Remove `REQUEST_INSTALL_PACKAGES` permission

[Zazo032]

Today I received a new message regarding a Flutter app published in Play Store, with the following information:

You'll need to complete a declaration soon for apps using REQUEST_INSTALL_PACKAGES

We found that your manifest file contains the REQUEST_INSTALL_PACKAGES permission. Starting September 29, 2022, apps that use this permission will not be able to submit updates for review until they have completed a new sensitive permission declaration. This declaration will be available in Play Console on August 31, 2022. You'll need to declare which permitted functionality your app provides, tell us about a core feature in your app that uses the permission, and provide a video showing its use. You must remove this sensitive permission from your manifest if your app does not use the permitted functionalities, or if you no longer use this permission. To learn more, watch this PolicyBytes video. Learn more

We don't directly need the permission to install other packages, so this should be removed from the plugin's manifest and instead be added to the apps that require it, otherwise it'll require apps to fill that Play Store form even if they don't need to

[GoldenSoju]

There is a fork that got this permission removed.

Maybe that helps you for the moment.

(Kudos to this SO question.)

[GoldenSoju]

I created an updated fork with

• updated ffi dependency (2.0.1)
• removed REQUEST_INSTALL_PACKAGES permission
• embedding 2 (Android)
• and other smaller updates

You can use it via:

  open_filex:
    git:
      url: https://github.com/GoldenSoju/open_file.git

[Zazo032]

Is that one available through pub.dev?

[GoldenSoju]

@Zazo032 no, for the moment only via manual dependency specification:

  open_filex:
    git:
      url: https://github.com/GoldenSoju/open_file.git

[Zazo032]

I'll try it, thanks! You could also try to create a PR with the fixes

[GoldenSoju]

I'll try it, thanks! You could also try to create a PR with the fixes

Yeah...problem is that the other original package has no acitivity. Most fixes I did already have PRs, but they don't get merged etc...

[Kishan-Somaiya]

Is that one available through pub.dev?

A fork of open_file is available in pub.dev as open_filex which removes the Request Install APK Permission.

[LuisMiguelSS]

Could we get this fixed here? It's an important issue and the latest fix was in no more than 15 days

[MilesAdamson]

My app currently has a Google Play policy issue because I submitted a build with this permission but cannot properly prove I need it. I really need to open files, please do not add this to the manifest unconditionally

[hedi-ghodhbane]

https://pub.dev/packages/open_file_safe you can use this instead. It's the same package but it removed the .apk from the files supported so this permission is no longer needed

[gerritwitkamp]

are there any differences between open_file_safe and open_filex?

[hedi-ghodhbane]

@gerritwitkamp I think both are the same, they just removed support for .apk so this request_install_packages is not needed anymore.

[LuisMiguelSS]

are there any differences between open_file_safe and open_filex?

https://github.com/javaherisaber/open_filex seems more actively maintained

[iamtechmanish]

In my case this was related to the open_file in Flutter. This package is using REQUEST_INSTALL_PACKAGES permission in the manifest.

I fixed by using (open_file_safe) :https://pub.dev/packages/open_file_safe

or you can also use open_filex: https://pub.dev/packages/open_filex

both packages are same as open_file, but .apk file type is not supported. Thus, android.permission.REQUEST_INSTALL_PACKAGES permission not required.

Note : If you are facing this issue with native android project You may be querying all packages with the package manager, this is no longer allowed since Android 8.0. To resolve open the android project of your app in android studio and check the Merged Manifests portion of the AndroidManifest.xml to see if you find that permission being used in your app if it is being used remove the permission.

See more info here. https://support.google.com/googleplay/android-developer/answer/12085295?hl=en

[undamatlamanikanta]

i faced same issue and changed open_file to open_file_safe then build the application got error Permission denied: android.Manifest.permission.MANAGE_EXTERNAL_STORAGE

My AndroidManifest.xml <manifest xmlns:android="http://schemas.android.com/apk/res/android" xmlns:tools="http://schemas.android.com/tools" package="xxxxxxxxx">

<uses-permission android:name="android.permission.INTERNET"/>
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />
<uses-permission android:name="android.hardware.location.gps" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.VIBRATE" />
<uses-permission android:name="android.permission.MANAGE_EXTERNAL_STORAGE" />

<queries>
    <!-- If your app opens https URLs -->
    <intent>
        <action android:name="android.intent.action.VIEW" />
        <data android:scheme="https" />
    </intent>
    <!-- If your app makes calls -->
    <intent>
        <action android:name="android.intent.action.DIAL" />
        <data android:scheme="tel" />
    </intent>
    <!-- If your app emails -->
    <intent>
        <action android:name="android.intent.action.SEND" />
        <data android:mimeType="*/*" />
    </intent>
</queries>

<application
    android:name="${applicationName}"
    android:label="XXXXXXXXX"
    android:icon="@mipmap/ic_launcher"
    android:exported="true">
    <activity
        android:name=".MainActivity"
        android:launchMode="singleTop"
        android:theme="@style/LaunchTheme"
        android:configChanges="orientation|keyboardHidden|keyboard|screenSize|smallestScreenSize|locale|layoutDirection|fontScale|screenLayout|density|uiMode"
        android:hardwareAccelerated="true"
        android:usesCleartextTraffic="true"
        android:windowSoftInputMode="adjustResize"
        android:exported="true">
        <!-- Specifies an Android theme to apply to this Activity as soon as
             the Android process has started. This theme is visible to the user
             while the Flutter UI initializes. After that, this theme continues
             to determine the Window background behind the Flutter UI. -->
        <meta-data
          android:name="io.flutter.embedding.android.NormalTheme"
          android:resource="@style/NormalTheme"
          />
        <!-- Displays an Android View that continues showing the launch screen
             Drawable until Flutter paints its first frame, then this splash
             screen fades out. A splash screen is useful to avoid any visual
             gap between the end of Android's launch screen and the painting of
             Flutter's first frame. -->
        <meta-data
          android:name="io.flutter.embedding.android.SplashScreenDrawable"
          android:resource="@drawable/launch_background"
          />
        <intent-filter>
            <action android:name="android.intent.action.MAIN"/>
            <category android:name="android.intent.category.LAUNCHER"/>
        </intent-filter>
        <!-- Deep links -->
        <!-- Scheme+host filter -->
        <intent-filter>
            <action android:name="android.intent.action.VIEW" />
            <category android:name="android.intent.category.DEFAULT" />
            <category android:name="android.intent.category.BROWSABLE" />
            <data
                android:scheme="https"
                android:host="xxxxxxxxxxx.link" />
        </intent-filter>
         <!-- App Links -->
        <intent-filter android:autoVerify="true">
            <action android:name="android.intent.action.VIEW" />
            <category android:name="android.intent.category.DEFAULT" />
            <category android:name="android.intent.category.BROWSABLE" />
            <!-- Accepts URIs that begin with https://YOUR_HOST -->
            <data
            android:scheme="https"
            android:host="XXXXXXXXXX.link" />
        </intent-filter>
        <!-- Scheme-only filter -->
        <intent-filter>
            <action android:name="android.intent.action.VIEW" />
            <category android:name="android.intent.category.DEFAULT" />
            <category android:name="android.intent.category.BROWSABLE" />
            <data android:scheme="https" />
        </intent-filter>
            <!-- *** FIREBASE :: FCM Add below to ensure we get the payload when tapping on a notification *** -->
        <intent-filter>
            <action android:name="FLUTTER_NOTIFICATION_CLICK" />
            <category android:name="android.intent.category.DEFAULT" />
        </intent-filter>
    </activity>
    <meta-data android:name="com.google.android.geo.API_KEY"
           android:value="XXXXXXXXXXXXXXXX"/>
    <activity
        android:name="com.yalantis.ucrop.UCropActivity"
        android:screenOrientation="portrait"
        android:theme="@style/Theme.AppCompat.Light.NoActionBar"
        android:exported="true"/>
    <!-- *** LocalNotifications ***-->
    <receiver android:name="com.dexterous.flutterlocalnotifications.ScheduledNotificationBootReceiver"
    android:exported="true">
        <intent-filter>
            <action android:name="android.intent.action.BOOT_COMPLETED"/>
            <action android:name="android.intent.action.MY_PACKAGE_REPLACED"/>
        </intent-filter>
    </receiver>
    <receiver android:name="com.dexterous.flutterlocalnotifications.ScheduledNotificationReceiver"
    android:exported="true" />
    <!-- upto this notifcation -->
    <provider
            android:name="androidx.core.content.FileProvider"
            android:authorities="${applicationId}.fileProvider"
            android:exported="false"
            android:grantUriPermissions="true"
            tools:replace="android:authorities">
        <meta-data
                android:name="android.support.FILE_PROVIDER_PATHS"
                android:resource="@xml/filepaths"
                tools:replace="android:resource" />
    </provider>
    <!-- Don't delete the meta-data below.
         This is used by the Flutter tool to generate GeneratedPluginRegistrant.java -->
    <meta-data
        android:name="flutterEmbedding"
        android:value="2" />
</application>

My Pubspec.yaml

name: *** description: A new Flutter project.

The following line prevents the package from being accidentally published to

pub.dev using pub publish. This is preferred for private packages.

publish_to: 'none' # Remove this line if you wish to publish to pub.dev

The following defines the version and build number for your application.

A version number is three numbers separated by dots, like 1.2.43

followed by an optional build number separated by a +.

Both the version and the builder number may be overridden in flutter

build by specifying --build-name and --build-number, respectively.

In Android, build-name is used as versionName while build-number used as versionCode.

Read more about Android versioning at https://developer.android.com/studio/publish/versioning

In iOS, build-name is used as CFBundleShortVersionString while build-number used as CFBundleVersion.

Read more about iOS versioning at

https://developer.apple.com/library/archive/documentation/General/Reference/InfoPlistKeyReference/Articles/CoreFoundationKeys.html

version: 1.0.27+27

environment: sdk: ">=2.12.0 <3.0.0"

dependencies: flutter: sdk: flutter

The following adds the Cupertino Icons font to your application.

Use with the CupertinoIcons class for iOS style icons.

cupertino_icons: "^1.0.3"

firebase

firebase_dynamic_links: ^0.5.0+11

firebase_auth: "^2.0.0"

google_sign_in: "^5.0.4"

flutter_facebook_login: ^3.0.0

firebase_messaging: "^10.0.3"

"^6.0.16"

flutter_local_notifications: "^6.0.0" firebase_database: "^7.1.1" firebase_storage: "^9.0.0" cloud_firestore: "^2.3.0" firebase_analytics: "^8.1.2"

 # state management - dependencies

rxdart: "^0.27.1" get: "^4.1.4" get_it: "^7.1.3"

fluttertoast: "^8.0.7"

hive: "^2.0.4" path_provider: "^2.0.2"

device_preview: ^1.1.0

lottie: "^1.0.1" flutter_treeview: "^1.0.6+1"

sms_autofill: "^2.2.0 "

contacts_service: ^0.6.1

permission_handler: "^10.0.0" jwt_decode: "^0.3.1"

image pickers

flutter_exif_rotation: "^0.4.1" image_picker: "^0.8.1+3" dio: "^4.0.0" mime: "^1.0.0" string_splitter: "^1.0.0+1" percent_indicator: "^3.0.1" flutter_datetime_picker: git: url: https://github.com/Realank/flutter_datetime_picker.git ref: master flutter_typeahead: "^3.1.3" outline_gradient_button: "^2.0.0+1" file_picker: "^3.0.3" uuid: "^3.0.4" photo_view: "^0.12.0" country_code_picker: "^2.0.2" group_button: "^2.3.0"

flutter_localizations:

collection: ^1.15.0-nullsafety.4

currency_picker: "^2.0.4" flutter_map: "^0.13.1"

latlong: ^0.6.1

latlong2: "^0.8.0" geolocator: url_launcher: "^6.0.9" geocoding: "^2.0.0" dotted_border: "^2.0.0" shimmer: "^2.0.0" pdf: "^3.4.2" printing: "^5.4.3" flutter_echarts: "^2.2.0" intl_phone_number_input: "^0.7.0+2"

flutter_libphonenumber: ^1.1.0

image_cropper: "^1.4.1" scrollable_positioned_list: "^0.2.0-nullsafety.0" swipe_to: "^0.1.0-nullsafety.1" share: "^2.0.4" upgrader: "^4.4.0" device_info: "^2.0.2" horizontal_data_table: "^3.6.1+1" getwidget: "^2.0.4" package_info_plus: "^1.4.0" flutter_app_badger: "^1.3.0" flutter_svg: "^1.0.3" flutter_statusbarcolor_ns: "^0.4.0" razorpay_flutter: ^1.2.7

flutter_app_restart: ^1.0.0

flutter_phoenix: "^1.0.0"

google_maps_flutter: "^2.1.12" showcaseview: "^1.1.8" firebase_core: "^1.12.0" flutter_native_splash: "^1.3.2" open_file_safe: ^3.2.3

dev_dependencies: flutter_test: sdk: flutter flutter_launcher_icons: ^0.9.0

flutter_icons: image_path: "assets/icons/app_icon.png" android: "ic_launcher" ios: true remove_alpha_ios: true

For information on the generic Dart part of this file, see the

following page: https://dart.dev/tools/pub/pubspec

The following section is specific to Flutter.

flutter:

The following line ensures that the Material Icons font is

included with your application, so that you can use the icons in

the material Icons class.

uses-material-design: true

To add assets to your application, add an assets section, like this:

assets:

• assets/images/
• assets/
• assets/icons/
• assets/tab_icons/
• assets/role_icons/
• assets/file_type_icons/
• assets/profile_icons/

• assets/lottie/

  An image asset can refer to one or more resolution-specific "variants", see

  https://flutter.dev/assets-and-images/#resolution-aware.

  For details regarding adding assets from package dependencies, see

  https://flutter.dev/assets-and-images/#from-packages

  To add custom fonts to your application, add a fonts section here,

  in this "flutter" section. Each entry in this list should have a

  "family" key with the font family name, and a "fonts" key with a

  list giving the asset and other descriptors for the font. For

  example:

  fonts:

• family: Gilroy fonts:
  • asset: assets/fonts/Gilroy-ExtraBold.otf
  • asset: assets/fonts/Gilroy-Light.otf
  • asset: assets/fonts/Gilroy-SemiBold.ttf weight: 600
  • asset: assets/fonts/Gilroy-Black.ttf weight: 900

flutter_native_splash: image: assets/icons/app_icon.png color: FFFFFF

fonts:

- family: Schyler

fonts:

- asset: fonts/Schyler-Regular.ttf

- asset: fonts/Schyler-Italic.ttf

style: italic

- family: Trajan Pro

fonts:

- asset: fonts/TrajanPro.ttf

- asset: fonts/TrajanPro_Bold.ttf

weight: 700

#

For details regarding fonts from package dependencies,

see https://flutter.dev/custom-fonts/#from-packages

Please solve my problem, Thanks in advance

[Gbarago]

I am having the same issue and i have used open_file_sefee and oopen_filex i even took out the feature that depended on it but still got rejected

here are my dependencies

permission_handler: 7.1.0

permission_handler: ^8.1.1

slide_button: ^0.2.8 async: ^2.4.2 contacts_service: ^0.6.0 md2_tab_indicator: ^1.0.2 icofont_flutter: ^1.3.0 flutter_feather_icons: ^1.0.3 image_gallery_saver: ^1.7.0 showcaseview: ^1.1.1 flutter_share: ^2.0.0 flutter_svg: ^0.21.0 stack: ^0.2.1 keyboard_actions: ^3.4.6 keyboard_avoider: ^0.1.2 file_picker: ^4.4.0 overlay_support: ^1.2.1 badges: ^2.0.1 grouped_list: ^4.1.0

in_app_review: 2.0.0

flutter_local_notifications: 5.0.0 image_picker: ^0.8.4+1 flutter_html: ^0.11.1 auto_size_text: ^2.0.2 flutter_switch: ^0.3.1 ext_storage: flutter_speed_dial: ^3.0.5 flutter_dialpad_plus: ^0.2.1 fraction: ^3.0.1 path_provider: ^2.0.1 step_progress_indicator: ^1.0.0 percent_indicator: ^2.1.5 connectivity: ^3.0.6 device_info_plus: ^3.2.2 cupertino_icons: ^0.1.3 device_info_plus_linux: ^2.1.1 device_info_plus_windows: ^2.1.1 flutter_screenutil: ^4.0.3+1 dio: ^4.0.0 tuple: 2.0.0 dartz: ^0.9.2 dotted_border: ^2.0.0 dotted_line: ^3.0.0 flushbar: ^1.10.4 firebase_core: 1.3.0 firebase_messaging: 10.0.2 pretty_dio_logger: ^1.1.1 flip_card: ^0.6.0 dropdown_search: ^0.5.0 flutter_apns: ^1.5.1 flutter_apns_only: 1.5.0 hive: ^2.0.4 hive_flutter: ^1.1.0 flutter_collapse: ^0.1.1 flutter_secure_storage: ^3.2.1+1 easy_contact_picker: ^0.0.2

flutter_money_formatter: ^0.8.3

flutter_spinkit: ^3.1.0 rate_my_app: 1.1.1 pedantic: ^1.11.1 flutter_platform_widgets: ^0.60.2 sized_context: ^0.2.1+1 flutter_swiper: ^1.1.6 http_parser: ^4.0.0 material_design_icons_flutter: 4.0.5345 modal_bottom_sheet: 1.0.0+1 modal_progress_hud: 0.1.3 share: 0.6.5 external_path: 1.0.1 signalr_netcore: 0.1.7+2-nullsafety.2 shared_preferences: 2.0.5 flutter_shimmer: 1.3.0 json_annotation: any provider: 6.0.0 flutter_bloc: ^7.2.0 equatable: ^1.2.3 camera: ^0.5.8+17 cached_network_image: ^2.5.0 pin_entry_text_field: ^0.1.4 pull_to_refresh: ^2.0.0 pin_code_fields: ^7.0.0 introduction_screen: ^2.1.0 expandable: ^5.0.1 collection: ^1.15.0 location: ^4.4.0 qr_flutter: ^4.0.0 qr_code_scanner: ^0.4.0 timeline_tile: ^2.0.0 flutter_icons: ^1.1.0 assorted_layout_widgets: 5.5.0 popup_menu: ^1.0.5

another_flushbar: ^1.10.5

shimmer: ^2.0.0 uuid: ^3.0.2 rxdart: ^0.25.0 intl: ^0.17.0 gap: ^1.2.0 simple_tooltip: ^0.1.16 screenshot: ^1.2.3 flutter_masked_text2: ^0.9.1 stream_transform: ^0.0.19 url_launcher: ^6.0.0 syncfusion_flutter_datepicker: ^19.2.59 infinite_scroll_pagination: 2.3.0 syncfusion_flutter_pdfviewer: 19.4.55-beta photo_view: ^0.13.0 open_file_safe: ^3.2.3 flutter_web_browser: ^0.15.0 lottie: 1.2.1 font_awesome_flutter: ^9.1.0 link_preview_flutter: ^0.0.5 share_extend: ^2.0.0 app_tracking_transparency: ^2.0.2+1 sentry_flutter: 4.0.6 appsflyer_sdk: ^6.4.0+2 flutter_linkify: ^5.0.2 mixpanel_flutter: ^1.4.5 local_auth: ^1.1.7 package_info_plus: ^1.4.2 mati_plugin_flutter: any fluttertoast: ^8.0.7 http: ^0.13.3 webview_flutter: ^0.3.3

[Galeen-Bidpath]

If you add this to your AndroidManifest.xml should exclude the permission from the merged manifest. However if you are using this functionality will probably crash the app(I haven't seen the code). In modern android apps the lib should only receive that the permission is denied.

 <uses-permission
        android:name="android.permission.REQUEST_INSTALL_PACKAGES"
        tools:node="remove" />

[Gbarago]

Thanks for this. I have also done this, but for some reason google still flags the app or having this permission.

[Gbarago]

or is i possible that i am doing it long

[Galeen-Bidpath]

I have submitted an update on my build this morning and was approved. Make sure you are adding it in the right manifest. app/src/main/AndroidManifest.xml

After you made your build can check if the permission is still decleared in the merged manifest in build/app/intermediates/merged_manifest/

[Gbarago]

alright will do this and se i it works thanks again

[Gbarago]

Just got a rejection mail from google play.. problem still exists

[Galeen-Bidpath]

Maybe you are mmissing something. Make screenshots of your manifest, then the location of the manifest. Also show the merged manifest after you have built the app, located at build/app/intermediates/merged_manifest/

[Gbarago]

okay

[Gbarago]

[Galeen-Bidpath]

second image is not the right one, should be from merged_manifest folder(scroll down) not from bundle_manifest

In general it looks OK.

[Gbarago]

ok i will upload that too right away thanks @Galeen-Bidpath

[Gbarago]

this is the merged manifest

[RuhtracBP]

What I did:

• replacing open_file to better_open_file

• adding to android manifest <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" tools:node="remove" />

At this point Still getting rejected. After much researching this is what I found:

for some reason Play console will reject the latest build if you use this permission usage in other tracks (internal, alpha, etc). The REQUEST_INSTALL_PACKAGES detection may referring to existing build in other tracks instead of the latest build. The review feedback message is confusing and not helpful.

• In Play console (your affected app), click App Content under Policy

• Look for Sensitive permissions and APIs and click Start.

• Select APKs and bundles, the list will show you the build and track that contain sensitive permission/API.

• Navigate to each affected track, create a new release upload a clean build( with the previous alterations ) to replace existing, submit to review.

• Navigate to Publishing overview and check whether the review is pending to submit, if any, send the review.

Then it got accepted

[Gbarago]

Thanks for this @RuhtracBP I just did that this morning and its in review currently, Hopefully no more rejections

[CaladoLucas]

It worked perfectly here! Thank you my friend! 🥳🥳🥳🥳🥳🥳🥳🥳

[Lazizbek97]

I cleaned the project with 'flutter clean' and removed that package manually.(even replaced it with open_file_safe package ). But when I run the project or build appbundle, it will appear again.

inside pubspec.yaml file, there is no such package.

what should i do in this situation?

[mohitleo03]

@iamtechmanish I also tried to replacing the dart package "file_open" to "file_openx". @Galeen-Bidpath I tried your solution too and the permission was no longer in the app bundle. @RuhtracBP I was trying your solution because my application initial builds are having this REQUEST_INSTALL_PACKAGES permission and now the latest builds that I have uploaded no longer have this android permission but still getting rejected. One of the build with this permission is live on Play Store can I replace that bundle too..? If so then please help me out. @nazmulislamrony I am also facing same issue. Whenever I create a new release and publish it I receive a mail from Google Play Support that the app status is rejected due to the policy issue with this android permission although that release apk bundle is not having this permission. If you get any solution then please post here.

Still thank you guys for your help.

This apk bundle is live on Google Play Store and having the android permission REQUEST_INSTALL_PACKAGES and is there any way to replace this bundle...?

Recently I uploaded and created a new release with this apk bundle but still getting rejected for the same reason...

Google Play Support Mail -

Another thing is it possible that we do some changes in managing this permission on google play console and they might accept it..?

Really need some help...

[DCubix]

I am unable to publish any updates to a 4 year old app because of this library. I have replaced it with open_file_safe but still Google won't accept the app anymore. Please, I NEED a solution for this ASAP.

[aqibaja]

we have the same issue here, @mohitleo03 how about now about your app, have accepted?

[mohitleo03]

@aqibaja no we are still facing rejection and play store's support is little unclear due to which we are still facing issues. anyone else got some solution for app approval then please reply here...? @nazmulislamrony @iamtechmanish @Galeen-Bidpath @RuhtracBP please

[ca-ruthish]

@RuhtracBP In Play console there is no start for new release...

I use open_filex could solve the issue?

[Galeen-Bidpath]

@aqibaja no we are still facing rejection and play store's support is little unclear due to which we are still facing issues. anyone else got some solution for app approval then please reply here...? @nazmulislamrony @iamtechmanish @Galeen-Bidpath @RuhtracBP please

Just add this to app/src/main/AndroidManifest.xml and make a new build to submit.

 <uses-permission
        android:name="android.permission.REQUEST_INSTALL_PACKAGES"
        tools:node="remove" />

As @RuhtracBP mentions here make sure you don't have other build with that permission in the other distribution channels(Open testing etc.), as you may get rejected from them.

[mohitleo03]

@Galeen-Bidpath please tell how we can remove or replace the other builds.

[Galeen-Bidpath]

Submit a build on top of each

[lsalehar]

We are facing the same issue.

1. We added the <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" tools:node="remove" /> line into the correct manifest
2. We have verified that the updated builds of our app do not contain this permission
3. We have uploaded the updated app to all the chanels and submited them to review
4. App update got rejected.

Any ideas?

[Galeen-Bidpath]

We are facing the same issue.

1. We added the <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" tools:node="remove" /> line into the correct manifest
2. We have verified that the updated builds of our app do not contain this permission
3. We have uploaded the updated app to all the chanels and submited them to review
4. App update got rejected.

Any ideas?

Maybe you should contact Play Store support and ask them what else they need?

[mohitleo03]

@aqibaja no we are still facing rejection and play store's support is little unclear due to which we are still facing issues. anyone else got some solution for app approval then please reply here...? @nazmulislamrony @iamtechmanish @Galeen-Bidpath @RuhtracBP please

Just add this to app/src/main/AndroidManifest.xml and make a new build to submit.

 <uses-permission
        android:name="android.permission.REQUEST_INSTALL_PACKAGES"
        tools:node="remove" />

As @RuhtracBP mentions here make sure you don't have other build with that permission in the other distribution channels(Open testing etc.), as you may get rejected from them.

@Galeen-Bidpath's reason is almost correct because i recieved an email from google play highlighting my old testing builds are having that permission. So the most appropriate solution would be "Submit a build on top of each" which must not have this Android permission Thanks everyone for the help and lets wait for Google Play Support reply

[Lazizbek97]

Is there any way to get rid of this package? I cannot even delete it from my project?

[mohitleo03]

@Lazizbek97 well you said you tried to remove the package manually and it is still their which is not in normal situation you can connect with me on linkedin and lets discuss the problem in detail.. if looks appropriate And guys sorry I know this comment section is for the issue with open_file packge for REQUEST_INSTALL_PACKAGES permission issue but by any chance any of you have experience with in_app_purchases...? I am little stuck in that.

[jeffpena]

I'm using none null safety open_file 3.0.3 package in my old project but I'm not seeing Request_install_package with it in manifest-merger-release-report.txt. But the camera has it, here is the logs.

ADDED from [:camera] C:\myapp\build\camera\intermediates\library_manifest\release\AndroidManifest.xml:8:22-68
uses-permission#android.permission.REQUEST_INSTALL_PACKAGES

[lsalehar]

We were able to get our update approved!

For us the issue was that we used the staged rollout, because we were not ready with all the activities for the release on the marketing & support side of operation. We resolved the issue by:

1. We added the <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" tools:node="remove" /> line into the correct manifest
2. Confirmed that we have no code/functionallity in the app that would require such permission
3. Made sure we rolled out the updated version to the 100% of the users on all tracks

I've appealed to the rejection and this is part of the response I got:

In addition to your Production release, if you have other release types that you use for testing and/or quality assurance checks (e.g. Internal test, Closed, Open), please make sure to update those tracks as well.

Once you’re ready to submit a compliant version of your app:

1. Make the necessary updates to address the issue(s) identified above OR please remove the permission from your manifest AND in-app functionality.
2. Double check that your app is compliant with all other Developer Program Policies.
3. Sign in to your Play Console, upload the modified, policy compliant APK across all tracks, and deactivate the non-compliant APK(s). a. To deactivate a non-compliant APK, please create a new release and upload a compliant APK to the same track. b. Be sure to increment the APK version number and set the release to 100% rollout, in order to successfully override and deactivate the non-compliant APK.
4. To save any changes you make to your release, select Save.
5. When you've finished preparing your release, select Review release.

Kindly note that your changes aren't sent for review automatically. You must go to the Publishing overview page and click Send for review to submit your changes.

[Lazizbek97]

We were able to get our update approved!

For us the issue was that we used the staged rollout, because we were not ready with all the activities for the release on the marketing & support side of operation. We resolved the issue by:

1. We added the <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" tools:node="remove" /> line into the correct manifest
2. Confirmed that we have no code/functionallity in the app that would require such permission
3. Made sure we rolled out the updated version to the 100% of the users on all tracks

I've appealed to the rejection and this is part of the response I got:

In addition to your Production release, if you have other release types that you use for testing and/or quality assurance checks (e.g. Internal test, Closed, Open), please make sure to update those tracks as well.

Once you’re ready to submit a compliant version of your app:

1. Make the necessary updates to address the issue(s) identified above OR please remove the permission from your manifest AND in-app functionality.
2. Double check that your app is compliant with all other Developer Program Policies.
3. Sign in to your Play Console, upload the modified, policy compliant APK across all tracks, and deactivate the non-compliant APK(s). a. To deactivate a non-compliant APK, please create a new release and upload a compliant APK to the same track. b. Be sure to increment the APK version number and set the release to 100% rollout, in order to successfully override and deactivate the non-compliant APK.
4. To save any changes you make to your release, select Save.
5. When you've finished preparing your release, select Review release.

Kindly note that your changes aren't sent for review automatically. You must go to the Publishing overview page and click Send for review to submit your changes.

The same steps worked on me

[augustineonu]

When they say replacing open_file to better_open_file or open_file_safe. Are there any required steps to follow to do that? Or i just have to delete the open_file then add the open_file_safe to my project?? please assist

[blue492]

I submitted a version 88 (3.5.4) which had REQUEST_INSTALL_PACKAGES and this version has been rejected.

I added the following row: <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" tools:node="remove" />

And I submitted a new version 89 (3.5.4) and in permissions section for this version in Google play I can see that "REQUEST_INSTALL_PACKAGES" is removed. But this version has been also rejected.

What I should do now?