I have created an Android library for customer, which is stored in private repository (it can be Github or Bitbucket, does not matter). And now this library should be published to mavenCentral for future use by other programmers. And there are two important requirements:
Code of library must be in private repository, other programmers, which will use it, will not be able to download repo.
Code of library must be obfuscated, programmers, which will use it, will be able to use methods, but will NOT be able to see code of that methods.
Programmers will be able to implement library via gradle, as usual
How can I make this? I found many tutorials for mavenCentral, but all of them was only for public repos.
I am kind of facing some similar issue. However, I liked the idea in this link below:
https://medium.com/student-beans/publishing-a-library-as-a-aar-package-55ed725fa638
Create .aar file -> Create new repo -> Upload your .aar file to Github directly -> Create release version -> Distribute using Jitpack.
This way people can directly use your library without having to see the implementation.
Suggestion: If you want it to be more secure, I would recommend creating a separate account for AAR distribution. Make the AAR repo private and distribute Github token to your partner companies only. (This is just a suggestion and I have not yet tested it)
Update: Please follow the below tutorial as the above reference is not fully working.
https://www.talentica.com/blogs/publish-your-android-library-on-jitpack-for-better-reachability/
Take the jitpack.yml file from the first article and add it to your GitHub project along with the 3 generated files from the above tutorial.
Some options to host private maven repos are Sonatype Nexus or Jfrog both of which offer free options as well as paid enterprise plans depending on your requirements.
There are a lot of online tutorials on how to upload private repos to these solutions. For example this blog post covering nexus setup.
1.you can use private repo like https://mymavenrepo.com/ and enable
Read: HTTP Basic Auth
2.All parts of the code except library Api can be obfuscated
3.Depending on the repo you use, it is possible
I hope it is useful
Related
I am working on a custom Android library. I have created a working library module for testing and now I want to publish it so that I can use it in upcoming projects.
I researched regarding this and found options such as JitPack, MavenCentral, JCentral, GitHub Packages and also one that I found interesting was creating a public GitHub repository of your AAR files and Maven metadata and implementing it using https://raw.githubusercontent.com/USER_NAME/REPO_NAME. I found this one interesting because as per my knowledge (from research) GitHub Packages requires access token with read package permissions.
What I tried was publishing my test library module to Nexus local and then accessing it. It's working fine but I want it to be live 24/7.
Now, what I want is to get more detail on publishing/uploading AAR files directly to public GitHub repository and also I found it interesting but my mind is keep saying me that this is a temporary solution so I also want a permanent solution.
My AGP is v7.2.2 and gradle is v7.3.3
I have an android library published in Bintray. The source code is in Github (public) repo.
Consumers just add the dependency in their gradle file and alls good so far.
Now, However, I want to make the GitHub repo private (for some valid reason).
What should I do to let my existing consumers continue to have access to the library in Bintray?
Its Ok if my library is not visible on Internet - I have other channels for potential consumers to get in touch with me if they are interested in my library. Please suggest.
I have an Android private project (not open source) hosted on GitHub and I need to link it by an Android gradle dependency. I saw a couple of services to dot it like Jitpack.io but it's not free for private repositories. Do you know any free service to do it? Or do you know the way to host my own private project dependency?
You can use Git Submodules - it is absolutely free and quite easy to use.
I think, you have two ways to do it:
You can setup your own Artifactory server, secure it and host
your dependencies there. You should be able to publish new artifact from the GitHub repo. Nevertheless, it requires some work and machine, where you can host your repositories. I found an article regarding that at: https://inthecheesefactory.com/blog/how-to-setup-private-maven-repository/en.
You can generate *.jar or *.aar file from your library and put it manually to your project into the lib/ directory. Unfortunately, it's not so convenient like using Artifactory or Maven Central. Nevertheless, you can automate your build in such case via Bash scripts, Gradle and/or Jenkins, so manual work (like copying files) can be avoided.
In addition to the above answers, I want to add that you can host your Android artifacts on GitHub packages. and I would recommend this tutorial as a start for doing this.
I have an Android Studio project in which I build an SDK and export it to Jcenter so that clients will be able to use my SDK in their own project by adding 1 line of "compile.. " to their build.gradle.
So far everything went well but I do have one problem, my clients can see all of the SDK code from their project. I'm trying to understand what will be the best way to hide my implementation without breaking anything. Obviously proguard will probably be involved in the solution, however to my surprise I haven't seen any "best practice" solution to achieve what I want.
Any thoughts?
At first, a library on the public jCenter repository provided by Bintray is OSS (Open Source Sofware).
This is what I've done to protect my code :
1. All the code is obfuscated with Proguard. There are some rules on very specific classes so the library work correctly.
2. My organization have subscribed to the Professional plan on Bintray witch allow us to not have a OSS library. See pricing. Doing this, the developer will need to add your bintray repo and after the dependencies. If you prefer, I guess you could do as Fabric/Twitter to have your own code repositories using maven, and host your library yourself.
Don't forget that a class file can always be Decompiled so you cannot really prevent this.
As a personnal note, If your planning to earn money with your library, maybe think about an OSS library and a prenium server side service like Parse.com where the client library is OSS.
I would like to open source a library project that I am working on in android studio (hosted on GitHub) and allow others to include the project as a dependency.
Example:
dependencies {
compile 'com.test:myproject:1.0'
}
I've done some research, and have only discovered how to create a module and import it locally within my project. Does anyone know the necessary steps to take to achieve what I want?
Basicly you can publish your app on a public repository like maven or jCenter. The easiest way is to published on bintray, it's free for open source public library. You can use the following library to help you
Also, look into jitpack.io. It is easily the quickest way for getting a JVM projects up and ready especially if you're already using Github. Here's the extra docs for it as well.