How can I build a search system to find all references that require an android permission in my proj

Permissions that creep in between android builds of our app is a recurring problem for us at the office.

We work with Unity and use C#. In our project we use various 3rd party packages that we purchased from the Unity Asset Store and these packages update frequently. Sometimes we’ll see a new permission creep in and we’ll have to pinpoint the last git push to see when it exactly started appearing.

Doing all this stuff and tracking and scanning our code whenever we have an uncalled permission appear is a bit of a downer and takes considerable time.

I was wondering, theoretically speaking, if it’s possible to write a script or a piece of code that creeps through our project and libraries within to give us a list of references that require android permissions.

Any guidance about this question is appreciated.

I am not sure you’ll be able to find any documentation saying “if you use X then permission P will be added”. At least not according to what i know.

What you could do, is create a tool that will process your built APK and get the permissions it lists in its manifest.
This tool can be fed a list of “expected permissions”, and in case a new one is added, it will print an error (or return an error code).

Integrate this into your automated builds, and you’ll be able to trace which exact commit adds a new permission to the built game.