What ProGuard configuration do I need for Firebase on Android?

2021 answer

Use @Keep annotation before your data classes so they're retained by proguard. It's a part of AndroidX for both Java and Kotlin. Works for Firebase, Jetpack Navigator and Retrofit.

@Keep
data class Listing(
    val id: String = "",
    val name: String = ""
)

According to documentation:

Denotes that the annotated element should not be removed when the code is minified at build time. This is typically used on methods and classes that are accessed only via reflection so a compiler may think that the code is unused.


Based on my personal tests, it turned out something along these lines is necessary for Firebase-enhanced Android apps to compile with ProGuard.

In any case, you have to add -keepnames class com.my.package.beans.** { *; } if you are using custom objects in your Firebase, i.e. beans or POJOs.

Firebase SDK 1.0.18:

-keepnames class com.firebase.** { *; }
-keepnames class com.shaded.fasterxml.jackson.** { *; }
-keepnames class org.shaded.apache.** { *; }
-keepnames class javax.servlet.** { *; }
-dontwarn org.w3c.dom.**
-dontwarn org.joda.time.**
-dontwarn org.shaded.apache.commons.logging.impl.**

Firebase SDK 1.1.1:

-keep class com.firebase.** { *; }
-keep class org.shaded.apache.** { *; }
-keepnames class com.shaded.fasterxml.jackson.** { *; }
-keepnames class javax.servlet.** { *; }
-keepnames class org.ietf.jgss.** { *; }
-dontwarn org.w3c.dom.**
-dontwarn org.joda.time.**
-dontwarn org.shaded.apache.**
-dontwarn org.ietf.jgss.**

Firebase SDK 2.0.0:

-keep class com.firebase.** { *; }
-keep class org.apache.** { *; }
-keepnames class com.fasterxml.jackson.** { *; }
-keepnames class javax.servlet.** { *; }
-keepnames class org.ietf.jgss.** { *; }
-dontwarn org.w3c.dom.**
-dontwarn org.joda.time.**
-dontwarn org.shaded.apache.**
-dontwarn org.ietf.jgss.**

# Only necessary if you downloaded the SDK jar directly instead of from maven.
-keep class com.shaded.fasterxml.jackson.** { *; }

Last resort:

-keep class !com.my.package.** { *; }

Notes:

Any official guideline would be welcome. The -dontwarn directives are obviously dangerous, code may break at points that I have not tested. Furthermore, the above rules are quite permissive and other rules may better optimize your APKs.


I found this in Firebase documentations:

When using Firebase Realtime Database in your app along with ProGuard you need to consider how your model objects will be serialized and deserialized after obfuscation. If you use DataSnapshot.getValue(Class) or DatabaseReference.setValue(Object) to read and write data you will need to add rules to the proguard-rules.pro file:

# Add this global rule    
-keepattributes Signature

# This rule will properly ProGuard all the model classes in 
# the package com.yourcompany.models. Modify to fit the structure
# of your app.
-keepclassmembers class com.yourcompany.models.** {
*;
}

Tags:

Android

Proguard

Firebase

Recent Posts