While updating the apk file to google play store started getting this error Duplicate declarations of permission android.permission.INTERNET with different maxSdkVersions. Internet permission is only there in app manifest file and corresponding modules.
Also recently there is no SDK update as well, like play services or any third party.
The app does not define maxSdkVersions as well.
If any of you might have faced the similar issue please update.
This kind of problem occurs when you have declared a permission in your manifest that is also declared in one of the library that you are using. To rectify this issue you have to find that permission in all your libraries's manifests files. When you find it then remove one of them in your main Manifest like this:
can't upload apk: READ_EXTERNAL_STORAGE with different maxSdkVersions
Ok, so here that is worked for us:
<uses-permission-sdk-23 tools:node="removeAll"/>
Note you have to check that your app is not using sdk-23 specifically in your libraries.
Related
I am using open_filex package especially to avoid this problem. I am confused because the permission is nowhere to be found in my particular Android manifests and manifest merge file.
I have tried to manually remove permission by tool:remove
tried open_file_safe library as well. Just stopped passing reviews for some reason, maybe something is connected to newer Android version (13).
Add the following line to your AndroidManifest in order to explicity remove the REQUEST_INSTALL_PACKAGES permission
<uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" tools:node="remove"/>
and on your manifest tag add
xmlns:tools="http://schemas.android.com/tools"
so that it looks something like this:
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="*" xmlns:tools="http://schemas.android.com/tools">
Then build your apk or aab and then upload it Google Play Store and then submit the build for release to ALL the tracks; Internal testing, Closed testing(Alpha & Track), Open testing and Production regardless of whether the track is active or not. This is a very important step. Your build will not be rejected.
I'm encountering very strange problem. When I build apk or bundle dangerous permissions like write external storage is being added to manifest. I found out it when wanted to publish on play store, it gave me that warning. After extracting bundle I looked at manifest file and there were bunch of permissions which I don't use in my app.
Have anyone had this issue ever?
Thanks for everyone who directed me to the right place. So, the reason is because some of 3rd party libs used that permissions. There will be two options in this case:
Remove 3rd party lib which is using dangerous permission
In AndroidManifest.xml file add the following:
<uses-permission
android:name="android.permission.SomePermission"
tools:node="remove" />
During build process this will remove permission from final bundle or apk.
I am trying to upload a apk to the google play store but its saying to my surprise that i am using the following permission:
Your APK is using permissions that require a privacy policy: (android.permission.RECORD_AUDIO).
so i searched the entire IDE for "android.permission.RECORD_AUDIO" but i cant find it. How can i find out which 3rd party is requesting this ? There should be a way to view in the manifest merger process all the manifest but when i hit shift twice and search manifest only the local manifest are showing up. The other is bit code and i cant view it.
In project build directory, there is a manifest merger report.
In my case, it is located under [ProjectRoot]/app/build/outputs/logs/manifest-merger-debug-report.txt
From this file, your can find where the permission is added. For example:
uses-permission#android.permission.RECORD_AUDIO
ADDED from /home/jack/AndroidProject/ApiDemos/app/src/main/AndroidManifest.xml:45:5-71
android:name
ADDED from /home/jack/AndroidProject/ApiDemos/app/src/main/AndroidManifest.xml:45:22-68
uses-permission#android.permission.CAMERA
ADDED from /home/jack/AndroidProject/ApiDemos/app/src/main/AndroidManifest.xml:49:5-65
android:name
ADDED from /home/jack/AndroidProject/ApiDemos/app/src/main/AndroidManifest.xml:49:22-62
You can use Merged Manifest[About] feature
Open AndroidManifest.xml -> Merged Manifest
If the library is open source you can check their source code for the permissions they have used.
They usually list the permission on their Read.me files.
Even if they are proprietary libs they will list the permissions they will be using otherwise their security is questionable.
I recently added firebase messaging to my android app and I noticed some new permissions required to my app at similar time, for example:
android.permission.READ_PHONE_STATE
I couldn't find anywhere in documentation, why is this permission required. I even tried to explicitly disable it in manifest (tools:node="remove") and messaging still works for me. It's kinda messy and I want to use only as few permissions as I need for sake of my users.
Is this permissions really needed by messaging or is it added automatically from one of library dependencies?
How can I tell what permissions is being added by what? I tried manifest-merger-report.txt, but there was no mention about READ_PHONE_STATE.
Thanks!
The READ_PHONE_STATE permission is not needed for Firebase Cloud Messaging to work (see the Edit your App Manifest docs).
From what I can tell, you've already done quite the digging with this tiopic (checking the manifest-merger-report.txt, adding tools:node="remove" to disable it). You've probably seen Commonsware's blog too.
It's hard to tell from where the READ_PHONE_STATE permission is coming from (with the current details your post), but it is most probably the cause of manifest merging. Try double checking if there are any dependencies that have the library's min SDK is lower than the app's min SDK, wherein if true, the permission is added, as per this answer:
The second one, READ_PHONE_STATE is because of the saxrssreader library. When the library's min SDK is lower than the app's min SDK, the permission is added during build. I simply changed the library's minimum SDK to the number my app is using and the permission is gone.
I had the same problem, i checked manifest-merger-report, and found that READ_PHONE_STATE was added because some library that I'm using has target version < 4
Here is exact quote from report:
ADDED from [com.google.firebase:firebase-messaging:10.2.0] C:\Users\user\project\app\build\intermediates\exploded-aar\com.google.firebase\firebase-messaging\10.2.0\AndroidManifest.xml:23:18-87 android:uses-permission#android.permission.READ_PHONE_STATE IMPLIED from C:\Users\user\project\app\src\main\AndroidManifest.xml:1:1-135:12 reason: org.apmem.tools.layouts has a targetSdkVersion < 4
Hope, this will help you.
Question is possibly duplicate of: Firebase + Permissions
Firebase did not add this permission. Update your Google Play services to 10.0.1 as this bug seems to have been fixed in that version:
"This release fixes a missing minSdkVersion value in
play-services-location.aar that caused unintended
WRITE_EXTERNAL_STORAGE, READ_EXTERNAL_STORAGE, and READ_PHONE_STATE
permissions to be merged into app manifests."
Ok this is embarrassing. I in the end, I was adding permissions myself in parent manifest. Thank you for your comments, based on those I managed to track it down.
Building the release version of my application produces a manifest with a duplicate permission. The build completes successfully, but when I go to upload the new APK to production, I get the following error:
"Upload failed
Duplicate declarations of permission android.permission.READ_EXTERNAL_STORAGE with different maxSdkVersions"
In the intermediate manifests, the release AndroidManifest has the permission in question, but it only occurs once with maxSdkVersion (see below).
myapp/build/intermediates/manifests/release/AndroidManifest.xml
...
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<android:uses-permission
android:name="android.permission.READ_EXTERNAL_STORAGE"
android:maxSdkVersion="18" />
...
Note that READ_EXTERNAL_STORAGE is generated twice, once with the tag uses-permission and once with android:uses-permission.
This error has only occurred today; the last APK I successfully uploaded was about a week ago; no dependencies or permissions have changed in my project since that time.
What I would do:
Clean project and rebuild project (I guess you did).
Delete manually all generated files in folder "build", and rebuild the project.
Check if your different gradle files have different maxSDKVersion, and make them consistent.
Maybe this permission is included in any third library (I know you wrote you haven't, but you should have GooglePlayServices at least, and a SDK update maybe made the conflict) and you only have to remove it.
Nevertheless, I would only specify the android.permission.WRITE_EXTERNAL_STORAGE permission because it should also contains the READ_EXTERNAL_STORAGE one. If it works, maybe is not an explanation of what is happening to you but it's maybe enough.
I just ran into this issue as well. It turns out that one of the libraries that my project depends on includes the READ_EXTERNAL_STORAGE permission, but my actual project does not. Simply adding this permission to my project's manifest fixed the issue.
Cleaned and closed Android studio 10 times, maxSdkVersion is not set in my gradle files, set minSdkVersion consistently in all gradle files and nothing. The only thing that made the trick was manually deleting everything inside the Build folder and built again........problem vanished