I’m unable to find any tutorials / guidelines / examples of using Proguard for server-side development. Theoretically, it should be simpler, but I’m surprised no one uses Proguard for server-side code.
Hi @dlazerka,
It may need to be translated for you but this blog is interesting in regards to the desktop/servier-side use of ProGuard: Optimisation de jar avec Proguard · j’ai acheté un PC...
As for other tutorials or guidelines, I think this is a great question and our team will look into it!
1 Like
I translated the tutorial page you mentioned but I am still as clear as mud. He talked about all kinds of options, but what’s the command to run?
I have a standalone .jar file <mypack.jar>, which has everything (all java classes, external libs, data files) needed to run. My sole goal is to obfuscate it. Shrinking would be nice but not necessary. It has nothing to do with Android or whatsoever. I am expecting something like:
-
change a configuration file to plugin <mypack.jar> so that proguard needs to know which jar file to work with, and then run “proguard myconfig.xml” to do the obfuscation. Or
-
just run “proguard mypack.jar mypack_obf.jar”
I guess the fundamental questions none of the online tutorials I found has been clear about 1) how to run proguard? 2) how to obfuscate.
Could you please shed some light?
Your help would be highly appreciated!
Thanks so much!
Dear @mocksu,
Thanks for reaching out.
When you build ProGuard the jars will be placed in the lib folder. You can run them with java -jar lib/proguard.jar @myconfig.pro .
The are also scripts in the bin folder to run ProGuard:
bin/proguard.sh @myconfig.pro
You can find more information in the manual, starting with the quick start guide ProGuard Manual: Quickstart | Guardsquare
Note also that if you just want to obfuscate an application you can download ProGuard already built Releases · Guardsquare/proguard · GitHub
To answer your second question " how to obfuscate":
By default, ProGuard will perform the following steps on your input file:
ProGuard is an open-sourced Java class file shrinker, optimizer, obfuscator, and preverifier. As a result, ProGuard processed applications and libraries are smaller, faster, and somewhat hardened against reverse engineering.
- The shrinking step detects and removes unused classes, fields, methods, and attributes.
- The optimizer step optimizes bytecode and removes unused instructions.
- The obfuscation step renames the remaining classes, fields, and methods using short meaningless names.
- The final preverification step adds preverification information to the classes, which is required for Java Micro Edition and for Java 6 and higher.
However, it is needed to add some configuration to ensure ProGuard is successfully processing your jar file. You can start by adding the following lines to your configuration file (myconfig.pro
):
-injars path/to/my-application.jar \
-outjars path/to/obfuscated-application.jar \
-libraryjars path/to/java/home/lib/rt.jar
On top of that, you might want to take a look at this manual page to understand what configuration options you can add: https://www.guardsquare.com/manual/configuration/usage
Kind regards,
Ewout
1 Like