I've set up proguard according to this link: http://android-developers.blogspot.com/2010/09/proguard-android-and-licensing-server.html
When I build with Ant I get no errors or warnings, but I also don't get any verbose output telling me that ProGuard is doing anything. By other means I'm able to tell that the apk is not being obfuscated.
All of my code, with the exception of the Activity class is in a library (as source files). I've read that the activity class will not obfuscated, but I'm wondering if I have to set up something different in my build files to include the library files?
Did you remove the debug line from your manifest?
This is a very old link.
Assuming you've downloaded the ADT plugin and the SDK this year, Proguard is bundled in the build process.
All you have to do is add this to default.properties:
proguard.config=proguard.cfg
Note that the obfuscation will occur only when you export a final version and not on every build.
Related
I have a project that depends on some maven lib, after proguard I got the files under package com.xxx kept, but I didn't add the rule in my project proguard files, I must be imported from maven lib. I know there will be a merged proguard file during progurad processure. My question is there a way to hook the processure and prints the separated proguard rules, or how to find which lib imports the rule.
Thanks in advance.
Modify your proguard-project.txt to include
-printconfiguration "build/outputs/mapping/configuration.txt"
Trigger proguard run with ./gradlew assembleRelease and inspect the file. It doesn't always tell which aar or jar has contributed it though. Maybe create feature request for AGP to make behaviour consistent with aapt which prints where every line is coming from.
I am trying to obfuscate my simple HelloWorld project (that I just created) with ProGuard.
The configuration files are below.
[project.properties]
proguard.config=${sdk.dir}/tools/proguard/proguard-android.txt:proguard-project.txt
target=android-20
[proguard-project.txt]
Nothing valid. all the lines are commented.
Lastly, I created signed apk file through the menu, File - Export - Export Android Application,
with a new key.
To make sure that the apk is obfuscated properly, I unzip the apk and decompiled classes.dex to view the inner class files. but NOT obfuscated at all. all the function names in MainActivity.java are
still the same.
Anything I missed out?
Thank you.
Look at the "Enabling ProGuard" section at http://developer.android.com/tools/help/proguard.html to see exactly how ProGuard determines which configuration file(s) to use. Look carefully at the different ways to specify the file(s) for Eclipse builds vs. Android Studio (or Gradle) builds. The ProGuard configuration files delivered with the SDK are simple starting points (examples) that almost certainly will not do exactly what you want. You should copy them to an appropriate location and change them as needed for your particular needs.
I recently migrated a project from Eclipse/Ant to Android Studio/Gradle. I am able to successfully build a signed release version of the project with proguard enabled. However, while testing the release version, I'm getting crashes from certain library projects and jars (which work fine when building a debug version).
For example, when attempting to upload a file to Dropbox (a jar dependency), I get the following error:
java.lang.IncompatibleClassChangeError: interface not implemented
at com.dropbox.client2.session.AbstractSession.sign(SourceFile:238)
at com.dropbox.client2.DropboxAPI.putFileRequest(SourceFile:2199)
at com.dropbox.client2.DropboxAPI.putFileOverwriteRequest(SourceFile:1571)
at com.dropbox.client2.DropboxAPI.putFileOverwrite(SourceFile:1537)
Also, when attempting to sign into Box (a library project dependency), I get the following error:
java.lang.NoSuchMethodError: org.apache.http.conn.params.ConnManagerParams.setMaxTotalConnections
at com.box.restclientv2.BoxBasicRestClient.()
at com.box.boxjavalibv2.BoxRESTClient.()
at com.box.boxjavalibv2.BoxClient.createRestClient()
at com.box.boxjavalibv2.BoxClient.()
at com.box.boxandroidlibv2.BoxAndroidClient.(SourceFile:49)
at com.box.boxandroidlibv2.activities.OAuthActivity.startOAuth(SourceFile:71)
at com.box.boxandroidlibv2.activities.OAuthActivity.onCreate(SourceFile:52)
I have other jars and library projects that work just fine...
Again, there are no issues with either of these when building a gradle debug build (no proguard). I was also able to create a release build with proguard enabled using ant without any issues (able to sign into both Dropbox and Box).
Any ideas?
You appear to be including a version of the org.apache.http library. In principle, this library is already part of the Android runtime android.jar, so you shouldn't add it to your project. ProGuard is probably printing warnings about these duplicate classes.
In practice, it may be a newer version of the library, and some of your code may be using additional classes from this version. You then probably should leave the names of the classes, fields, and methods untouched, to avoid introducing (additional) conflicts:
-keep class org.apache.http.** { *; }
A build process may filter out the classes, or it may be adding the above line, but I don't think the default Android builds currently do either.
You need to -keep Proguard from removing or renaming all the class and method names that it can't determine are referenced from code that it doesn't processes, that are referenced via reflection (e.g. XML references), etc.
Keeping all apache classes may keep more than necessary (which is OK) but it may not be enough to fix all the Proguard issues.
It's good to ask why it worked from your ant build without this -keep. Maybe the ant build didn't actually call Proguard (ant is tricky), maybe it used a different Proguard data file, or maybe the relevant libraries changed in the meantime. You can debug that by listing hypotheses and testing them. E.g. if you put a malformed command in the Proguard data file then run the ant build, you can tell whether it actually runs Proguard or not.
After updating to ADT 20 I can no longer successfully export any of my Android projects. I get:
Proguard returned with error code 1. See console
In the console I get tons of the can't find referenced class warnings and occasionally the can't find superclass or interface warning. At the end of the warnings I get something like this:
You should check if you need to specify additional program jars.
Warning: there were 199 unresolved references to classes or interfaces.
You may need to specify additional library jars (using '-libraryjars').
java.io.IOException: Please correct the above warnings first.
at proguard.Initializer.execute(Initializer.java:321)
at proguard.ProGuard.initialize(ProGuard.java:211)
at proguard.ProGuard.execute(ProGuard.java:86)
at proguard.ProGuard.main(ProGuard.java:492)
Each time I attempt to build I get different numbers of warnings (it's not very consistent). Also, when I perform a clean before export, the export completes without producing any warnings, but the resulting APK crashes on launch often due to ClassNotFoundException.
My proguard-project.txt includes the necessary -keep class rules for the Android Support Library and ActionBarSherlock.
I had no problems building this project before ADT 20. I even tried building my last release (which obviously built fine when I released it), but I get the same proguard warnings and failed export.
I've tried adding -libraryjars and/or -dontwarn rules as many other SO questions suggest, but to no avail. It will sometimes build successfully, but the APK created crashes on launch.
Any suggestions?
There is a bug in AAPT where it will only process
<fragment android:name"..." />
but not
<fragment class="..." />
We'll fix AAPT but in the meantime you can use the other attribute and it'll work.
In ADT 20, we use a feature of aapt (see the -G flag) which can create a proguard file which contains keep rules for exactly the custom views used by your code.
The old proguard config files would keep all views. When you used a library project such as the compatibility library, where you might be using only a small subset of the available code, this could end up including a lot of stuff you don't need. By removing the generic keep rules, and adding a new keep file based on your application, your .apks would get smaller since a lot of unused stuff can be removed.
One area where this can go wrong is if you update to Tools 20 (so you have the new smaller proguard-android.txt file), and you continue to use ADT 18. Make sure to use ADT 20, since it will add in not just the proguard files specified in your project.properties setting, but the generated proguard file listing the keep files from aapt -G as well. I believe the ant build will also use the -G feature.
(Note - see http://code.google.com/p/android/issues/detail?id=35107 for any followups on this)
Reportedly, there are problems with a recent update of the Eclipse plugin in the ADT, which doesn't properly recompile all source code. In that case, ProGuard will print out warnings about your program classes (as opposed to the library classes). You should check if the export (and the resulting application) works without ProGuard. You should also check if the Ant build works ("ant release"). That could then be a workaround.
I have been working on one project which is too complex and contain very much space with so many images and Java files as well.
Somewhere I have read about the proguard which optimizes the code.
I have used it, but it's still does not have an effect on my final APK file.
It might be I have made a mistake somewhere. I have the following this like http://developer.android.com/guide/developing/tools/proguard.html.
How can I optimize my code?
You can add it to the default.properties. I've been adding manually without having a problem so far.
If you add the line:
proguard.config=proguard.cfg
As said it will only use ProGuard when exporting signed application (Android Tools => Export Signed Application)
If you start the project with the SDK before Android 2.3 the proguard.cfg file will not be created (next to default.properties as in 2.3>).
To enable automatic creation of it, just simply update to the SDK of Android 2.3 and create a new project with existing sources (which are the sources of the project you currently have).
Automagically the proguard.cfg fill will be created.
Without optimizations the compiler produces very dumb code - each command is compiled in a very straightforward manner, so that it does the intended thing.
The Debug builds have optimizations disabled by default, because without the optimizations the produced executable matches the source code in a straightforward manner.
Please refer this one
From documentation:
ProGuard is integrated into the Android build system, so you do not have to invoke it manually. ProGuard runs only when you build your application in release mode, so you do not have to deal with obfuscated code when you build your application in debug mode.