Android Studio lint warns of missing permissions that are not required at my target API level

Question

I'm doing some work on an internal, legacy Android app. The target SDK version is set to 28 in the Gradle build file, and the compile SDK version is set to 33.

The issue I face is that Android Studio lint is showing me an error regarding a missing permission, even though the indicated permission is not actually required at the API level that I am targeting. The permission that I'm being warned about is the BLUETOOTH_CONNECT permission, but the docs indicate that this permission is only required if an app targets API level 31 or above. (At my target API level, I am requesting the BLUETOOTH permission instead, as the documentation prescribes.)

The app compiles and runs fine. Bluetooth functionality is available to the app, even when it is run on a device that is running a version of Android >= API level 31.

Being an app internal to our organization, the app runs on a limited and controlled set of mostly older devices, and I'd just as soon not add the BLUETOOTH_CONNECT permission if I don't have to, particularly since it is a runtime permission and adds more hassle. My question is whether the lint warning is actually as spurious as it seems to me, and is therefore safe to ignore, or if there is something I am overlooking in this situation that could come back to bite me--not in future, if and when I bump up the target SDK level, but as things stand today.

I realize it's best practice to target the latest SDK. But it still seems to me that the lint error is misplaced as written, and I'd like to confirm that my understanding here is correct.

---

Edit: As far as I can tell, the lint error is in fact a false positive under the circumstances, for the reasons I have tried to lay out above.

I believe the proximate cause of the error's showing up in my project is that the SDK I'm compiling against annotates several of the Bluetooth-related methods that I am calling with @RequiresPermission (example) and the lint tool is simply basing its errors on this, without in any way taking into account the role played by the target SDK level.

(This, notwithstanding that a @RequiresLegacyBluetoothPermission annotation is also present at the source level, which speaks to my situation.)

For the time being, I've decided to suppress Bluetooth-related missing permission warnings by adding the following to my lint.xml file:

<issue id="MissingPermission">
   <ignore regexp="BLUETOOTH_SCAN|BLUETOOTH_CONNECT"/>
</issue>

The use of the regular expression (which is matched against the detailed error message per the documentation) should prevent suppression of missing permission lint errors that are unrelated to the situation I have described here.

Answer 1

When you are setting android target SDK version to 28 and compile SDK to 33, the compiler expects that your app should work fine on all the devices that are in that range, from API 28 until 33.

To sum up:

• compileSdkVersion The compileSdkVersion is the version of the API the app is compiled against.

• targetSdkVersion: The targetSdkVersion is supposed to indicate that you have tested your app on (presumably up to and including) the version you specify.

Therefore, eventhough I would not recommend to target only older devices. You can put this settings:

compileSDKVersion = 30
minSDKVersion = 24
targetSDKVersion = 30

If you need help with that permission, you can look online for it, or create another StackOverflow question regarding that issue.