AppSweep not collecting mapping.txt files for non Dexguarded builds

Hello! :wave:

This is my very first question on Guardsquare community, excited to be here!

I recently learned about AppSweep during a research I’ve been working regarding CI-ready Security Inspectors capable of black-box Security testing. So, I’d like to congratulate you all on AppSweep, looks like a really nice product in this landscape :100:

I have a question about Proguard mapping files. Unless I’m missing something, it looks like they are not being collected for non-Dexguarded projects.

I’ve done this test by myself on top of one of my open-source projects and also confirmed that by checking the source code of the Gradle plugin as well.

I’d love to learn if this is a current limitation of the product (hence intended behavior) or eventually a bug in the Gradle plugin. If a bug, I’d be happy report it on Github and/or raise a PR fixing it. :grinning_face_with_smiling_eyes:

Best regards!

4 Likes

Dear @ubiratan.soares,

Welcome to our Community, and thanks a lot for taking the time to write here!

We are indeed currently only uploading the mapping file from Dexguard, but it makes a lot of sense to extend this also to non-Dexguarded projects that use the same mapping file format (e.g., Proguard). I would not call it a bug, just a missing feature :wink:.

If you want to create a PR for it, that would be amazing!

Best regards,
Dennis

2 Likes

Done here

1 Like

Thank you @ubiratan.soares, that was quick! I will comment the PR directly.

Unfortunately, this is not as easy as we initially hoped.

@ubiratan.soares we will work on this at the beginning of September. I can ping you, once it is available.

Best regards,
Dennis