Why are permissions being automatically added to my AndroidManifest when including Google Play Services library

I noticed that the following permissions were automatically added when i use the following in my build.gradle file

compile 'com.google.android.gms:play-services:7.5.0'

This did not occur with the earlier versions of the play-services. does anyone have a solution to remove these unwanted permissions?

I am only using the ads function (INTERNET and ACCESSNETWORK_STATE). I got no need for the LOCATION and USE_CREDENTIALS permissions. How do you remove these unwanted permissions?

I noticed that the 'manifest-merger-xxx-debug-report.txt' file contains the following

 ...<snipped bunch of other merges>
MERGED from com.google.android.gms:play-services-maps:7.5.0:22:5
    android:name
        ADDED from com.google.android.gms:play-services-maps:7.5.0:22:22
uses-permission#android.permission.ACCESS_COARSE_LOCATION
ADDED from com.google.android.gms:play-services-maps:7.5.0:23:5
MERGED from com.google.android.gms:play-services-maps:7.5.0:23:5
MERGED from com.google.android.gms:play-services-maps:7.5.0:23:5
MERGED from com.google.android.gms:play-services-maps:7.5.0:23:5
    android:name
        ADDED from com.google.android.gms:play-services-maps:7.5.0:23:22
uses-feature#0x00020000
ADDED from com.google.android.gms:play-services-maps:7.5.0:24:5
MERGED from com.google.android.gms:play-services-maps:7.5.0:24:5
MERGED from com.google.android.gms:play-services-maps:7.5.0:24:5
MERGED from com.google.android.gms:play-services-maps:7.5.0:24:5
    android:glEsVersion
        ADDED from com.google.android.gms:play-services-maps:7.5.0:25:8
    android:required
        ADDED from com.google.android.gms:play-services-maps:7.5.0:26:8
android:uses-permission#android.permission.READ_EXTERNAL_STORAGE
IMPLIED from AndroidManifest.xml:2:1 reason: com.google.android.gms.maps requested WRITE_EXTERNAL_STORAGE
uses-permission#android.permission.GET_ACCOUNTS
ADDED from com.google.android.gms:play-services-wallet:7.5.0:21:5
    android:name
        ADDED from com.google.android.gms:play-services-wallet:7.5.0:21:22
uses-permission#android.permission.USE_CREDENTIALS
ADDED from com.google.android.gms:play-services-wallet:7.5.0:22:5
    android:name
        ADDED from com.google.android.gms:play-services-wallet:7.5.0:22:22
meta-data#com.google.android.gms.wallet.api.enabled
 ...<snips more lines away>

When you use

compile 'com.google.android.gms:play-services:7.5.0'

This implies you are using every feature of Google Play Services, including location services. If you only need a particular API, you should be using the selective APIs.

In the case of ads, you can use solely:

compile 'com.google.android.gms:play-services-ads:7.5.0'

You can exclude those auto added permissions if your app feature doesn't require.

In my case i'm using Google wallet play service 8.3 which adds GET_ACCOUNTS and USE_CREDENTIALS . We don't required user to pick the google account for selecting google wallet.

<uses-permission android:name="android.permission.GET_ACCOUNTS" tools:node="remove"/>
<uses-permission android:name="android.permission.USE_CREDENTIALS" tools:node="remove" />

tools:node="remove" does the trick when creating the full manifest.

Look at the Full final AndroidManifest.xml at /build/intermediates/manifest/full/debug