UIKit declares high risk / sensitive permission against Google Play policy

Platform:
Android

UIKit Version:
2.2.5

Our latest release to Google Play was flagged as containing a high risk or sensitive permission that violates policy. This permission is REQUEST_INSTALL_PACKAGES. I took a look at our merged manifest and see that it is SendBird that is declaring this permission. This is an unexpected permission for a chat library to request. Why does SendBird declare this permission in its manifest?

In the meantime, I am going to prevent it from being merged into our app’s manifest with the following line:

<uses-permission
    android:name="android.permission.REQUEST_INSTALL_PACKAGES"
    tools:node="remove" />

Hi, sorry for the late reply.

The REQUEST_INSTALL_PACKAGES permission was needed when the Android APK file was sent to the channel and installed, but a new UIKit version will be released to delete the permission and change it to a delegation to the app if needed.