Proguard

最近開始做新項目萝快，需要做代碼混淆乓梨。就直接從之前的項目中將proguard-rules.pro文件拷貝過來烘挫，然后在gradle中配置：

buildTypes {
    release {
        minifyEnabled true
        zipAlignEnabled true
        proguardFiles getDefaultProguardFile('proguard-android.txt'), "$rootDir/config/proguard-rules.pro"
    }
}

存在的不足

像我這種情況挣棕，新啟動的一個項目宁玫，需要Proguard。但是如果寫在一個文件中薇正，而且沒有任何注釋，如果還沒有寫在一塊囚衔，拷貝過來還是需要一個個去檢查是否需要挖腰，去掉了某個庫的混淆，增加了某些庫的混淆练湿。

比如我之前用的是Retrofit1猴仑，在proguard-rules.pro配置：

# Retrofit 1.X

-keep class com.squareup.okhttp.** { *; }
-keep class retrofit.** { *; }
-keep interface com.squareup.okhttp.** { *; }

-dontwarn com.squareup.okhttp.**
-dontwarn okio.**
-dontwarn retrofit.**
-dontwarn rx.**

-keepclasseswithmembers class * {
    @retrofit.http.* <methods>;
}

# If in your rest service interface you use methods with Callback argument.
-keepattributes Exceptions

# If your rest service methods throw custom exceptions, because you've defined an ErrorHandler.
-keepattributes Signature

# Also you must note that if you are using GSON for conversion from JSON to POJO representation, you must ignore those POJO classes from being obfuscated.
# Here include the POJO's that have you have created for mapping JSON response to POJO for example.

現(xiàn)在我升級到retrofit2，由于retrofit2庫做了修改肥哎，Proguard規(guī)則也需要更新為：

# Retrofit 2.X
## https://square.github.io/retrofit/ ##

-dontwarn retrofit2.**
-keep class retrofit2.** { *; }
-keepattributes Signature
-keepattributes Exceptions

-keepclasseswithmembers class * {
    @retrofit2.http.* <methods>;
}

如果存在多個這樣的庫辽俗，那是不是很增加工作量。下面我們換一種姿勢來看篡诽。

換一種姿勢

參考庫android-proguard-snippets 在項目的根目錄建立config/proguard-pro/目錄崖飘，將所有第三方的庫和一些通用的配置全部配置在里面：

• 基本不用動的規(guī)則

  proguard-normal.pro

  ## Proguard normal ##
  
  # ============================== 基本不用動區(qū)域 ==============================
  
  # ------------------------------- 基本指令區(qū) -------------------------------
  
  # 代碼混淆的壓縮比例(0-7) , 默認(rèn)為5 , 一般不需要改
  -optimizationpasses 5
  
  # 混淆后類名都小寫 (windows最后加上 , 因為windows大小寫敏感)
  -dontusemixedcaseclassnames
  
  # 指定不去忽略非公共的庫的類(即混淆第三方, 第三方庫可能自己混淆了 , 可在后面配置某些第三方庫不混淆)
  # 默認(rèn)跳過，有些情況下編寫的代碼與類庫中的類在同一個包下杈女，并且持有包中內(nèi)容的引用朱浴，此時就需要加入此條聲明
  -dontskipnonpubliclibraryclasses
  
  # 指定不去忽略非公共的庫的類的成員
  -dontskipnonpubliclibraryclassmembers
  
  # 不做預(yù)檢驗，preverify是proguard的四個步驟之一
  # Android不需要preverify达椰，去掉這一步可以加快混淆速度
  -dontpreverify
  
  # 有了verbose這句話翰蠢，混淆后就會生成映射文件
  # 包含有類名->混淆后類名的映射關(guān)系
  # 然后使用printmapping指定映射文件的名稱
  -verbose
  -printmapping proguardMapping.txt
  
  # 指定混淆時采用的算法，后面的參數(shù)是一個過濾器
  # 這個過濾器是谷歌推薦的算法啰劲，一般不改變
  -optimizations !code/simplification/cast,!field/*,!class/merging/*
  
  # 保護(hù)代碼中的Annotation不被混淆
  # 這在JSON實體映射時非常重要梁沧，比如fastJson
  -keepattributes *Annotation*,InnerClasses
  
  -keep public class com.google.vending.licensing.ILicensingService
  -keep public class com.android.vending.licensing.ILicensingService
  
  # 避免混淆泛型
  # 這在JSON實體映射時非常重要，比如fastJson
  -keepattributes Signature
  
  #拋出異常時保留源文件和代碼行號
  -keepattributes SourceFile,LineNumberTable
  # ------------------------------- 基本指令區(qū) -------------------------------
  
  # ------------------------------- 默認(rèn)保留區(qū) -------------------------------
  
  # 保留四大組件
  -keep public class * extends android.app.Activity
  # 保留就保證layout中定義的onClick方法不影響
  # We want to keep methods in Activity that could be used in the XML attribute onClick
  -keepclassmembers class * extends android.app.Activity{
      public void *(android.view.View);
  }
  -keep public class * extends android.app.Service
  -keep public class * extends android.content.BroadcastReceiver
  -keep public class * extends android.content.ContentProvider
  -keep public class * extends android.app.Application
  
  -keep public class * extends android.app.backup.BackupAgentHelper
  -keep public class * extends android.preference.Preference
  
  # For native methods, see http://proguard.sourceforge.net/manual/examples.html#native
  # 保留類名和native成員方法
  -keepclasseswithmembernames class * {
      native <methods>;
  }
  
  # 枚舉類不能被混淆
  # # For enumeration classes, see http://proguard.sourceforge.net/manual/examples.html#enumerations
  -keepclassmembers enum * {
      public static **[] values();
      public static ** valueOf(java.lang.String);
  }
  
  # 保留自定義控件(繼承自View)的setter蝇裤、getter和構(gòu)造方法
  # keep setters in Views so that animations can still work.
  # see http://proguard.sourceforge.net/manual/examples.html#beans
  -keep public class * extends android.view.View{
      public <init>(android.content.Context);
      public <init>(android.content.Context, android.util.AttributeSet);
      public <init>(android.content.Context, android.util.AttributeSet, int);
      *** get*();
      void set*(***);
  }
  
  # 保留Parcelable序列化的類不能被混淆
  #-keep class * implements android.os.Parcelable {
  #  public static final android.os.Parcelable$Creator *;
  #}
  # 官方
  -keepclassmembers class * implements android.os.Parcelable {
    public static final android.os.Parcelable$Creator CREATOR;
  }
  
  # 所有實現(xiàn)了 Serializable 接口的類及其成員都不進(jìn)行混淆
  -keepnames class * implements java.io.Serializable
  -keepclassmembers class * implements java.io.Serializable {
      static final long serialVersionUID;
      private static final java.io.ObjectStreamField[] serialPersistentFields;
      !static !transient <fields>;
      private void writeObject(java.io.ObjectOutputStream);
      private void readObject(java.io.ObjectInputStream);
      java.lang.Object writeReplace();
      java.lang.Object readResolve();
  }
  
  # 對R文件下的所有類及其方法 , 都不能被混淆
  #-keep class **.R$* {
  # *;
  #}
  # 官方
  -keepclassmembers class **.R$* {
      public static <fields>;
  }
  
  # The support library contains references to newer platform versions.
  # Don't warn about those in case this app is linking against an older
  # platform version.  We know about them, and they are safe.
  -dontwarn android.support.**
  
  # Understand the @Keep support annotation.
  -keep class android.support.annotation.Keep
  
  -keep @android.support.annotation.Keep class * {*;}
  
  -keepclasseswithmembers class * {
      @android.support.annotation.Keep <methods>;
  }
  
  -keepclasseswithmembers class * {
      @android.support.annotation.Keep <fields>;
  }
  
  -keepclasseswithmembers class * {
      @android.support.annotation.Keep <init>(...);
  }
  
  # ------------------------------- 默認(rèn)保留區(qū) end-------------------------------
  
  #------------------------------- 以上內(nèi)容基本是SDK目錄下的proguard-android-optimize.txt內(nèi)容 ------------------------------- #
  
  # ------------------------------- webview相關(guān) -------------------------------
  
  -dontwarn android.webkit**
  
  # WebView(可選)
  -keepclassmembers class * extends android.webkit.WebView {
     public *;
  }
  
  # WebView的復(fù)雜操作
  -keepclassmembers class * extends android.webkit.WebViewClient {
       public void *(android.webkit.WebView,java.lang.String,android.graphics.Bitmap);
       public boolean *(android.webkit.WebView,java.lang.String);
  }
  -keepclassmembers class * extends android.webkit.WebChromeClient {
       public void *(android.webkit.WebView,java.lang.String);
  }
  
  # 與JS交互
  -keepattributes SetJavaScriptEnabled
  -keepattributes JavascriptInterface
  
  # 保留與JS交互接口 , API17+
  -keepclassmembers class * {
      @android.webkit.JavascriptInterface <methods>;
  }
  
  # ------------------------------- webview相關(guān) end -------------------------------
  
  -dontwarn org.apache.**
  
  # ============================== 基本不動區(qū)域 end ==============================
  

  ?

• okhttp3

  proguard-square-okhttp3.pro

  # OkHttp3 specific rules #
  
  -keepattributes Signature
  -keepattributes *Annotation*
  -keep class okhttp3.** { *; }
  -keep interface okhttp3.** { *; }
  -dontwarn okhttp3.**
  

• eventbus3

  proguard-eventbus-3.pro

  ## EventBus3  specific rules ##
  # http://greenrobot.org/eventbus/documentation/proguard/
  
  -keepattributes *Annotation*
  -keepclassmembers class ** {
      @org.greenrobot.eventbus.Subscribe <methods>;
  }
  -keep enum org.greenrobot.eventbus.ThreadMode { *; }
  
  # Only required if you use AsyncExecutor
  -keepclassmembers class * extends org.greenrobot.eventbus.util.ThrowableFailureEvent {
      <init>(java.lang.Throwable);
  }
  

  ?

最后在proguard-rules.pro將他們?nèi)繉?dǎo)入進(jìn)來：

-basedirectory proguard-pro

-include proguard-normal.pro

-include proguard-google.pro
-include proguard-google-gson2.pro
-include proguard-google-protobuf.pro
-include proguard-google-volley.pro

-include proguard-eventbus-3.pro

-include proguard-facebook-stetho.pro

-include proguard-glide.pro

-include proguard-leakcanary.pro

-include proguard-jpush.pro

-include proguard-qiniu.pro

-include proguard-tencent-bugly.pro

-include proguard-umeng.pro

-include proguard-baidu-map.pro

如果后面替換了某個庫廷支，或者增加了某個庫频鉴，直接在這個文件注釋或者增加一條-include就行了。

在build.gradle中配置：

buildTypes {
    release {
        minifyEnabled true
        zipAlignEnabled true
        proguardFiles getDefaultProguardFile('proguard-android.txt'), "$rootDir/config/proguard-rules.pro"
    }
}

當(dāng)然也可以采用這種方式酥泞，但這種會導(dǎo)致build.gradle文件龐大：

android {
  buildTypes {
    release {
      minifyEnabled true
      // Library specific proguard files
      proguardFile 'proguard-google-play-services.pro'
      proguardFile 'proguard-gson.pro'
      ...
      // Default proguard files & project app specific rules,
      //  see examples folder for more information
      proguardFile 'proguard-project-app.pro'
      proguardFile getDefaultProguardFile('proguard-android.txt')
      // As of Gradle Android plugin 1.1.0, the test APK has a separate config
      testProguardFile 'proguard-project-test.pro'
    }
  }
}

完整見源碼

blog