Can I publish any Android app without deleting Log.i() statements. Is it safe?
No, the logs files are not removed , that is why many people use Timber library as the Timber logs are automatically removed.
To know more about timber visit GitHub page of Timber
The log statements will stay in the app and anyone can see them. You can prevent this by deleting the logs before publishing, having a check for debug mode before logging, or using something like proguard to remove them when you compile. Here's another question with more info.
Related
I am trying to move app to another agency. Ideally, it would be as simple as changing Organization API key and adding its secret into fabric.properties file. But this is not happening.
I have tried to remove all traces of Crashlytics so I can install it like the first time and pick the desired organisation. So I removed all Gradle entries, an entry from the Manifest and deleted fabric.properties file. I also logged out of Fabric plugin and restarted Android Studio, just in case. However this does not work. When I compile the app, it fills the old Organization data.
So how can I completely remove ALL traces of Crashlytics so the project looks just like before I installed it?
PS. also if someone knows how to move app to another organization (the method that does work), please share it with me.
I am looking to do the same and would try doing the reverse from what is advised in the installation instructions here.
Meaning:
removing the repository, plugin, and the dependencies from build.gradle;
removing the keys (fabric.properties or app manifest xml);
removing the initialization code;
I may add more details once actually trying to do this myself.
Android app submission says, remove any logging before submission. Have a few question on this one
Is System.out.println considered as logging? How can I disable it across the app without having to remove it on by one
Tried android:debuggable="false" inside manifest, but eclipse says "Avoid hardcoding the debug mode; leaving it out allows debug and release builds to automatically assign one"
I have some third party jar files that shows Log statement when I test my app. How can I remove them, considering I don't have the source.
Suggestions are highly appreciated.
I'm sure you've come across the fact that you can do the if(GLOBAL_VALUE) trick, because your logs are already there!
Therefore, my suggestions is to use Proguard; http://developer.android.com/tools/help/proguard.html
The following proguard.cfg chunk instructs to remove Log.d calls.
-assumenosideeffects class android.util.Log {
public static *** d(...);
}
You can do it for other calls like Log.i, Log.e, etc based on the value you put there!
As for your Jar, if it is referencing the Android Log system, ProGuard should take care of that.
I am developing an android application where i am using a lot of Logs for printing values at console for debugging purpose. Now i am using Log.i() method in Android. Now actually what the problem , before i have to give to testing team, i have to remove all logs. When the number of classes in the project is small, i can remove it manually. But when the project contains 40 to 50 classes, it is humanly impossible to go to all classes and remove it manually. So is there any settings is availaible in eclipse so that i can remove or disable all logs by changing a single settings or configuration or else is there any jar file that helps for debugging much more easier than Log.i() method. Any suggestion or guidance is highly appreciable
Thanks inAdvance
the logs will be kept on the phone and any user/developer can check them out by installing apps like Catlog even without using adb! This is a problem as you stand to give unnecessary and at times, confidential data to users/other developers.
Simple way to solve this?
a. Use Proguard to automatically block all logs, more information in this stackoverflow thread
Here you can automatically block all logs at the bytecode level in Proguard
-assumenosideeffects class android.util.Log {
public static int v(...);
}
The above, for example would remove any verbose logging, more in this thread
b. I use a if(DEBUG) Log.i for all my logs, so that with one change of the boolean DEBUG i can switch on/off all logs
This answer referred from this link
Android hide logs in the application when upload to market
Strange enough problem...
Okay, here's my situation. In my Android application I'm using 3rd party component which generates a lot of Logcat logs. I don't have sources of those component :(
For some security reason I need to find way to somehow intercept those logs before they appearing in Logcat.
Is it possible? Any ideas?
You can use ProGuard on the 3rd party library to strip it of all calls to the Log class as per this answer to a similar question: https://stackoverflow.com/a/2019002/1122135
If the source code is available for the library, I would recommend building your own version of the library without the debug output.
In the Android docs it talks about getting an application ready for the market.
It says that you should deactivite Log and debugging.
Is this totally neccessary? Or just an suggestion?
Also how do you go about doing this?
You can remove all logging by running progruard with the correct options.
Android Proguard, removing all Log statements and merging packages
Has some of the options needed. Takes some understanding of Proguard but allows the source to keep the log messages while not worrying about them in a released application. Additionally, you can add the other methods to the config as well to remove logging completely. Not all applications do this. Many of Google's own applications are fairly chatty on the log in release.