The problem is that when developing in the debug version, everything is in order, I can easily write files to memory. But I'm making a release version for Google Play, and the logs show that it simply cannot create a folder / file.
I dug up all the documentation, all the permissions are as written, but apparently I still missed something. Tell me, help
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission
android:name="android.permission.WRITE_EXTERNAL_STORAGE"
android:maxSdkVersion="30" />
<uses-permission
android:name="android.permission.MANAGE_EXTERNAL_STORAGE"
android:minSdkVersion="30"
tools:ignore="ScopedStorage" />
android:requestLegacyExternalStorage="true"
Related
Hello i have an app in play console and receive the next notification:
We have detected that your manifest file contains the permission REQUEST_INSTALL_PACKAGES.
Google explain the steps for legalize it, but i don't have this permission in my manifest and I don't use functions to install files either ,i donĀ“t know the real reason for this message and i'm afraid that my app will be removed from the store if I don't take the necessary measures.
Does anyone have more information on this or know what google might actually be detecting in my app?
This are the permissions in the manifest:
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.CALL_PHONE" />
<uses-permission android:name="android.permission.VIBRATE" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
<uses-permission
android:name="com.google.android.gms.permission.AD_ID"
tools:node="remove" />
Edit: I receive a new mail from Google , they specify the permission belongs to HMS core, i search in the huawei developers and Huawei release some update of all their libraries fixing or eliminating the permission from the code, it seem to solve the problem , i will upload a new version to play console hoping finishing the issue
You are querying all packages with the package manager, this is no longer allowed since Android 8.0. If you don't see it in your manifest, you might want to check your merged manifest.
See more info here.
https://support.google.com/googleplay/android-developer/answer/12085295?hl=en
I tried every thing, i deleted any apks in beta and alpha . i dont have any sensitive permissions in my app , here are my requested permissions in manifest:
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="com.google.android.providers.gsf.permission.READ_GSERVICES" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission android:name="com.android.vending.BILLING" />
and when uploading a new release it says i'm using sensitive permissions that wasnt declared, it shows the below permissions :
3 differentiating:
android.permission.ACCESS_WIFI_STATE,
android.permission.FOREGROUND_SERVICE,
com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE
11 common:
android.permission.ACCESS_COARSE_LOCATION,
android.permission.ACCESS_FINE_LOCATION,
android.permission.ACCESS_NETWORK_STATE, android.permission.INTERNET,
android.permission.READ_EXTERNAL_STORAGE, android.permission.WAKE_LOCK,
android.permission.WRITE_EXTERNAL_STORAGE, com.android.vending.BILLING,
com.google.android.c2dm.permission.RECEIVE,
com.google.android.providers.gsf.permission.READ_GSERVICES,
com.quantyam.controllcenter.Sokan.permission.C2D_MESSAGE
I used to have sensitive apps request like 3 releases ago and the last two times I uploaded i never had this issue
I now fixed the issue , and here is how :
First go to Create release then Add from Library , then I picked up a version from my app where it uses SMS & Call permissions . then it showed me the declaration form which i filled and clicked review.
Then clicked on previous and uploaded new version and it worked perfectly
I have removed sms and call log permissions from my app and using alternatives to common uses that is using share intent and dial intent. But I am still getting the same warning in the play console on my application. following is the list of permissions in my app.
<uses-permission android:name="com.google.android.providers.gsf.permission.READ_GSERVICES" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/>
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.CAMERA" />
<uses-permission android:name="android.permission.USE_CREDENTIALS" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<uses-permission android:name="android.permission.CHANGE_WIFI_STATE" />
<uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" />
<uses-permission android:name="android.permission.WRITE_SETTINGS"
tools:ignore="ProtectedPermissions" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<!-- Push Notification Permission -->
<uses-permission android:name="com.onwaycab.permission.C2D_MESSAGE" />
<uses-permission
android:name="com.google.android.c2dm.permission.RECEIVE"/>
<!-- MAP Permission -->
<permission
android:name="com.onwaycab.permission.MAPS_RECEIVE"
android:protectionLevel="signature" />
<uses-permission android:name="com.onwaycab.permission.MAPS_RECEIVE" />
Edit:
I am receiving the warning even if I have not used sms and call log permission so it is not duplicate of that question.
If you are seeing this alert every time you refresh the page, then one or more your libraries might be using the permission.
To check all permissions your app is using, just install the app on the real device and check the App Info - Permissions.
Alternatively, add this to your Manifest file. tools:node="remove" will remove the permission in case if any library is requesting it.
<uses-permission android:name="android.permission.READ_CALL_LOG" tools:node="remove" />
<uses-permission android:name="android.permission.WRITE_CALL_LOG" tools:node="remove" />
Another important point, if you are using build variant then define it inside your highest priority manifest file.
Library manifest: lowest Priority
Main manifest: Medium Priority
Build Vairant manifest : Highest priority
My playstore console showed this "SMS & CALL_LOGS" related warning.
So, I removed the SMS & CALL_LOGS related permissions from the manifest and uploaded the latest release build to playstore. But the warning was still shown to me after latest build was published on store.
So ,After this I filled this below Permissions declaration form and the warning is removed now.
https://docs.google.com/forms/d/e/1FAIpQLSfCnRaa4b1VuHhE4gVekWJc_V0Zt4XiTlsKsTipTlPg5ECA7Q/viewform
Another thing worth checking - we had an old Beta version of the app that did use SMS in the Google Play Console on Release management -> App release.
The Beta wasn't active any more but that old version was still showing under Release management -> Artifact library-> Active artifacts, so am guessing Google still considered it an active application. Helpfully this area also shows you all the permissions your app uses, in case you are concerned if a library or plugin is adding permissions without your knowledge.
Removing the Beta version and appealing the removal as it being due to an inactive Beta, got the app republished within a few hours.
I am compiling a project that does not explicitly request the READ_PHONE_STATE permission, but when I compile I am seeing the permission in my compiled Android Manifest file. I'm assuming some library that's being pulled in is adding it explicitly or forgot to set its minimum SDK version (which would add it).
The only thing I have to go on is that in the final manifest, the permissions I requested myself look like this:
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.permission.READ_CONTACTS" />
<uses-permission android:name="com.android.vending.BILLING" />
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
And the READ_PHONE_STATE looks like this:
<android:uses-permission android:name="android.permission.READ_PHONE_STATE" />
Does the android prefix mean anything?
Is there any way to narrow down which library is adding this permission?
You can exactly see if a (or because of) library adds some extra Permission to your manifest. Check at file generated (see below) during build process and look for the unwanted permission within the file!
Go to your project folder and look for this path:
[ProjectFolder]/build/outputs/logs/manifest-merger---report.txt
open the file and search for the permission
In my case I found these lines at the
uses-permission#android.permission.READ_PHONE_STATE IMPLIED from
C:\..\...\AppFolder\src\..\AndroidManifest.xml:2:1-14:12 reason:
com.some.evil.library has a targetSdkVersion < 4
This generated file show the output of the merge process described here in Android Developers site.
I would look at:
Android Library Manifest vs. App Manifest
This isn't really a duplicate so I won't flag, however I think he covers the topic fairly well in his answer to that question.
After that and assuming you can't figure it out, I would do the following:
Locate your gradle cache
Crack open the artifacts of each of your dependences (rename to .zip and extract is the easiest way to do this)
check if they have manifests included and see whats in the,
I have an app which makes use of wifi permissions only but ever since I moved to android studio, the compiled apk of my app uses two more extra permissions, that is phone calls/phone id and SD read/write.
I have no idea how and why those permissions have been added to my app but many users complain about that.
My app uses google analytics from google play services and appcompat. I also make use of this line
deviceId = Secure.getString(ctx.getContentResolver(), Secure.ANDROID_ID);
Any ideas? I don't want those extra permissions they scare my users away
Here is the content of manifest file
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<uses-permission android:name="android.permission.CHANGE_WIFI_STATE" />
<uses-permission android:name="com.android.vending.BILLING" />
Studio is adding permissions appropriate to the classes / features that you are using in your project.
Update
Here is a related question that focuses on manifest merging config