The new permission complicates Android deployments

In the latest version (118.0.2), a new permission FOREGROUND_SERVICE_MEDIA_PROJECTION was added to the AndroidManifest, to allow screen sharing, I believe.

This does however trigger a prompt from Play Store to explain what the permission is needed for. As for us, the answer is nothing. I was wondering what would be the best workflow to remove the permission when it’s not needed. I’m using managed Expo workflow. A few options come to mind:

• Leave the permission out from rn-webrtc by default, make it clear in documentation that it needs to be added to use the screen capture feature. Maybe update @config-plugins/react-native-webrtc accordingly?
• Apply the permission by default and leave it to the developer to remove it with some custom plugin (Expo users at least?).
• Just try to get through by explaining that the permission is part of a great library I’m using, but it’s not needed by us.

Thoughts?

image1625×681 104 KB

Correct.

Not a fan of this, since the code to support screen-sharing is in there.

We are not maintaining that project.

My personal preference. You can use patch-package for example.

I doubt this will work…

Fair enough, it would require a bit of additional work to make the screen capturing work.

However, the current situation requires extra work from anyone (most likely a big majority) who is not using the screen capture feature.

I’d argue that this reduces the overall usability and the requirement to remove a permission on the manifest level to make all other features work is less intuitive than the requirement to add something to make a specific feature work.

You don’t know that.

I’d be happy to remove it if we can establish that Google won’t complain.

Yep, it was just a guess.

What do you mean by removing if Google won’t complain?

Either way, my first attempt is to explain them that we don’t use the permission for anything. If that doesn’t work, then just downgrade rn-webrtc. And probably in the future deal with the permissions somehow as rn-webrtc is updated with lucrative features

Try to use patch-package to remove the permission from the manifest on your end and submit the build. If they don’t complain because there is code in there that uses the APIs without that declaration we’re good to go.

What are you talking about?!

Ah, I see. Would have been a good idea but I already proceeded explaining them that we’re actually not using the feature.

If they accept, I don’t think I’ll get another chance to submit and test you suggestion, unfortunately.

Returning with an update!

The original submission was denied as you expected. We followed your suggestion and removed the new permission from the AndroidManifest using patch-package and re-submitted.

I had to find where to remove any hint of the first submission in the Play Console, as some information of why we would have needed the permission was saved, but after that the submission was accepted.

So based on this experience, Google is automatically inspecting just the AndroidManifest and if no permissions are requested, they see no problem.

This is good to know! I’ll look into dropping them for the next release.