Am developing android application with some confidential data.I need to obfuscate code.I have searched for a solution long time, still am not getting solution.
You have several ways of doing this. The one you can easily integrate inside your application is to use proguard rules and gradle.
Define your proguard-rules.pro with the specifications you see fit. Below there is a link which explains the usage of most of them
http://proguard.sourceforge.net/manual/usage.html
After that, in the build gradle of your top application module, in case you have a tree of dependencies, add:
BuildTypes{
release{
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
}
}
In this case, every time you run a release version of your application, it will run your proguard file configuration. Have in consideration that proguard does not obfuscate the name of the activities.
Use minifyEnabled true in your app level build.gradle
Related
I started working in an Android application and realized that it implemented so many dependencies in the gradle file. I've been able to clean it a little bit and the weight and number of methods has decreased a lot. Good news!
Currently the only thing that worries me is this code line...
implementation 'com.android.support:design:28.0.0'
...because we only use one of its feature in one screen, TabLayout (it seems really necessary for the statistics screen).
Is there any way for implementing just this feature with gradle or proguard?
Thank you very much.
If you use ProGuard, all unused code / resources will be stripped out automatically.
Google's libraries (e.g. com.android.support:design) have ProGuard configs that will do this when it is enabled.
Enabling it just requires the following in your app-level build.gradle, and running a release build:
buildTypes {
release {
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android.txt'),
'proguard-rules.pro'
}
}
If you need further help setting up ProGuard, I suggest the official docs.
I am developing one android library for that i want enable the progurad.
First thing i did is:
I have enabled the minification for my library
buildTypes {
release {
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
}
}
After this, I have generated the AAR file with minification. And then i used the AAR file to my testing app to check whether my library classes were available. But classes were not there, Because the pro guard removed all my classes from library as it was not used.
Second thing i did is:
-keep public interface com.example.client.** { *; }
I have added the above thing to my proguard-rules.pro. Now i can able to see all my classes with proguard applying the same class, function, variable names. (In mapping file i could see the same name getting applied)
I don't know the exact way to apply the proguard to generate the obfuscated AAR.
Is there any guideline to generate AAR with the minification/
Or in my case what is fix to generate AAR with the class available?
I am struggling for a long time... Could someone please try to help me!!!
My assets and drawable are only 2mb java and xml sources is only 1mb but after build project the apk size is 20mb!
I set shrinkResources true
and remove unused resources and generate app with proguard.
Is there a way to reduce the size of apk?
Android Studio has its own apk analyzer which is very useful for cases like yours.
Analyze your apk file and check which files are using this much space.
https://developer.android.com/studio/build/apk-analyzer.html
Also using ProGuard helps to reduce apk size.
Additionally, avoid using unnecessary libraries. For example,
if you need to use Google Analytics, import gradle only analytics library like this:
compile 'com.google.android.gms:play-services-analytics:10.2.4'
do not use like this:
compile 'com.google.android.gms:play-services:10.2.4'
second example uses too much space and redundant classes and files.
at your gradle, normally debug apk will be larger than release APK about 50%. If you care about the debug size, just do the same config like release on debug config
buildTypes {
release {
minifyEnabled true <-- minify your code
shrinkResources true <-- remove any unused resources
zipAlignEnabled true <-- optimization
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro' <-- enable proguard is important to shrink byte code
}
}
Second, if you are using google services dependencies, please use individual dependencies.. refer here In android studio 2.2 and above they have added apk analyser tool in Build menu. Use that to analyse APK.
Not only for google services, others library also. some library put android design or appcompat in their library. so you need to exclude those module (if you already have in your dependencies)
According to the "Resource Shrinking" webpage of Andriod documentations (here), you can minimize the app's size via the build.gradle file, by using these lines:
android {
...
buildTypes {
release {
minifyEnabled true
shrinkResources true
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
}
}
}
You can do following things
Remove non required libraries. even use required libraries (like map
or gcm individual instead of full play service library)
Use vector images instead of multiple png.
Use zipAlignEnabled command in build file
Check my blog Different ways to reduce apk size
Main Points are :
android.enableR8=true // enable New R8 Code Shrinker
minifyEnabled true && Add Proguard Rules
Examine Your APK Using Android Studio’s APK Analyzer
Enable Resource Shrinking
Convert Your PNGs, JPEGs, and BMPs Into WebP
Avoid enumerations and use #IntDef annotation
Use aaptOptions { cruncherEnabled = false } to compress images
Use Remove Unused Resources android studio built-in function to remove all the unused resources in the application
Use Code Cleanup android studio built-in function to remove
Note: Go enable it! (*just double and triple check everything works afterwards)
In my buildType I see this:
buildTypes {
release {
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
}
}
I have some questions:
Why there are two files?
What is the difference between them?
Where should I write my rules?
The getDefaultProguardFile('proguard-android.txt') method obtains
the default ProGuard settings from the Android SDK tools/proguard/
folder. The proguard-android-optimize.txt file is also available in
this Android SDK folder with the same rules but with optimizations
enabled. ProGuard optimizations perform analysis at the bytecode
level, inside and across methods to help make your app smaller and run
faster. Android Studio adds the proguard-rules.pro file at the root
of the module, so you can also easily add custom ProGuard rules
specific to the current module.
Please refer this: https://developer.android.com/studio/build/shrink-code
Meaning that you should add your custom proguard file into proguard-rules.pro,if you want to separate some rules to many files,you can do it and declare them after this:
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
The getDefaultProguardFile('proguard-android.txt') will retrieve the ProGuard settings that are stored in the Android SDK in tools/proguard
The proguard-rules.pro is a file that is located at the root of the module. The purpose is to allow you to add custom rules (ProGuard) that are specific to the module.
For more Information
I have an app that I migrated from Eclipse to Android-Studio. I want to make sure I'm using Proguard for my release version. I see in my build.gradle file this:
buildTypes {
release {
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.txt'
}
}
However, I don't have a proguard-android.txt or proguard-rules.txt in my project's folder. Is my code being obfuscated?
No, your code is not being obfuscated. You are not running proguard. minifyEnabled controls whether to run proguard, and you have it set to false, need to change that to true to turn on proguard. getDefaultProguardFile('proguard-android.txt') gets the default proguard rules from the SDK. See proguardFiles docs.
To check that your code is being obfuscated, you can look in your build/outputs/mapping/release directory. Those files should have modification times from during your build. Looking at the mapping.txt will give the obfuscation details (which names were mapped to what).
proguard-android.txt is system file .u need not to care.
'proguard-rules.txt is here . if u havent ,u can add a empty file. u can use ur custom name . But when minifyEnabled is true ,u need to add some line in it.