Develop Reference

ProGuard rules and line number in crash report

I my using LibGdx based android game, I have used the below Gradle, proguard-rules.pro. In the crash report, I do not see source file and its line number. Anything I am missing ?
Gradle
buildTypes {
release {
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-project.txt', 'proguard-rules.pro'
}
}
'proguard-rules.pro
-keep class com.google.firebase.provider.FirebaseInitProvider
-renamesourcefileattribute SourceFile
-keepattributes SourceFile,LineNumberTable
Crash Report - Android Developer console
java.lang.NullPointerException:
at com.a.b.g.a (g.java:110)
at com.b.b.a (b.java:11)
at com.a.b.d.g (d.java:492)
at com.a.b.d.a (d.java:485)
at com.badlogic.gdx.backends.android.k.a (k.java:356)
at com.badlogic.gdx.backends.android.j.onDrawFrame (j.java:457)
at android.opengl.GLSurfaceView$GLThread.guardedRun (GLSurfaceView.java:1522)
at android.opengl.GLSurfaceView$GLThread.run (GLSurfaceView.java:1239)

You need setup your proguard rules according official article. In my case rules not required:
-dontwarn android.support.**
-dontwarn com.badlogic.gdx.backends.android.AndroidFragmentApplication
Make sure that file proguard-project.txt stored in android module, not in project root.

How to enable proguard for only one module

I have a payment application with payumoney integration. It was working fine until i added the proguard. Recently I have added Proguard to my build.gradle file (Module: app)
` buildTypes {
release {
minifyEnabled true
shrinkResources true
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
signingConfig signingConfigs.config
}
}`
After this App gets closed when i proceed to payment. It is working fine when i Changed minifyEnabled to false.
Following is my Module:PayuMoneySdk Build.gradle File
`buildTypes {
release {
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
}
}`
How can I solve this issue? I can't disable proguard.
Can I enable proguard to only Module:app? And will it solve the issue?
I am new to programming. Please help!!

The solution is to look up for the methods and classess that needs to be exempted and add them to the proguard rules as follows..
-keep class com.mm.** {*;}
-keep class com.company.** {*;}
-keepclassmembers class com.mm.** {*;}
-keepclassmembers class com.company.** {*;}

add below lines in proguard-rule.pro file
-dontwarn okio.**
# Platform calls Class.forName on types which do not exist on Android to determine platform.
-dontnote retrofit2.Platform
# Platform used when running on Java 8 VMs. Will not be used at runtime.
-dontwarn retrofit2.Platform$Java8
# Retain generic type information for use by reflection by converters and adapters.
-keepattributes Signature
# Retain declared checked exceptions for use by a Proxy instance.
-keepattributes Exceptions
-keep class com.** { *; }

How to apply proguard to AAR library in android?

I have Develop one Android AAR Library which consist of all functionality that customer required, I want to apply proguard on library before deliver it to the customer in order to obfuscate the code so that code will not easy to decompile.
I googled it before posting this question and I found that Library projects by themselves don't run ProGuard, so they don't use any configuration, as mention here Click Here
I have done following configuration in order to apply proguard on my library project.
buildTypes {
debug {
shrinkResources false
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
}
release {
shrinkResources true
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
}
}
I have applied this rules on proguard-rules.pro
-keepparameternames
-renamesourcefileattribute SourceFile
-keepattributes Exceptions,InnerClasses,Signature,Deprecated,SourceFile,LineNumberTable,*Annotation*,EnclosingMethod
-keep public class * {
public protected *;
}
-keepclassmembernames class * {
java.lang.Class class$(java.lang.String);
java.lang.Class class$(java.lang.String, boolean);
}
-keepclasseswithmembernames class * {
native <methods>;
}
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
-keepclassmembers class * implements java.io.Serializable {
static final long serialVersionUID;
private static final java.io.ObjectStreamField[] serialPersistentFields;
private void writeObject(java.io.ObjectOutputStream);
private void readObject(java.io.ObjectInputStream);
java.lang.Object writeReplace();
java.lang.Object readResolve();
}
but after using this aar on my demo project the library get used properly but the code is not hidden it just get visible after decompiled in android studio as we decompile method just by holding ctrl and click on that method, all containt of method just get visible without any proguard rules applied on that library.
Please suggest me relevant way or tell me what wrong steps I am taking as I am new to android.

AAR modules can be indeed obfuscated.
Add consumerProguardFiles 'proguard-rules.pro' to your AAR build.gradle configuration along with proguardFiles, so that if the app/module that's using the AAR runs ProGuard, your configuration (i.e. any excludes for public API that shouldn't be minified) will be honoured.

Android libraries (aar-files) are not obfuscated at all. The minifyEnabled option is ignored in com.android.library-projects. So everyone can easily decompile the code contained in an aar-file.

Android Build with Gradle and ProGuard : "The output jar must be specified after an input jar, or it will be empty"

I'm creating a build with different flavors with Gradle. It used to run quite good until now, until I wanted to enable Proguard. I enabled minifyEnabled for my Release Build and now I'm having an exception saying :
"Caused by: org.gradle.internal.UncheckedException: java.io.IOException: The output jar [.../app/build/intermediates/multi-dex/dev/release/componentClasses.jar] must be specified after an input jar, or it will be empty."
Does anybody know what is causing this exception ? I basically want to enable ProGuard before I release my application. Here is my Gradle file below.
lintOptions {
abortOnError false
}
dexOptions{
incremental true
javaMaxHeapSize "4g"
}
defaultConfig {
applicationId "..."
minSdkVersion 14
targetSdkVersion 22
versionCode 1
versionName "1.0"
multiDexEnabled true
}
buildTypes {
release {
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
signingConfig signingConfigs.release
}
debug {
minifyEnabled false
shrinkResources false
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
signingConfig signingConfigs.debug
}
}
ProGuard Rules file.
# Add project specific ProGuard rules here.
# By default, the flags in this file are appended to flags specified
# in /Users/osayilgan/Development/Android/sdk/tools/proguard/proguard-android.txt
# You can edit the include path and order by changing the proguardFiles
# directive in build.gradle.
#
# For more details, see
# http://developer.android.com/guide/developing/tools/proguard.html
# Add any project specific keep options here:
# If your project uses WebView with JS, uncomment the following
# and specify the fully qualified class name to the JavaScript interface
# class:
#-keepclassmembers class fqcn.of.javascript.interface.for.webview {
# public *;
#}
-keepnames public class * extends io.realm.RealmObject
-keep class io.realm.** { *; }
-dontwarn javax.**
-dontwarn io.realm.**
And Here is the proguard-android file. This is the default one from Android SDK.
# This is a configuration file for ProGuard.
# http://proguard.sourceforge.net/index.html#manual/usage.html
-dontusemixedcaseclassnames
-dontskipnonpubliclibraryclasses
-verbose
# Optimization is turned off by default. Dex does not like code run
# through the ProGuard optimize and preverify steps (and performs some
# of these optimizations on its own).
-dontoptimize
-dontpreverify
# Note that if you want to enable optimization, you cannot just
# include optimization flags in your own project configuration file;
# instead you will need to point to the
# "proguard-android-optimize.txt" file instead of this one from your
# project.properties file.
-keepattributes *Annotation*
-keep public class com.google.vending.licensing.ILicensingService
-keep public class com.android.vending.licensing.ILicensingService
# For native methods, see http://proguard.sourceforge.net/manual/examples.html#native
-keepclasseswithmembernames class * {
native <methods>;
}
# keep setters in Views so that animations can still work.
# see http://proguard.sourceforge.net/manual/examples.html#beans
-keepclassmembers public class * extends android.view.View {
void set*(***);
*** get*();
}
# We want to keep methods in Activity that could be used in the XML attribute onClick
-keepclassmembers class * extends android.app.Activity {
public void *(android.view.View);
}
# For enumeration classes, see http://proguard.sourceforge.net/manual/examples.html#enumerations
-keepclassmembers enum * {
public static **[] values();
public static ** valueOf(java.lang.String);
}
-keep class * implements android.os.Parcelable {
public static final android.os.Parcelable$Creator *;
}
-keepclassmembers class **.R$* {
public static <fields>;
}
# The support library contains references to newer platform versions.
# Don't warn about those in case this app is linking against an older
# platform version. We know about them, and they are safe.
-dontwarn android.support.**

It took quite a while for me to figure it out but, as I had guessed, it was all about Proguard configuration.
I started to dig through the Warnings in the Console and realized that some of the References couldn't be found by Proguard. So adding them as -dontwarn to proguard configuration file solved the problem.
In my case, I had to ignore packages below;
-dontwarn java.lang.invoke**
-dontwarn org.apache.lang.**
-dontwarn org.apache.commons.**
-dontwarn com.nhaarman.**
-dontwarn se.emilsjolander.**

How to use the ProGuard in Android Studio?

This is my first project in Android Studio, and the code of my apps are not obfuscated.
Im using this configuration in build.gradle file:
I'm using the Build > Generate Signed APK... with the Run Proguard checked.
And, when I have tested using the Apk_OneClick.v4.2, my code is completly easy to read:
Please, help-me. :(

You're probably not actually signing the release build of the APK via the signing wizard. You can either build the release APK from the command line with the command:
./gradlew assembleRelease
or you can choose the release variant from the Build Variants view and build it from the GUI:

You can configure your build.gradle file for proguard implementation. It can be at module level or the project level.
buildTypes {
debug {
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.txt'
}
}
The configuration shown is for debug level but you can write you own build flavors like shown below inside buildTypes:
myproductionbuild{
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.txt'
}
Better to have your debug with minifyEnabled false and productionbuild and other builds as minifyEnabled true.
Copy your proguard-rules.txt file in the root of your module or project folder like
$YOUR_PROJECT_DIR\YoutProject\yourmodule\proguard-rules.txt
You can change the name of your file as you want. After configuration use one of the three options available to generate your build as per the buildType
Go to gradle task in right panel and search for assembleRelease/assemble(#your_defined_buildtype) under module tasks
Go to Build Variant in Left Panel and select the build from drop down
Go to project root directory in File Explorer and open cmd/terminal and run
Linux ./gradlew assembleRelease or assemble(#your_defined_buildtype)
Windows gradlew assembleRelease or assemble(#your_defined_buildtype)
You can find apk in your module/build directory.
More about the configuration and proguard files location is available at the link
http://tools.android.com/tech-docs/new-build-system/user-guide#TOC-Running-ProGuard

NB.: Now instead of
runProguard false
you'll need to use
minifyEnabled false

Here is Some of Most Common Proguard Rules that you need to add in proguard-rules.pro file in Android Sutdio.
ButterKnife
-keep class butterknife.** { *; }
-dontwarn butterknife.internal.**
-keep class **$$ViewBinder { *; }
-keepclasseswithmembernames class * {
#butterknife.* <fields>;
}
-keepclasseswithmembernames class * {
#butterknife.* <methods>;
}
Retrofit
-dontwarn retrofit.**
-keep class retrofit.** { *; }
-keepattributes Signature
-keepattributes Exceptions
OkHttp3
-keepattributes Signature
-keepattributes *Annotation*
-keep class okhttp3.** { *; }
-keep interface okhttp3.** { *; }
-dontwarn okhttp3.**
-keep class sun.misc.Unsafe { *; }
-dontwarn java.nio.file.*
-dontwarn org.codehaus.mojo.animal_sniffer.IgnoreJRERequirement
Gson
-keep class sun.misc.Unsafe { *; }
-keep class com.google.gson.stream.** { *; }
Code obfuscation
-keepclassmembers class com.yourname.models** { <fields>; }

Try renaming your 'proguard-rules.txt' file to 'proguard-android.txt' and remove the reference to 'proguard-rules.txt' in your gradle file. The getDefaultProguardFile(...) call references a different default proguard file, one provided by Google and not that in your project. So remove this as well, so that here the gradle file reads:
buildTypes {
release {
runProguard true
proguardFile 'proguard-android.txt'
}
}

The other answers here are great references on using proguard. However, I haven't seen an issue discussed that I ran into that was a mind bender. After you generate a signed release .apk, it's put in the /release folder in your app but my app had an apk that wasn't in the /release folder. Hence, I spent hours decompiling the wrong apk wondering why my proguard changes were having no affect. Hope this helps someone!

Enable ProGuard
[ProGuard flow]
android {
buildTypes {
release {
minifyEnabled true
proguardFiles 'proguard-rules.pro'
}
}
}
[ProGuard artefact]