ProGuard for Android and GSON

In my case, I just used GSON for deserializing JSON to an Object. So it was enough to add the following line to proguard file.

-keep class your.data.object.modals.package.** { <fields>; }

The previous answer stopped working for me recently probably due to some changes in Android (R8 is used now instead of Proguard). The configuration I use now is as follows (source - GSON examples):

##---------------Begin: proguard configuration for Gson  ----------
# Gson uses generic type information stored in a class file when working with fields. Proguard
# removes such information by default, so configure it to keep all of it.
-keepattributes Signature

# For using GSON @Expose annotation
-keepattributes *Annotation*

# Gson specific classes
-dontwarn sun.misc.**
#-keep class com.google.gson.stream.** { *; }

# Application classes that will be serialized/deserialized over Gson
-keep class com.google.gson.examples.android.model.** { <fields>; }

# Prevent proguard from stripping interface information from TypeAdapter, TypeAdapterFactory,
# JsonSerializer, JsonDeserializer instances (so they can be used in @JsonAdapter)
-keep class * implements com.google.gson.TypeAdapter
-keep class * implements com.google.gson.TypeAdapterFactory
-keep class * implements com.google.gson.JsonSerializer
-keep class * implements com.google.gson.JsonDeserializer

# Prevent R8 from leaving Data object members always null
-keepclassmembers,allowobfuscation class * {
  @com.google.gson.annotations.SerializedName <fields>;
}

##---------------End: proguard configuration for Gson  ----------

I found out that classes whose fields are annotated by @SerializedName do not have to be explicitly listed unless they are inner classes.

I think most of those settings you have there are already included in the Android SDK by default.

So you can remove most of them, just leaving in the section devoted to GSON.

I am developing in Eclipse using Android SDK Tools 22.6.3 & whatever version of ProGuard ships with that.

Here's what I'm using for GSON 2.2.4 (as per their example):

##---------------Begin: proguard configuration for Gson  ----------
# Gson uses generic type information stored in a class file when working with fields. Proguard
# removes such information by default, so configure it to keep all of it.
-keepattributes Signature

# Gson specific classes
-keep class sun.misc.Unsafe { *; }
#-keep class com.google.gson.stream.** { *; }

# Application classes that will be serialized/deserialized over Gson
# -keep class mypersonalclass.data.model.** { *; }

It looks exactly the same as what you have, except I don't need the line about the annotations.

You can see I've commented out some classes that I added myself. If you serialize/deserialize your own classes, you need to declare them here in place of the reference to mypersonalclass.data.model. This is really important, as you don't want ProGuard to obfuscate the field or class names that GSON uses for serialization.

I always leave those types of comments in there, so I know how to configure the next library or app.

ProGuard for Android and GSON

Tags:

Java

Configuration

Android

Gson

Proguard

Related

Recent Posts