Flutter Permission Scanner

Pub Version Dart CI License: MIT Platform

A powerful CLI tool to scan your Flutter project and all its dependencies for native permissions on Android, iOS, and macOS. Perfect for security audits, CI/CD pipelines, and ensuring your app complies with privacy guidelines.

Features

  • Android Support: Scans AndroidManifest.xml for <uses-permission> and <uses-permission-sdk-23>.
  • iOS & macOS Support: Scans Info.plist and .podspec files for NS...UsageDescription keys.
  • Dependency Scan: Automatically discovers all dependencies and their requested permissions.
  • Main App Scan: Checks your host application's explicit permission requests.
  • Sensitive Highlighting: Automatically flags sensitive permissions (like Location, Camera, Microphone).
  • Multiple Output Formats: Supports professional Terminal output, raw JSON, and Markdown tables.

Installation

Install the package globally using:

dart pub global activate flutter_permission_scanner

Usage

Run the scanner in the root of your Flutter project:

flutter_permission_scanner

Options

  • -a, --all: Show all packages, even those with no native permissions.
  • -j, --json: Output results as raw JSON for easy integration with CI/CD tools.
  • -m, --markdown: Output results as a formatted Markdown table, ideal for PR comments.
  • -h, --help: Show usage information.

CI/CD Example (GitHub Actions)

Integrate this tool into your CI/CD to automatically document permissions on every PR:

- name: Run Permission Scanner
  run: flutter_permission_scanner --markdown >> permission_report.md

License

MIT License - see LICENSE for details.

Libraries

flutter_permission_scanner