fix: Remove Android access fine location from bluetooth library - cp-7.72.0

[Cal-L]

Description

Remove Android access fine location from bluetooth library in an attempt to resolve duplicate declaration error when uploading build to Google play.

Changelog

CHANGELOG entry:

Related issues

Fixes:

Manual testing steps

Feature: my feature name

  Scenario: user [verb for user action]
    Given [describe expected initial app state]

    When user [verb for user action]
    Then [describe expected outcome]

Screenshots/Recordings

Before

After

Pre-merge author checklist

• I've followed MetaMask Contributor Docs and MetaMask Mobile Coding Standards.
• I've completed the PR template to the best of my ability
• I've included tests if applicable
• I've documented my code using JSDoc format if applicable
• I've applied the right labels on the PR (see labeling guidelines). Not required for external contributors.

Pre-merge reviewer checklist

• I've manually tested the PR (e.g. pull and build branch, run the app, test code being changed).
• I confirm that this PR addresses all acceptance criteria described in the ticket it closes and includes the necessary testing evidence such as recordings and or screenshots.

---

Note

Low Risk
Low risk manifest-only change; main risk is unintended removal/override of ACCESS_FINE_LOCATION affecting BLE behavior on older Android versions if the merge rules don’t apply as expected.

Overview
Adjusts Android manifest BLE location permission declarations to avoid Google Play upload failures caused by duplicate ACCESS_FINE_LOCATION entries from dependency manifests.

Keeps a single uses-permission with android:maxSdkVersion="30" and explicitly removes any uses-permission-sdk-23 variant via tools:node="remove", while updating comments to document the merge behavior.

^{Reviewed by Cursor Bugbot for commit c34b584. Bugbot is set up for automated code reviews on this repo. Configure here.}

[github-actions]

CLA Signature Action: All authors have signed the CLA. You may need to manually re-run the blocking PR check if it doesn't pass in a few minutes.

[github-actions]

🔍 Smart E2E Test Selection

• Selected E2E tags: None (no tests recommended)
• Selected Performance tags: None (no tests recommended)
• Risk Level: low
• AI Confidence: 95%

click to see 🤖 AI reasoning details

E2E Test Selection:
The change to AndroidManifest.xml is a pure build/packaging fix that:

1. Adds a uses-permission-sdk-23 element with tools:node="remove" to remove a duplicate ACCESS_FINE_LOCATION permission declaration injected by the rxandroidble dependency.
2. Updates a comment to better explain the BLE location permission conflict.

This is a manifest merger directive that only affects the Android build-time manifest merging process to prevent Google Play Store rejection due to duplicate permission declarations. It does NOT:

• Change any app logic, UI components, or user flows
• Affect any controller, engine, or state management
• Impact navigation, modals, confirmations, or any E2E-testable behavior
• Change the actual runtime permissions granted to the app (ACCESS_FINE_LOCATION is still limited to maxSdkVersion 30)

No E2E tests are needed as no user-facing functionality is changed. This is purely a build configuration fix for Play Store compliance.

Performance Test Selection:
This is a pure Android manifest build fix with no impact on app runtime performance, rendering, data loading, or any user flow timing. No performance tests are warranted.

View GitHub Actions results

[ieow]

lgtm

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud