Chrome Extension Permission Check
A GitHub Action that detects Chrome Extension (Manifest V3) permission escalations between two manifest.json files. It predicts whether an extension update will be disabled by Chrome and require users to manually re-approve new permissions.
Why this matters
When a Chrome extension update adds new permissions that trigger warning dialogs, Chrome will:
Disable the extension
Automatically disabled for every existing user.
Require re-approval
Users must manually find and re-approve. Many never do.
Cause user churn
A single permission escalation can cause massive drop-offs in active users.
What it checks
Permission warnings
Based on the Chrome permission warnings list, detects new permissions that trigger user-facing warning dialogs (e.g. tabs, history, bookmarks).
Host permissions
Detects new host_permissions entries that grant access to new domains.
Content script hosts
Detects new domains in content_scripts[].matches not already covered by existing host_permissions. Mirrors Chromium's IsPrivilegeIncrease() logic.
Smart matching
Wildcard subdomains (*.google.com covers mail.google.com), www normalization, and scheme upgrades are handled correctly.
Quick start
GitHub Actions
- name: Check permission warnings
uses: Toumash/chrome-extension-permission-check@v1
with:
baseline-manifest: path/to/old/manifest.json
new-manifest: path/to/new/manifest.jsonCLI
npx chrome-extension-permission-check old-manifest.json new-manifest.jsonOutputs
| Output | Description |
|---|---|
warning_detected | true or false |
new_permissions | Comma-separated list of new permissions/hosts that trigger warnings |
Let's discuss your project
Whether you need a custom browser extension, a dedicated dev team, or technical consulting — let's find the best approach together.