What the manifest declares

Every Android app ships a single AndroidManifest.xml merged from the app module and its libraries at build time. It tells the system the app's package name, its components (activities, services, broadcast receivers, content providers), the minimum and target SDK levels, and which device features and permissions the app needs.

The system parses the manifest at install time and again on launch, before any of the app's code executes. This is how the OS knows, for example, that an app intends to run a foreground service or query the media store without first starting the app.

Storage and media permissions in the manifest

Storage access is gated by `<uses-permission>` entries. Legacy apps declared READ_EXTERNAL_STORAGE / WRITE_EXTERNAL_STORAGE, but on Android 13+ those are replaced by granular media permissions: READ_MEDIA_IMAGES, READ_MEDIA_VIDEO, and READ_MEDIA_AUDIO. Android 14 adds READ_MEDIA_VISUAL_USER_SELECTED for partial photo access.

Because of scoped storage, declaring a permission is not enough — the app still resolves files through the MediaStore and gets only what the user grants at runtime. Apps that genuinely need to see all files declare MANAGE_EXTERNAL_STORAGE, which triggers a special Play Store review and a system All files access toggle.

Why it matters for a storage cleaner

A cleanup app like Cleanor must declare exactly the media permissions it needs to scan photos and videos, and request them at runtime. The manifest is where reviewers and power users can audit precisely what a cleaner is allowed to touch — a transparency point, since a well-built cleaner reads media but does not request blanket all-files access unless its feature set requires it.