[Android SDK 16.2.4] Update R8 rules and/or dependencies
complete
D
David LEVACHE
Hello, adding Shakebugs in an application causes some errors during the obfuscation part.
A similar task regarding this matter has already been treated last year (https://feedback.shakebugs.com/bugs/p/android-r8-full-mode-rules), but it does not seem to be sufficient.
These are the classes for which there are some missing rules:
org.bouncycastle.jsse.BCSSLParameters
org.bouncycastle.jsse.BCSSLSocket
org.bouncycastle.jsse.provider.BouncyCastleJsseProvider
org.conscrypt.Conscrypt$Version
org.conscrypt.Conscrypt
org.conscrypt.ConscryptHostnameVerifier
org.openjsse.javax.net.ssl.SSLParameters
org.openjsse.javax.net.ssl.SSLSocket
org.openjsse.net.ssl.OpenJSSE
org.slf4j.impl.StaticLoggerBinder
Most of the missing rules are granted by a more recent version of okhttp (https://github.com/square/okhttp/issues/6258)
The last one seems to be coming from a library named mp4parser. Bumping the library to the latest version removes the error, but adds Junit in the app classpath...
The project has a 3 years old open PR about removing that pollution, but I'm afraid it'll never be merged.
Could you please update the Android SDK with the latest versions of okhttp and mp4parser (and excluding junit, of course), and update the consumer proguard rules?
Thanks,
David
Log In
Mislav Stanic
complete
Mislav Stanic
Hi David LEVACHE,
This warnings are caused because okhttp and mp4 parser are missing some Proguard rules. You can resolve it in a few ways:
- Adding dontwarn to the Proguard rules of your app:
-dontwarn org.bouncycastle.jsse.BCSSLParameters
-dontwarn org.bouncycastle.jsse.BCSSLSocket
-dontwarn org.bouncycastle.jsse.provider.BouncyCastleJsseProvider
-dontwarn org.conscrypt.Conscrypt$Version
-dontwarn org.conscrypt.Conscrypt
-dontwarn org.conscrypt.ConscryptHostnameVerifier
-dontwarn org.openjsse.javax.net.ssl.SSLParameters
-dontwarn org.openjsse.javax.net.ssl.SSLSocket
-dontwarn org.openjsse.net.ssl.OpenJSSE
-dontwarn org.slf4j.impl.StaticLoggerBinder
- You can define higher version of okhttp and mp4parser dependency in your project. You can use exclude tag when defining dependency to exclude junit.
- We'll upgrade mp4 parser version and add dontwarn rules for okhttp in our SDK so you can wait next version.
D
David LEVACHE
Thanks for your reply Mislav Stanic . Actually, okhttp now has the missing rules defined in its consumer proguard file, but on a later version than the one used by the version 16.2.4: they have been added in okhttp 4.11.0.
So, if it causes no troubles for you, you can probably upgrade okttp version too ^^
Thanks
Mislav Stanic
David LEVACHE We have released 16.2.5 Android version so you can check it