Is Proguard.Cfg Needed for Library Projects

Is proguard.cfg needed for library projects?

Library projects by themselves don't run ProGuard, so they don't use any configuration.

Application projects obfuscate the entire code base, including any referenced libraries, so they need proper configuration for the application code and for the library code.

What happens if proguard.cfg is present for imported projects but not for main project?

Typically, the main application is obfuscated together with all of its libraries, at the end of the main build process. For that purpose, ProGuard should be enabled in this main build processs. With Ant and Eclipse, you can enable it in project.properties. With Gradle, you can enable it in build.gradle. In recent versions of the Android SDK, any configuration goes in proguard-project.txt.

Setting up ProGuard with Android Library Projects

Edit

As @BornToCode points out, a different answer (originally posted here) better explains how library projects are handled by Proguard. Additionally, this referenced question has more interest and more overall reputation than that linked in my original response. The quote:

Library projects by themselves don't run ProGuard, so they don't use
any configuration.

Application projects obfuscate the entire code base, including any
referenced libraries, so they need proper configuration for the
application code and for the library code.

Old Answer (not wrong, just probably not the best approach)

The library projects is more of a convenient way of linking a project to its jar in Eclipse. When you build the project, the only component of the library project that is visible to your compiler is the jar file.

If you want to obfuscate that jar, check out this post:

How to obfuscate an Android library (.jar file) using Proguard in Eclipse

Proguard ignores config file of library

You typically should not enable ProGuard in the library project. ProGuard processes the application and the library together in the application project, which is the most effective approach.

In the library project, you can specify any library-specific ProGuard configuration in build.gradle, e.g.:

defaultConfig {
    consumerProguardFiles 'proguard-rules.txt'
}

This file is then packaged in the library aar as proguard.txt and automatically applied in the application project.

If you do enable ProGuard in a library project (maybe because you want to distribute the library), then you also have to add the proper configuration for processing the library. The Android Gradle build doesn't seem to do this automatically. You can:

  1. Copy android-sdk/tools/proguard/examples/library.pro to proguard-project.txt in your library project.
  2. Remove the sample input/output lines -injars, -outjars, -libraryjars, -printmapping from the file. The Gradle build process automatically provides these options.
  3. Reference the configuration from the build.gradle of the library project.

Enabling/disabling ProGuard independently for the library project and for the application project works fine for me.

proguard.cfg not working in exported application using LIBRARY

You did add proguard.config=proguard.cfg to build.properties in your application project? You should see ProGuard's console messages and output files. The optimization pass should at least mention some "Number of removed instructions".

The application classes and the library classes are all compiled to bin/classes. They are then treated exactly the same: they are combined into bin/original.jar and obfuscated to bin/obfuscated.jar, using proguard.cfg. Adding more classes can't really have an effect on removing the logging code.

Obfuscating Android Library Project source code with ProGuard

You can obfuscate your library, but you need to add all your public API as exceptions so Proguard won't touch it. It's a lot of work. Be prepared to test a lot.

Also, if you obfuscate your library, you'll usually want to either obfuscate its dependencies too, or add those dependencies to exceptions. In the former case, your customers won't be able to upgrade the dependencies without upgrading the entire library, in the latter the entire obfuscation will be weaker.

Of course even after you add everything, you may stumble on more problematic issues.


Related Topics

App Completely Restarting When Launched by Icon Press in Launcher

How to Get Bitmap from a Url in Android

Xiaomi Does Not Receive Notification When Application Is Not Running

Android Picasso Library, How to Add Authentication Headers

Pick a Number and Name from Contacts List in Android App

Android Studio 2.0 - Pause/White Screen on App First Run

Android: Rotate Image Without Loading It to Memory

How to Wrap Lengthy Text in a Spinner

Read Command Output Inside Su Process

How How to Do Ussd Requests on Android

Android Studio Build Fails with "Task '' Not Found in Root Project 'Myproject'."

Android Gradle Build Error:(9, 0) Gradle Dsl Method Not Found: 'Compile()'

Httpdelete with Body

Android Take Screenshot via Code

Android Crash When App Is Closed and Reopened

Cannot Find Symbol Databindingcomponent on Android Studio 3.2 Canary 16 Kotlin Project

How to Use Device Default Theme for App

Adt Doesn't Create Default Hello World But Command Line Does


Leave a reply



Submit