Using tools like dex2jar and jdgui2, itβs very easy to check the contents of the APK.
We are trying to use Proguard in our Cordova project to βprotectβ several classes that contain information that we want to keep secret (mainly keys to decrypt some content that we are trying to protect for our client).
We cannot understand. The application will work, or it is not confused.
We added to our build.gradle:
buildTypes { release { signingConfig signingConfigs.release minifyEnabled true proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro' } }
Our proguard.pro contains:
-keep class !com.smartmobilesoftware.** ( *; }
smartmobilesoftware is the inAppPurchases plugin.
In this package, we have modified several classes that work fine without proguard.
I found that the following Proguard support is missing: https://issues.apache.org/jira/browse/CB-9269
Here, Joe Bowser states the following: βWell, you should not use ProGuard with Cordova, or at least there is no good reason to use it, since you cannot use it with minifyEnabled, which is what ProGuard does since Cordoba uses Reflection everywhere, this is a good way to explode Cordoba without the proguard-rules.pro file. "
We tried to avoid this problem by indicating to proguard that ALL classes should be left unchanged, except those contained in com.smartmobilesoftware (-keep class! Com.smartmobilesoftware. ** (*;})
I'm not sure if this is a problem with our code (but the code works fine without proguard), the plugin or proguard itself.
We do not see any significant errors.
We released applications previously created with Cordova 2.2.0 that used ANT and proguard and another plugin that worked great. So we wonder if Corwood has changed in relation to the prologue.
Can anyone shed some light on this issue?