snachmsm snachmsm - 29 days ago 15
Android Question

Google Play -505 install error

I have an app in Google Play, which was built with tools and API 22. Everything was working well, but last update with API 23 (tools 23.1) shows users with Android 6.0 error numbered "-505" (in Google Play app or in notification). BUT.. its really random... I know about two same devices - Nexus 5 with 6.0.1 - one have -505, second is installing update without problem....

After a lot of searching I've found information that this error means duplicated permission, but which...?

<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />

<!-- GCM -->
<uses-permission android:name="android.permission.GET_ACCOUNTS" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="" />
android:protectionLevel="signature" />
<uses-permission android:name="" />

android:name="android.permission.READ_PHONE_STATE" />
android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
android:name="android.permission.READ_EXTERNAL_STORAGE" />

ANY ideas?


Answer useful for every app developer who is using Android Studio with Gradle and external libraries. Some are affected, some not, but for example Google-Play-Services (in current 8.4.0 version, in my case) are involed, and this lib is pretty popular...


Every app have to declare own applicationId in Gradle, and also packageName in manifest, but this is required by Android Studio. Gradle is not forcing applicationId to be declared, but it should, beacuse some of libs are using reference ${applicationId} in their declarations, for example from above mentioned GPS:


When you don't have declared applicationId build system use libs appId and after apk creation above provider will be:


And it will be installed in system with without problem. Real problem will be when another, second app will be using same library and also created without applicationId. In this app there is also same package (in GPS sample and this is duplication error numbered -505, cause authorities field must be unique... If you declare in your app applicationId above sample will be:


And this will be unique for shure in whole system as it should be :) Note that reference ${applicationId} might be also declared in other must-be-unique-in-whole-system fields, which are for example permissions, which can't duplicate also.

In my case: Google-Play-Services and Google Cloud Messaging lib (as I know for shure v 8.3 and 8.4). Above sample first snippet is from push messages provider. My app after lib update from 7.x (this version is not using appId reference, maybe ${packageName} instead?) to 8.4 (using appId ref) started crashing installation with -505 on devices, which already have installed another app (not related with my at all) which also misses applicationId declaration and uses same GPS lib. First installed app "reserves" original Google Cloud Messaging provider authority field using its "original" lib applicationId (cause app's/developer's missing) and this field must be unique in whole system, so my app (as installed after) is getting -505...


Here is doc with proper declaration of both packageName and applicationId. Define this field in your app and it will never "interferre" with another app (really own provider unique in system).

Homework for advanced:

Decompile or just "guess" anothers app Provider (or any other should-be-unique creature) and declare it in your own app. You may not use it at all, but it probably lock installation of this original app. Seems like pretty good method to lock installations of competitors (e.g. biggest rival). Didn't tried, hope this possibility is "solved" already...