUEST_INSTALL_PACKAGES permission, I tried to re-deploy but I've kept getting the app rejected.
I can confirm that the current list of used permissions does NOT include the REQUEST_INSTALL_PACKAGES.
On play.google.com, I checked the permission lists of the last uploaded versions (see attached screenshot).
I also unpacked the lastly uploaded SDK file (using apktool), and searched "REQUEST_INSTALL_PACKAGES" in the extracted folder; of course, no results were found.
Has anyone any suggestion on how to solve this issue?
The same issue occurred with me. My app's previous versions included this permission but in the latest update, I removed them but still received rejection message via mail. Then I found that in the other track (internal testing track), I had an apk with REQUEST_INSTALL_PACKAGES permission. This was the main cause of rejection of my app update. I observed that the form 'App bundles and APKs using sensitive permissions' was showing the internal track's apk information regarding the use of REQUEST_INSTALL_PACKAGES.
So, I tried to deactivate my previous internal track's apk with the new version (that didn't include any REQUEST_INSTALL_PACKAGE permission). Now when I open my form page 'App bundles and APKs using sensitive permissions' again.
Now, it showed that no app bundle or apk uses this sensitive permission.
Hope that it could solve this issue. I am too waiting for my update to be approved.
First step, Check in your manifest merger file if the specified
sensitive permission is shown. Check in release variant. (Most likely
not, if yes, remove this permission)
Second step, In playstore, Go to app bundles explorer and check if
any of the older app bundles have this permission and is still
active. If yes. you have to provide an update to this track. It is
unfortunate that Google play review email does not mention that issue can
be in an older app bundles or other tracks
Provide an update to playstore.
Note, If you want to forcefully remove this permission (if you do not care
which library is adding it)
<uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" tools:node="remove"/>
If none of the above works. You have to write them an email and clarify.
My old version of my app contained QUERY_ALL_PACKAGES permission but after the Google email sent to me saying that I can't use this permission in my app so I deleted it and I check if my apps still have the permission or not and I'm sure that my app does not have the permission and Google still accepting my app with QUERY_ALL_PACKAGES permission issue saying that I must not use the permission that I already deleted.
you can check if I missed anything from screenshots in the bottom
release details from google play console
and
permission from a device after installing the app
I also tried to add the following line to my AndroidManifest.xml file
<uses-permission android:name="android.permission.QUERY_ALL_PACKAGES" tools:node="remove" tools:ignore="QueryAllPackagesPermission" />
As we discussed in the comments, you need to also check your "Internal Testing", "Closed Testing", and "Open Testing" release tracks. If these tracks still contain versions of the app that use this permission, you'll need to create new releases to supersede those versions.
Also, understand that you might still get a rejection email even after you've updated all release tracks. This is because the automated review might finish for one track before the others. So the review fails because it's not yet considering the new versions on your other release tracks.
I am facing one problem regarding Android app new version publishing.
Scenario :
I uploaded initial flutter android app 2 month ago (Dec 2020) to google play store where we had accidentally added Location permission even with no use in code. (Just permission added in Android Manifest).
Now we come up with new version of flutter android app and trying to create new Release version 1.0.2 it shows error while Submitting new release version of app.
Error : Fix errors to rollout this release
Issue is regarding used location permission in my initial app version which is live on play store
Issue need to be fixed : Your background location permission
declaration needs to be updated.
In the App Content it showing error in Sensitive app permissions
Note : In Sensitive app permission - Location Permission. It's not showing Manage Button instead there is a option to location permission declaration form.
We don't want to use location permission now . so we removed location
permissions and trying to upload new release version but still this
location permission (Sensitive App permission) declaration showing
error again and again.
Solution :
First of all fill-out form of declaration for location permission (Any Sensitive permission used in previous rolled out APK version). This will fixed temporary error of App Content - Sensitive Permission Issue.
In my scenario i have added no usage of background location In
declaration and random youtube video link.
After permission declaration you can create/edit new release.
Make sure before adding new release APK to console please analyse APK and make sure that that sensitive permission is not used again. (If you used that sensitive permission again than you need to add valid sensitive permission declaration in AppContent -> Sensitive Permission)
After Creating new release version you can roll out new release version from Release dashboard.
After Roll out go to App content -> Sensitive App Permissions -> click on Manage and Select No Radio Button and Save it.
ITS DONE. Your new release version app will be live soon!
I had the same problem - I didn't need anymore this permission but the APK in prod used this permission (and also some releases of some tests) so the console let me only explain why I needed this permission and didn't display the question if I do use this permission.
When I tried to add new tests I was always rejected because I didn't have a good reason why I needed the background access permission.
If you don't need this permission anymore:
(I don't have the exact name of the sections, actions because I have a non-english language in Google Play Console)
I found a solution that worked for me: App Update is rejected from google play due to Background Location access (But I didn't use any background location Permission).
In App content -> Sensitive App Permissions -> click on Manage -> Click on Display APKs.... You will see all the APKs that use the background permission. Those APKs can be used in Tests or Production.In order to fix the problem you will need this list to be empty.
APK from Test sections:
For each test - search the source of the release (a release from a test of internal tests/closed tests...)
Under the test section, click on Manage (even for suspended tests), click on New Release and add an empty release (without APK) click to examine the release.[Add a new empty release under the test/s that uses a release with an APK that requires the background access permission. Don't add new empty tests].
APK from Production:
You will have to add a new release on Production that doesn't include the background permission.
Now you will see that no APK is displayed when clicking on Display APks... on Sensitive permission... Now when clicking on Manage (under Sensitive permission..) you will have a new question - if you do use the background access. Click on "No" and now you can add new Tests.
I had a similar problem when modifying an application in production that did not use the sensitive permission, but had it declared
The reason that the Play Store Console showed the application stuck in "under review" status was that it could not modify the permission statement, caused by having limited the scope of the app to a single country, limit that was different from the version that was in production
After being able to adjust the regional distribution to all countries, I was able to start the release of a new version that did not use sensitive permissions, with which the permission declaration form could now show me the correct question that had nothing to do with location in background ("Does your app access location in the background in APKs or app bundles targeting Android 9 or older?") according to the documentation in:
https://support.google.com/googleplay/android-developer/answer/9799150?hl=en#zippy=%2Chow-do-i-remove-location-in-the-background
The issue is that an outdated APK/App bundle file was added to the Alpha/Beta testing phase (but never moved to production), and rather than correcting it, he added a new APK/App bundle to the live environment. The Alpha/Beta file is currently being reviewed rather than the new production file due to changes in how reviews are carried out by Google. In Google's denial, you can see the versionCode of the previous APK/App bundle.
The new APK/App bundle file should therefore be added to the same Alpha/Beta as the old one before being promoted to production. Once you have done that, go back to APP CONTENT and you will see there yes/no form. Issue is resolved.
I'm publishing an Android app on Google Play Store and I have enabled sms permission in the manifest. After publishing it, Google rejected the app with the below information:
Issue: Violation of Permissions policy After reviewing your app, we
found that it doesn’t qualify to use the requested permissions for the
following reason(s):
Based on our review, we found your app’s expressed user experience did
not match your declared core functionality {Default SMS handler (and
any other core functionality usage while default handler), Default
Phone handler (and any other core functionality usage while default
handler)}. Please remove these permissions from your app.
Default handler capability was listed on your declaration form, but
your app does not appear to have default handler capability. Please
submit a revised declaration form.
As of the recent change to the application privacy policy, to view sms messages, your application must be the default sms handler. As stated in this reminder by Google.
You can submit a declaration for outlining why your app uses the sms permissions but it's unlikely that they will accept it, only a few use cases get approved.
You can remove this permission from manifest and remove run-time asking permissions and after updating your version code and version name. you have to push your app on alpha,beta or Internal test track first and then move it to production.
just add sms call permission in your manifest with tools:node="remove" tag and remove it from asking at run-time.
<uses-permission android:name="android.permission.SEND_SMS" tools:node="remove" />
after adding this Google play console will not ask you to fill up the permission declaration form.
if you still faces any issues you can chat live with google play console team or communicate with them through mail
https://support.google.com/googleplay/android-developer/answer/7218994?hl=en
Wait for some time if you get message like "Chat support is currently not available." it will update after some time.
If you're using any SMS or CALL_LOG related permission you need to submit a Permissions Declaration Form for your app.
check this and this for more info
There are two answers to this question
Answer 1.
If you roll out a release using the Google Play Developer Publishing API and Google Play has not previously approved your APK or App Bundle's use of high risk or sensitive permissions, you will receive an error.
To continue managing releases using the Publishing API, you must either remove any high risk or sensitive permission requests from your app and create a new release with the revised APK or App Bundle or prepare and roll out your release using the Play Console web UI, following these steps:
Upload your APK or App Bundle with high risk or sensitive permissions requested
Complete the Permissions Declaration Form as above
Complete the rollout of the release using the Play Console web UI
If you still need the sms permission as well as other sensitive permission declaration in you manifest,
You can also Fill and submit a Permissions Declaration Form for your app and create a new case during the process. Google will review your reasons for requesting those permissions and get back to you. Do not rollout a new update until you've received a reply from Google else, your app will be rejected again.
If you still need the sms permission to be declared in your manifest, you can fill the Permissions Appeal Form by clicking on the link below:
https://support.google.com/googleplay/android-developer/contact/permissions