-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Detecting obfuscation #1823
Detecting obfuscation #1823
Conversation
Be sure to test with R8 2.x as they now have mechanism that automatically add rules to keep things accessed from reflection. |
Didn't know that. Thank you @Tolriq! |
I would like to check it but I'm not sure how. @Tolriq how can I use specific R8 version in Android app? Or maybe I should run R8 manually from command line? |
You can use AGP 4.0B5 or 4.1 alpha that embed recent R8 versions. You can force a version with
|
I checked with R8 2.0.73 and with |
Unfortunately those generated rules does not shows in the resulting configuration file :( https://issuetracker.google.com/issues/152811099 You can check the mapping file for the R8 version used to be sure that it's the proper one used. Then check APK dex to be sure of what it does, it's possible that the class is kept but the field is still renamed, I do not have more docs about all the things they do :( |
I checked the mapping and apk and everything seems to be properly renamed. But good to know that something like this exists or is considered as an upcoming feature. If it breaks at some point then we'll know where to look. Thank you @Tolriq 🙂 |
It is active in 2.X and used and already have side effects on moshi for example square/moshi#1115 (Large DEX size increase even more in R8 2.1 because of https://issuetracker.google.com/issues/154240541). I guess that in this case since the value is never used R8 just ignore the call and does not generate the rules, but yes it's important to know, hope they will document this more about when and how this works and what is automatically kept. |
Added a mechanism that allows to check if code is obfuscated. In such case LeakCanary will now return an error if proguard mapping file is missing.