This library will request location permissions, as several pieces of Play Services need it.
First, never use
+. If you want to allow free-floating patchlevels (e.g.,
22.0.+), that's not completely insane, but using
+ for the version is insane.
Next, consider using one (or more) of the more focused dependencies, rather than the full Play Services SDK. Not only will this perhaps eliminate the permission that you do not want, but your APK will be a lot smaller. The documentation covers the available options (see the "Selectively compiling APIs into your executable" section).
If you still wind up with permissions that you do not want, then you will need to determine where the permissions are coming from. There should be a manifest merger report in
build/outputs/apk/ of your module. It will be a bit difficult to understand, but hopefully you can identify the library that is contributing this permission. At that point, you need to decide how to proceed:
The safest answer that removes the permission is to no longer use that library, but instead find some other solution to whatever problem you are trying to solve with that library
Or, live with the permission
Or, try adding the following to your app's manifest:
This will require you to add
xmlns:tools="http://schemas.android.com/tools" to the root
element if it is not already there. This will tell the build tools to explicitly exclude this permission, even though libraries are contributing it. However, your use of those libraries may break. Only do this if you have a dedicated testing team that can spend the time needed to ensure that your decision to block this permission will not result in crashes or other behavior that affects the user.