For folks who are used to doing native Android development, this is old news, but for folks who may be new to it and coming from a PhoneGap perspective, I wanted to share a quick tip with you to help make your apps a bit less "scary" for your users. What am I talking about? Whenever you install an Android application, the device checks the app's descriptor file to see what permissions the app needs to run. By default, a PhoneGap Android app will simply have them all enabled. This means your users may see this...

And...

But wait, there's more....

That's three pages of text that most users won't bother reading, and those that do care will freak out since it's the app equivalent of a stranger asking to move into your house, become best friends with your dog, eat your food, and screw your spouse.

To change this, open up AndroidManifest.xml. Depending on your editor, you may get the plain text or a fancy editor. I recommend switching to plain text so you can see the following...

<uses-permission android:name="android.permission.CAMERA" /> <uses-permission android:name="android.permission.VIBRATE" /> <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" /> <uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" /> <uses-permission android:name="android.permission.ACCESS_LOCATION_EXTRA_COMMANDS" /> <uses-permission android:name="android.permission.INTERNET" /> <uses-permission android:name="android.permission.RECEIVE_SMS" /> <uses-permission android:name="android.permission.RECORD_AUDIO" /> <uses-permission android:name="android.permission.RECORD_VIDEO"/> <uses-permission android:name="android.permission.MODIFY_AUDIO_SETTINGS" /> <uses-permission android:name="android.permission.READ_CONTACTS" /> <uses-permission android:name="android.permission.WRITE_CONTACTS" /> <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" /> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" /> <uses-permission android:name="android.permission.GET_ACCOUNTS" /> <uses-permission android:name="android.permission.BROADCAST_STICKY" />

This is - obviously - where your device would get the list of permissions it thinks the app requires. The docs do not make it very clear what the minimum requirements are, but from what I know (and Google), the minimum requirements are:

<uses-permission android:name="android.permission.INTERNET" />

Most Google results mention android.permission.READ_PHONE_STATE as well, but that's not available in the 2.3.3 project I just created. Keep it in mind though as it may be present in other SDK versions. Here's how the install screen looks after this change: