Suppose i am developing an application using android api 16, my app will include android.jar. I would be importing few classes from the jar file.
I would enable proguard in release mode by configuring proguard. Does proguard remove unused classes in android.jar also?
Edit:
properties file for my project
android.library.reference.1=../actionbarsherlock
So does proguard remove unused classes from my library project included when packaging everything to .apk ?
Proguard does NOT remove anything from libraries. See the diagram and quote from the Proguard website.
ProGuard requires the library jars (or wars, ears, zips, or
directories) of the input jars to be specified. These are essentially
the libraries that you would need for compiling the code. ProGuard
uses them to reconstruct the class dependencies that are necessary for
proper processing. The library jars themselves always remain
unchanged. You should still put them in the class path of your final
application.
Android.jar would be referenced as a library jar (-libraryjars, see Proguard documentation) as opposed to an input jar. That means it would not be included in the output APK anyway. After all you don't want to redistribute the Android system libraries along with your app.
Related
A project I'm working on contains a lot of external dependencies on 3rd party libraries. While analyzing compiled apk I found out that a package within the app that is supposed to be obfuscated remains clean. When I dived deeper I figured out that merged ProGuard configuration contains a rule breaking obfuscation logic.
None of the project's ProGuard configurations contain this rule. So I assume that it was gotten from one of the dependencies and merged to final configuration.
I look through this question but it seems that the answer is no longer valid for Android Plugin for Gradle 3.0.1 that I'm using because build/intermediates/exploded-aar folder no longer contains any ProGuard configurations.
So I'm wondering:
Is there a way to find what library causes the problem?
Is it still possible to disable a rule from consumer proguard file?
I am using a third party .aar project and they have enabled the proguard in the aar project. And in my Application Project i am enabling Proguard as well and its giving me errors.
So, do i need their(.aar project) proguard rules to be included in my proguard config files or is there any other possibility?
I have read in blogs and posts that the best approach is to include the .aar project without proguard and then run the proguard on aar and application project as a whole.
If i run proguard on Application will it affect the imported library's(already proguarded) code ?
So, do i need their(.aar project) proguard rules to be included in my proguard config files or is there any other possibility?
Quoting the documentation:
You can enable code shrinking on your library by adding a ProGuard configuration file to your library that includes its ProGuard directives. The build tools embed this file within the generated AAR file for the library module. When you add the library to an app module, the library's ProGuard file gets appended to the ProGuard configuration file (proguard.txt) of the app module.
So, if the library module has consumerProguardFiles 'lib-proguard-rules.txt' in its defaultConfig (see the docs), in principle, those rules will get applied automatically.
I have read in blogs and posts that the best approach is to include the .aar project without proguard and then run the proguard on aar and application project as a whole.
AFAIK, that's the typical plan. So, the AAR is left alone, with ProGuard applied on the app.
If i run proguard on Application will it affect the imported library's(already proguarded) code ?
AFAIK, the library's code should not be run through ProGuard.
In android applications we include many library files such as google-play-services-lib and Facebook-SDK etc. But we never really use all features and classes from those libraries, so my question is when .apk file gets created does all those classes are included or the only classes we use are included in our application? If yes then is there a way we can get around that? ie can we remove or do something to avoid inclusion of all classes?
Thank You...
You should keep your Android application as small as possible. Therefore you should only include classes in the jars which you really need.
http://www.vogella.com/blog/2010/02/11/java-library-jar-android/
It is better to obfuscate your code using Proguard.
ProGuard is a Java class file shrinker, optimizer, obfuscator, and preverifier. The shrinking step detects and removes unused classes, fields, methods, and attributes. The optimization step analyzes and optimizes the bytecode of the methods
Obfuscation also secures your code to an extent.
To enable ProGuard in your project, edit project.properties
# Project target.
proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt
target=Google Inc.:Google APIs:16
android.library.reference.1=../actionbarsherlock
http://developer.android.com/tools/help/proguard.html
http://proguard.sourceforge.net/index.html#manual/introduction.html
I need to compile my application with additional libraries. The problem is that I do not want to include external libraries inside my application.
In Eclipse I have the option to toggle if I want a selected library/source to be exported with my application or not.
How could I modify ant script to simply skip the given libraries, and to not include them when building apk?
Also, any information regarding how adt plugin creates apk would be nice.
Use the libraryjars option in Proguard. It skips the jar from the output. Quoting the documentation.
Specifies the library jars (or wars, ears, zips, or directories) of the application to be processed. The files in these jars will not be included in the output jars.
The proguard android example can get you started on the config file. Proguard can also be invoked from ant.
I'm trying to setup proguard for my Android project. My application project has very little code in it, but references a library project which has the vast majority of the code and any other external jars. That being said, I'm not sure how to setup proguard to take this into account. Right now my proguard config file is just the Android example from the ProGuard site. I've been searching around, but haven't found a lot or any documentation on using proguard with library projects, just jars. I'm new to proguard, so any push in the right direction would be great. Thanks.
It makes sense to me to specify proguard settings for a library (like which library files shouldn't be obfuscated) in the library project. I've found that I also need to include proguard configurations from my library modules in my application. To do this, I added the following to the defaultConfig section in my library's build.gradle
apply plugin: 'com.android.library'
android {
defaultConfig {
consumerProguardFiles 'proguard-rules.pro'
}
}
and then configured the proguard-rules.pro file in my library module to keep the names of important serialized classes.
See also consumerProguardFiles gradle reference
Edit
As #BornToCode points out, a different answer (originally posted here) better explains how library projects are handled by Proguard. Additionally, this referenced question has more interest and more overall reputation than that linked in my original response. The quote:
Library projects by themselves don't run ProGuard, so they don't use
any configuration.
Application projects obfuscate the entire code base, including any
referenced libraries, so they need proper configuration for the
application code and for the library code.
Old Answer (not wrong, just probably not the best approach)
The library projects is more of a convenient way of linking a project to its jar in Eclipse. When you build the project, the only component of the library project that is visible to your compiler is the jar file.
If you want to obfuscate that jar, check out this post:
How to obfuscate an Android library (.jar file) using Proguard in Eclipse