MyActivity :. Preverification is irrelevant for the dex compiler and the Dalvik VM, so we can switch it off with the -dontpreverify option. The -optimizations option disables some arithmetic simplifications that Dalvik 1.
Note that the Dalvik VM also can't handle aggressive overloading of static fields. If applicable, you should add options for processing native methods , callback methods , enumerations , annotations , and resource files.
You only need to enable ProGuard by uncommenting the line " proguard. You then don't need any of the configuration below. If you're constructing a build process from scratch : these options shrink, optimize, and obfuscate all public activities, services, broadcast receivers, and content providers from the compiled classes and external libraries:. Most importantly, we're keeping all fundamental classes that may be referenced by the AndroidManifest.
If your manifest file contains other classes and methods, you may have to specify those as well. We're keeping annotations, since they might be used by custom RemoteViews and by various frameworks. We're keeping any custom View extensions and other classes with typical constructors, since they might be referenced from XML layout files. We're also keeping possible onClick handlers in custom Context extensions, since they might be referenced from XML layout files. We're also keeping the required static fields in Parcelable implementations, since they are accessed by introspection.
We're keeping the static fields of referenced inner classes of auto-generated R classes, just in case your code is accessing those fields by introspection. Note that the compiler already inlines primitive fields, so ProGuard can generally remove all these classes entirely anyway because the classes are not referenced and therefore not required. Finally, we're keeping annotated Javascript interface methods, so they can be exported and accessed by their original names.
Javascript interface methods that are not annotated in code targeted at Android versions older than 4. If you're using Google's optional License Verification Library, you can obfuscate its code along with your own code.
You do have to preserve its ILicensingService interface for the library to work:. If you're using the Android Compatibility library, you should add the following line, to let ProGuard know it's ok that the library references some classes that are not available in all versions of the API:.
If applicable, you should add options for processing native methods , callback methods , enumerations , and resource files. You may also want to add options for producing useful stack traces and to remove logging.
These options shrink, optimize, and obfuscate an entire library, keeping all public and protected classes and class members, native method names, and serialization code. The processed version of the library can then still be used as such, for developing code based on its public API. This configuration should preserve everything a developers ever wants to access in the library.
Only if there are any other non-public classes or methods that are invoked dynamically, they should be specified using additional -keep options. The "Exceptions" attribute has to be preserved, so the compiler knows which exceptions methods may throw. The "InnerClasses" attribute or more precisely, its source name part has to be preserved too, for any inner classes that can be referenced from outside the library.
The javac compiler would be unable to find the inner classes otherwise. The "PermittedSubclasses" attribute defines sealed classes, which developers can't extend further.
The "Deprecated" attribute marks any deprecated classes, fields, or methods, which may be useful for developers to know. The -keepparameternames option keeps the parameter names in the "LocalVariableTable" and "LocalVariableTypeTable" attributes of public library methods. Some IDEs can present these names to the developers who use the library.
Finally, we're keeping the "Deprecated" attribute and the attributes for producing useful stack traces. We've also added some options for for processing native methods , enumerations , serializable classes , and annotations , which are all discussed in their respective examples. Note the use of -keepclasseswithmembers. We don't want to preserve all classes, just all classes that have main methods, and those methods. The -printseeds option prints out which classes exactly will be preserved, so we know for sure we're getting what we want.
Again, the -printseeds option prints out which applets exactly will be preserved. These options shrink, optimize, obfuscate, and preverify all public midlets in in. The -printseeds option prints out which midlets exactly will be preserved. These options shrink, optimize, and obfuscate all public Java Card applets in in. The -printseeds option prints out which applets exactly will be preserved.
The -printseeds option prints out which xlets exactly will be preserved. Keeping all servlets is very similar to keeping all applets. The servlet API is not part of the standard run-time jar, so we're specifying it as a library.
Don't forget to use the right path name. We're then keeping all classes that implement the Servlet interface. We're using the implements keyword because it looks more familiar in this context, but it is equivalent to extends , as far as ProGuard is concerned.
The -printseeds option prints out which servlets exactly will be preserved. These options shrink, optimize, and obfuscate all public Scala applications in in. The configuration is essentially the same as for processing applications , because Scala is compiled to ordinary Java bytecode. However, the example processes the Scala runtime library as well.
The processed jar can be an order of magnitude smaller and a few times faster than the original code for the Scala code examples, for instance. The -dontwarn option tells ProGuard not to complain about some artefacts in the Scala runtime, the way it is compiled by the scalac compiler at least in Scala 2.
Note that this option should always be used with care. The additional -keep options make sure that some classes and some fields that are accessed by means of introspection are not removed or renamed. If your application, applet, servlet, library, etc. The following additional option will ensure that:. Note the use of -keepclasseswithmembernames.
We don't want to preserve all classes or all native methods; we just want to keep the relevant names from being obfuscated. The modifier includedescriptorclasses additionally makes sure that the return types and parameter types aren't renamed either, so the entire signatures remain compatible with the native libraries. ProGuard doesn't look at your native code, so it won't automatically preserve the classes or class members that are invoked by the native code.
These are entry points, which you'll have to specify explicitly. Callback methods are discussed below as a typical example. They are just entry points to your code, much like, say, the main method of an application.
If they aren't preserved by other -keep options, something like the following option will keep the callback class and method:. Enumerations were introduced in Java 5. The java compiler translates enumerations into classes with a special structure. Notably, the classes contain implementations of some static methods that the run-time environment accesses by introspection Isn't that just grand?
Introspection is the self-modifying code of a new generation. Proguard is integrated into the Android build system. Proguard runs only when you build your application in release mode.
Having Proguard run is completely optional, but highly recommended. Set the minifyEnabled property to true to enable Proguard. Potential misconfiguration causes the app to get crash.
Additional testing is required 3. Stacktraces are difficult to read with obfuscated method names. Need help? Latest Updates. It is important to include this file since it explicitly includes configuration settings such as explicitly stating that all View getter and setter methods should not be removed.
The proguard-rules. Proguard can add a few minutes to your build cycle. If you can avoid using ProGuard in development, you should try to do so. Once you begin to include enough libraries that causes the 64K method limit to be reached, you either need to remove extraneous dependencies or need to consider following the instructions for supporting a higher limit by using the multidex mode.
Multidex compilation also takes additional time and requires extra work to support pre-Lollipop Android versions, so the recommendation is often to use ProGuard before using Multidex. Click on the respective APK file and you can see a breakdown of the methods by package.
For instance, to ensure that no code optimizations or obfuscation is done, the following options should be declared in your ProGuard config:.
An alternative is to request only to remove unwanted code shrink but not obfuscate. Details here. Before you start adding any ProGuard rules, you should also check whether any of the libraries you use already come packaged with a consumer-proguard-rules.
Active Oldest Votes. The main thing you need to check is that you have the line proguard. Malcolm Malcolm Thank you for your explanation, but I don't have project. I only have local. I didn't use the Android Studio myself, though, so this is just a guess. Youngjae Youngjae Wow, never thought about user security in regards to proguard.
Definitly one more reason to use it. Having ProGuard run is completely optional, but highly recommended. Laser Laser 6, 5 5 gold badges 49 49 silver badges 77 77 bronze badges. It says "When you create an Android project, a proguard. Sign up or log in Sign up using Google. Sign up using Facebook.
0コメント