首页 > 代码库 > proguard usage

proguard usage

Usage

To run ProGuard, just type:

java -jar proguard.jar options ...

You can find the ProGuard jar in the lib  directory of the ProGuard distribution. Alternatively, the bin  directory contains some short Linux and Windows scripts containing this command. Typically, you‘ll put most options in a configuration file (say, myconfig.pro ), and just call:

java -jar proguard.jar @myconfig.pro

You can combine command line options and options from configuration files. For instance:

java -jar proguard.jar @myconfig.pro -verbose

You can add comments in a configuration file, starting with a # character and continuing until the end of the line.

Extra whitespace between words and delimiters is ignored. File names with spaces or special characters should be quoted with single or double quotes.

Options can be grouped arbitrarily in arguments on the command line and in lines in configuration files. This means that you can quote arbitrary sections of command line options, to avoid shell expansion of special characters, for instance.

The order of the options is generally irrelevant. For quick experiments, you can abbreviate them to their first unique characters.

The sections below provide more details:

  • Input/Output Options
  • Keep Options
  • Shrinking Options
  • Optimization Options
  • Obfuscation Options
  • Preverification Options
  • General Options
  • Class Paths
  • File Names
  • File Filters
  • Filters
  • Overview of Keep Options
  • Keep Option Modifiers
  • Class Specifications

Input/Output Options

@ filenameShort for ‘ -include  filename‘. -include  filenameRecursively reads configuration options from the given file  filename. -basedirectory  directorynameSpecifies the base directory for all subsequent relative file names in these configuration arguments or this configuration file. -injars  class_pathSpecifies the input jars (or wars, ears, zips, or directories) of the application to be processed. The class files in these jars will be processed and written to the output jars. By default, any non-class files will be copied without changes. Please be aware of any temporary files (e.g. created by IDEs), especially if you are reading your input files straight from directories. The entries in the class path can be filtered, as explained in the  filters section. For better readability, class path entries can be specified using multiple -injarsoptions. -outjars  class_pathSpecifies the names of the output jars (or wars, ears, zips, or directories). The processed input of the preceding -injars options will be written to the named jars. This allows you to collect the contents of groups of input jars into corresponding groups of output jars. In addition, the output entries can be filtered, as explained in the  filters section. Each processed class file or resource file is then written to the first output entry with a matching filter, within the group of output jars.

You must avoid letting the output files overwrite any input files. For better readability, class path entries can be specified using multiple -outjars options. Without any -outjarsoptions, no jars will be written.

-libraryjars  class_pathSpecifies the library jars (or wars, ears, zips, or directories) of the application to be processed. The files in these jars will not be included in the output jars. The specified library jars should at least contain the class files that are  extended by application class files. Library class files that are only  called needn‘t be present, although their presence can improve the results of the optimization step. The entries in the class path can be filtered, as explained in the  filters section. For better readability, class path entries can be specified using multiple -libraryjars options.

Please note that the boot path and the class path set for running ProGuard are not considered when looking for library classes. This means that you explicitly have to specify the run-time jar that your code will use. Although this may seem cumbersome, it allows you to process applications targeted at different run-time environments. For example, you can process J2SE applications as well as JME midlets, just by specifying the appropriate run-time jar.

-skipnonpubliclibraryclassesSpecifies to skip non-public classes while reading library jars, to speed up processing and reduce memory usage of ProGuard. By default, ProGuard reads non-public and public library classes alike. However, non-public classes are often not relevant, if they don‘t affect the actual program code in the input jars. Ignoring them then speeds up ProGuard, without affecting the output. Unfortunately, some libraries, including recent JSE run-time libraries, contain non-public library classes that are extended by public library classes. You then can‘t use this option. ProGuard will print out warnings if it can‘t find classes due to this option being set. -dontskipnonpubliclibraryclassesSpecifies not to ignore non-public library classes. As of version 4.5, this is the default setting. -dontskipnonpubliclibraryclassmembersSpecifies not to ignore package visible library class members (fields and methods). By default, ProGuard skips these class members while parsing library classes, as program classes will generally not refer to them. Sometimes however, program classes reside in the same packages as library classes, and they do refer to their package visible class members. In those cases, it can be useful to actually read the class members, in order to make sure the processed code remains consistent. -keepdirectories [ directory_filter]Specifies the directories to be kept in the output jars (or wars, ears, or directories). By default, directory entries are removed. This reduces the jar size, but it may be undesirable if the program code tries to find them with constructs like "MyClass.class.getResource("")". If the option is specified without a filter, all directories are kept. With a filter, only matching directories are kept. -target  versionSpecifies the version number to be set in the processed class files. The version number can be one of 1.0, 1.1, 1.2, 1.3, 1.4, 1.5 (or just 5), 1.6 (or just 6), or 1.7 (or just 7). By default, the version numbers of the class files are left unchanged. For example, you may want to  upgrade class files to Java 6, by changing their version numbers and having them preverified. -forceprocessingSpecifies to process the input, even if the output seems up to date. The up-to-dateness test is based on a comparison of the date stamps of the specified input, output, and configuration files or directories.

Keep Options

-keep [ ,modifier,...]  class_specificationSpecifies classes and class members (fields and methods) to be preserved as entry points to your code. For example, in order to  keep an application, you can specify the main class along with its main method. In order to  process a library, you should specify all publicly accessible elements. -keepclassmembers [ ,modifier,...]  class_specificationSpecifies class members to be preserved, if their classes are preserved as well. For example, you may want to  keep all serialization fields and methods of classes that implement the Serializable interface. -keepclasseswithmembers [ ,modifier,...]  class_specificationSpecifies classes and class members to be preserved, on the condition that all of the specified class members are present. For example, you may want to  keep all applicationsthat have a main method, without having to list them explicitly. -keepnames  class_specificationShort for  -keep, allowshrinking  class_specification

Specifies classes and class members whose names are to be preserved, if they aren‘t removed in the shrinking phase. For example, you may want to keep all class names of classes that implement the Serializable interface, so that the processed code remains compatible with any originally serialized classes. Classes that aren‘t used at all can still be removed. Only applicable when obfuscating.

-keepclassmembernames  class_specificationShort for  -keepclassmembers, allowshrinking  class_specification

Specifies class members whose names are to be preserved, if they aren‘t removed in the shrinking phase. For example, you may want to preserve the name of the syntheticclass$ methods when processing a library compiled by JDK 1.2 or older, so obfuscators can detect it again when processing an application that uses the processed library (although ProGuard itself doesn‘t need this). Only applicable when obfuscating.

-keepclasseswithmembernames  class_specificationShort for  -keepclasseswithmembers, allowshrinking  class_specification

Specifies classes and class members whose names are to be preserved, on the condition that all of the specified class members are present after the shrinking phase. For example, you may want to keep all native method names and the names of their classes, so that the processed code can still link with the native library code. Native methods that aren‘t used at all can still be removed. If a class file is used, but none of its native methods are, its name will still be obfuscated. Only applicable when obfuscating.

-printseeds [ filename]Specifies to exhaustively list classes and class members matched by the various -keep options. The list is printed to the standard output or to the given file. The list can be useful to verify if the intended class members are really found, especially if you‘re using wildcards. For example, you may want to list all the  applications or all the  applets that you are keeping.

Shrinking Options

-dontshrinkSpecifies not to shrink the input class files. By default, shrinking is applied; all classes and class members are removed, except for the ones listed by the various -keep options, and the ones on which they depend, directly or indirectly. A shrinking step is also applied after each optimization step, since some optimizations may open the possibility to remove more classes and class members. -printusage [ filename]Specifies to list dead code of the input class files. The list is printed to the standard output or to the given file. For example, you can  list the unused code of an application. Only applicable when shrinking. -whyareyoukeeping  class_specificationSpecifies to print details on why the given classes and class members are being kept in the shrinking step. This can be useful if you are wondering why some given element is present in the output. In general, there can be many different reasons. This option prints the shortest chain of methods to a specified seed or entry point, for each specified class and class member.  In the current implementation, the shortest chain that is printed out may sometimes contain circular deductions -- these do not reflect the actual shrinking process. If the  -verbose option if specified, the traces include full field and method signatures. Only applicable when shrinking.

Optimization Options

-dontoptimizeSpecifies not to optimize the input class files. By default, optimization is enabled; all methods are optimized at a bytecode level. -optimizations  optimization_filterSpecifies the optimizations to be enabled and disabled, at a more fine-grained level. Only applicable when optimizing.  This is an expert option. -optimizationpasses  nSpecifies the number of optimization passes to be performed. By default, a single pass is performed. Multiple passes may result in further improvements. If no improvements are found after an optimization pass, the optimization is ended. Only applicable when optimizing. -assumenosideeffects  class_specificationSpecifies methods that don‘t have any side effects (other than maybe returning a value). In the optimization step, ProGuard will then remove calls to such methods, if it can determine that the return values aren‘t used. Note that ProGuard will analyze your program code to find such methods automatically. It will not analyze library code, for which this option can thus be useful. For example, you could specify the method System.currentTimeMillis(), so that any idle calls to it will be removed. Note that ProGuard applies the option to the entire hierarchy of the specified methods. Only applicable when optimizing. In general, making assumptions can be dangerous; you can easily break the processed code.  Only use this option if you know what you‘re doing! -allowaccessmodificationSpecifies that the access modifiers of classes and class members may be broadened during processing. This can improve the results of the optimization step. For instance, when inlining a public getter, it may be necessary to make the accessed field public too. Although Java‘s binary compatibility specifications formally do not require this (cfr.  The Java Language Specification, Second Edition,  Section 13.4.6), some virtual machines would have problems with the processed code otherwise. Only applicable when optimizing (and when obfuscating with the  -repackageclasses option).

Counter-indication: you probably shouldn‘t use this option when processing code that is to be used as a library, since classes and class members that weren‘t designed to be public in the API may become public.

-mergeinterfacesaggressivelySpecifies that interfaces may be merged, even if their implementing classes don‘t implement all interface methods. This can reduce the size of the output by reducing the total number of classes. Note that Java‘s binary compatibility specifications allow such constructs (cfr.  The Java Language Specification, Second Edition,  Section 13.5.3), even if they are not allowed in the Java language (cfr.  The Java Language Specification, Second Edition,  Section 8.1.4). Only applicable when optimizing.

Counter-indication: setting this option can reduce the performance of the processed code on some JVMs, since advanced just-in-time compilation tends to favor more interfaces with fewer implementing classes. Worse, some JVMs may not be able to handle the resulting code. Notably:

  • Sun‘s JRE 1.3 may throw an InternalError when encountering more than 256 Miranda methods (interface methods without implementations) in a class.

Obfuscation Options

-dontobfuscateSpecifies not to obfuscate the input class files. By default, obfuscation is applied; classes and class members receive new short random names, except for the ones listed by the various -keep options. Internal attributes that are useful for debugging, such as source files names, variable names, and line numbers are removed. -printmapping [ filename]Specifies to print the mapping from old names to new names for classes and class members that have been renamed. The mapping is printed to the standard output or to the given file. For example, it is required for subsequent  incremental obfuscation, or if you ever want to make sense again of  obfuscated stack traces. Only applicable when obfuscating. -applymapping  filenameSpecifies to reuse the given name mapping that was printed out in a previous obfuscation run of ProGuard. Classes and class members that are listed in the mapping file receive the names specified along with them. Classes and class members that are not mentioned receive new names. The mapping may refer to input classes as well as library classes. This option can be useful for  incremental obfuscation, i.e. processing add-ons or small patches to an existing piece of code. In such cases, you should consider whether you also need the option  -useuniqueclassmembernames. Only a single mapping file is allowed. Only applicable when obfuscating. -obfuscationdictionary  filenameSpecifies a text file from which all valid words are used as obfuscated field and method names. By default, short names like ‘a‘, ‘b‘, etc. are used as obfuscated names. With an obfuscation dictionary, you can specify a list of reserved key words, or identifiers with foreign characters, for instance. White space, punctuation characters, duplicate words, and comments after a  # sign are ignored. Note that an obfuscation dictionary hardly improves the obfuscation. Decent compilers can automatically replace them, and the effect can fairly simply be undone by obfuscating again with simpler names. The most useful application is specifying strings that are typically already present in class files (such as ‘Code‘), thus reducing the class file sizes just a little bit more. Only applicable when obfuscating. -classobfuscationdictionary  filenameSpecifies a text file from which all valid words are used as obfuscated class names. The obfuscation dictionary is similar to the one of the option  -obfuscationdictionary. Only applicable when obfuscating. -packageobfuscationdictionary  filenameSpecifies a text file from which all valid words are used as obfuscated package names. The obfuscation dictionary is similar to the one of the option  -obfuscationdictionary. Only applicable when obfuscating. -overloadaggressivelySpecifies to apply aggressive overloading while obfuscating. Multiple fields and methods can then get the same names, as long as their arguments and return types are different (not just their arguments). This option can make the processed code even smaller (and less comprehensible). Only applicable when obfuscating.

Counter-indication: the resulting class files fall within the Java bytecode specification (cfr. The Java Virtual Machine Specification, Second Edition, first paragraphs of Section 4.5and Section 4.6), even though this kind of overloading is not allowed in the Java language (cfr. The Java Language Specification, Second Edition, Section 8.3 and Section 8.4.7). Still, some tools have problems with it. Notably:

  • Sun‘s JDK 1.2.2 javac compiler produces an exception when compiling with such a library (cfr. Bug #4216736). You probably shouldn‘t use this option for processing libraries.
  • Sun‘s JRE 1.4 and later fail to serialize objects with overloaded primitive fields.
  • Sun‘s JRE 1.5 pack200 tool reportedly has problems with overloaded class members.
  • Google‘s Dalvik VM can‘t handle overloaded static fields.
-useuniqueclassmembernamesSpecifies to assign the same obfuscated names to class members that have the same names, and different obfuscated names to class members that have different names (for each given class member signature). Without the option, more class members can be mapped to the same short names like ‘a‘, ‘b‘, etc. The option therefore increases the size of the resulting code slightly, but it ensures that the saved obfuscation name mapping can always be respected in subsequent incremental obfuscation steps.

For instance, consider two distinct interfaces containing methods with the same name and signature. Without this option, these methods may get different obfuscated names in a first obfuscation step. If a patch is then added containing a class that implements both interfaces, ProGuard will have to enforce the same method name for both methods in an incremental obfuscation step. The original obfuscated code is changed, in order to keep the resulting code consistent. With this option in the initial obfuscation step, such renaming will never be necessary.

This option is only applicable when obfuscating. In fact, if you are planning on performing incremental obfuscation, you probably want to avoid shrinking and optimization altogether, since these steps could remove or modify parts of your code that are essential for later additions.

-dontusemixedcaseclassnamesSpecifies not to generate mixed-case class names while obfuscating. By default, obfuscated class names can contain a mix of upper-case characters and lower-case characters. This creates perfectly acceptable and usable jars. Only if a jar is unpacked on a platform with a case-insensitive filing system (say, Windows), the unpacking tool may let similarly named class files overwrite each other. Code that self-destructs when it‘s unpacked! Developers who really want to unpack their jars on Windows can use this option to switch off this behavior. Note that the obfuscated jars will become larger as a result. Only applicable when obfuscating. -keeppackagenames [ package_filter]Specifies not obfuscate the given package names. The optional filter is a comma-separated list of package names. Package names can contain  ?*, and  ** wildcards, and they can be preceded by the  ! negator. Only applicable when obfuscating. -flattenpackagehierarchy [ package_name]Specifies to repackage all packages that are renamed, by moving them into the single given parent package. Without argument or with an empty string (‘‘), the packages are moved into the root package. This option is one example of further  obfuscating package names. It can make the processed code smaller and less comprehensible. Only applicable when obfuscating. -repackageclasses [ package_name]Specifies to repackage all class files that are renamed, by moving them into the single given package. Without argument or with an empty string (‘‘), the package is removed completely. This option option overrides the  -flattenpackagehierarchy option. It is another example of further  obfuscating package names. It can make the processed code even smaller and less comprehensible. Its deprecated name is -defaultpackage. Only applicable when obfuscating.

Counter-indication: classes that look for resource files in their package directories will no longer work properly if they are moved elsewhere. When in doubt, just leave the packaging untouched by not using this option.

-keepattributes [ attribute_filter]Specifies any optional attributes to be preserved. The attributes can be specified with one or more -keepattributes directives. The optional filter is a comma-separated list of attribute names. Attribute names can contain  ?*, and  ** wildcards, and they can be preceded by the  ! negator. Typical optional attributes are Exceptions, Signature, Deprecated,SourceFile, SourceDir, LineNumberTable, LocalVariableTable, LocalVariableTypeTable, Synthetic, EnclosingMethod, RuntimeVisibleAnnotations, RuntimeInvisibleAnnotations, RuntimeVisibleParameterAnnotations,RuntimeInvisibleParameterAnnotations, and AnnotationDefault. The InnerClasses attribute name can be specified as well, referring to the source name part of this attribute. For example, you should at least keep the Exceptions, InnerClasses, and Signature attributes when  processing a library. You should also keep the SourceFile and LineNumberTable attributes for  producing useful obfuscated stack traces. Finally, you may want to  keep annotations if your code depends on them. Only applicable when obfuscating. -keepparameternamesSpecifies to keep the parameter names and types of methods that are kept. This option actually keeps trimmed versions of the debugging attributes LocalVariableTable andLocalVariableTypeTable. It can be useful when  processing a library. Some IDEs can use the information to assist developers who use the library, for example with tool tips or autocompletion. Only applicable when obfuscating. -renamesourcefileattribute [ string]Specifies a constant string to be put in the SourceFile attributes (and SourceDir attributes) of the class files. Note that the attribute has to be present to start with, so it also has to be preserved explicitly using the -keepattributes directive. For example, you may want to have your processed libraries and applications produce  useful obfuscated stack traces. Only applicable when obfuscating. -adaptclassstrings [ class_filter]Specifies that string constants that correspond to class names should be obfuscated as well. Without a filter, all string constants that correspond to class names are adapted. With a filter, only string constants in classes that match the filter are adapted. For example, if your code contains a large number of hard-coded strings that refer to classes, and you prefer not to keep their names, you may want to use this option. Primarily applicable when obfuscating, although corresponding classes are automatically kept in the shrinking step too. -adaptresourcefilenames [ file_filter]Specifies the resource files to be renamed, based on the obfuscated names of the corresponding class files (if any). Without a filter, all resource files that correspond to class files are renamed. With a filter, only matching files are renamed. For example, see  processing resource files. Only applicable when obfuscating. -adaptresourcefilecontents [ file_filter]Specifies the resource files whose contents are to be updated. Any class names mentioned in the resource files are renamed, based on the obfuscated names of the corresponding classes (if any). Without a filter, the contents of all resource files updated. With a filter, only matching files are updated. The resource files are parsed and written using the platform‘s default character set. You can change this default character set by setting the environment variable LANG or the Java system property file.encoding. For an example, see  processing resource files. Only applicable when obfuscating.

Preverification Options

-dontpreverifySpecifies not to preverify the processed class files. By default, class files are preverified if they are targeted at Java Micro Edition or at Java 6 or higher. For Java Micro Edition, preverification is required, so you will need to run an external preverifier on the processed code if you specify this option. For Java 6, preverification is not required (yet), but it improves the efficiency of the class loading in the Java Virtual Machine. -microeditionSpecifies that the processed class files are targeted at Java Micro Edition. The preverifier will then add the appropriate StackMap attributes, which are different from the default StackMapTable attributes for Java Standard Edition. For example, you will need this option if you are  processing midlets.

General Options

-verboseSpecifies to write out some more information during processing. If the program terminates with an exception, this option will print out the entire stack trace, instead of just the exception message. -dontnote [ class_filter]Specifies not to print notes about potential mistakes or omissions in the configuration, like typos in class names, or like missing options that might be useful. The optional filter is a regular expression; ProGuard doesn‘t print notes about classes with matching names. -dontwarn [ class_filter]Specifies not to warn about unresolved references and other important problems at all. The optional filter is a regular expression; ProGuard doesn‘t print warnings about classes with matching names. Ignoring warnings can be dangerous. For instance, if the unresolved classes or class members are indeed required for processing, the processed code will not function properly.  Only use this option if you know what you‘re doing! -ignorewarningsSpecifies to print any warnings about unresolved references and other important problems, but to continue processing in any case. Ignoring warnings can be dangerous. For instance, if the unresolved classes or class members are indeed required for processing, the processed code will not function properly.  Only use this option if you know what you‘re doing! -printconfiguration [ filename]Specifies to write out the entire configuration that has been parsed, with included files and replaced variables. The structure is printed to the standard output or to the given file. This can sometimes be useful for debugging configurations, or for converting XML configurations into a more readable format. -dump [ filename]Specifies to write out the internal structure of the class files, after any processing. The structure is printed to the standard output or to the given file. For example, you may want to  write out the contents of a given jar file, without processing it at all.

Class Paths

ProGuard accepts a generalization of class paths to specify input files and output files. A class path consists of entries, separated by the traditional path separator (e.g. ‘ : ‘ on Unix, or ‘ ; ‘ on Windows platforms). The order of the entries determines their priorities, in case of duplicates.

Each input entry can be:

  • A class file or resource file,
  • A jar file, containing any of the above,
  • A war file, containing any of the above,
  • An ear file, containing any of the above,
  • A zip file, containing any of the above,
  • A directory (structure), containing any of the above.

The paths of directly specified class files and resource files is ignored, so class files should generally be part of a jar file, a war file, an ear file, a zip file, or a directory. In addition, the paths of class files should not have any additional directory prefixes inside the archives or directories.

Each output entry can be:

  • A jar file, in which all processed class files and resource files will be collected.
  • A war file, in which any and all of the above will be collected,
  • An ear file, in which any and all of the above will be collected,
  • A zip file, in which any and all of the above will be collected,
  • A directory, in which any and all of the above will be collected.

When writing output entries, ProGuard will generally package the results in a sensible way, reconstructing the input entries as much as required. Writing everything to an output directory is the most straightforward option: the output directory will contain a complete reconstruction of the input entries. The packaging can be almost arbitrarily complex though: you could process an entire application, packaged in a zip file along with its documentation, writing it out as a zip file again. The Examples section shows a few ways to restructure output archives.

Files and directories can be specified as discussed in the section on file names below.

In addition, ProGuard provides the possibility to filter the class path entries and their contents, based on their full relative file names. Each class path entry can be followed by up to 5 types of file filters between parentheses, separated by semi-colons:

  • A filter for all zip names that are encountered,
  • A filter for all ear names that are encountered,
  • A filter for all war names that are encountered,
  • A filter for all jar names that are encountered,
  • A filter for all class file names and resource file names that are encountered.

If fewer than 5 filters are specified, they are assumed to be the latter filters. Any empty filters are ignored. More formally, a filtered class path entry looks like this:

classpathentry([[[[zipfilter;]earfilter;]warfilter;]jarfilter;]filefilter)

Square brackets "[]" mean that their contents are optional.

For example, "rt.jar(java/**.class,javax/**.class)" matches all class files in the java and javax directories inside the rt jar.

For example, "input.jar(!**.gif,images/**)" matches all files in the images directory inside the input jar, except gif files.

Note that the different filters are applied to all corresponding file types, irrespective of their nesting levels in the input; they are orthogonal.

For example, "input.war(lib/**.jar,support/**.jar;**.class,**.gif)" only considers jar files in the lib and support directories in the input war, not any other jar files. It then matches all class files and gif files that are encountered.

The filters allow for an almost infinite number of packaging and repackaging possibilities. The Examples section provides a few more examples for filtering input and output.

File Names

ProGuard accepts absolute paths and relative paths for the various file names and directory names. A relative path is interpreted as follows:
  • relative to the base directory, if set, or otherwise
  • relative to the configuration file in which it is specified, if any, or otherwise
  • relative to the working directory.

The names can contain Java system properties delimited by ‘<‘ and ‘>‘. The system properties are automatically replaced by their respective values.

For example, <java.home>/lib/rt.jar will automatically be expanded to something like /usr/local/java/jdk/jre/lib/rt.jar. Similarly, <user.home> will be expanded to the user‘s home directory, and<user.dir> will be expanded to the current working directory.

Names with special characters like spaces and parentheses must be quoted with single or double quotes. Note that each file name in a list of names has to be quoted individually. Also note that the quotes themselves may need to be escaped when used on the command line, to avoid them being gobbled by the shell.

For example, on the command line, you could use an option like ‘-injars "my program.jar":"/your directory/your program.jar"‘.

File Filters

Like general  filters , a file filter is a comma-separated list of file names that can contain wildcards. Only files with matching file names are read (in the case of input jars), or written (in the case of output jars). The following wildcards are supported:
? matches any single character in a file name.
* matches any part of a filename not containing the directory separator.
** matches any part of a filename, possibly containing any number of directory separators.
For example, "java/**.class,javax/**.class " matches all class files in the java  and javax .

Furthermore, a file name can be preceded by an exclamation mark ‘!‘ to exclude the file name from further attempts to match with subsequent file names.

For example, "!**.gif,images/**" matches all files in the images directory, except gif files.

The Examples section provides a few more examples for filtering input and output.

Filters

ProGuard offers options with filters for many different aspects of the configuration: names of files, directories, classes, packages, attributes, optimizations, etc.

A filter is a list of comma-separated names that can contain wildcards. Only names that match an item on the list pass the filter. The supported wildcards depend on the type of names for which the filter is being used, but the following wildcards are typical:

? matches any single character in a name.
* matches any part of a name not containing the package separator or directory separator.
** matches any part of a name, possibly containing any number of package separators or directory separators.

For example, "foo,*bar" matches the name foo and all names ending with bar.

Furthermore, a name can be preceded by a negating exclamation mark ‘!‘ to exclude the name from further attempts to match with subsequent names. So, if a name matches an item in the filter, it is accepted or rejected right away, depending on whether the item has a negator. If the name doesn‘t match the item, it is tested against the next item, and so on. It if doesn‘t match any items, it is accepted or rejected, depending on the whether the last item has a negator or not.

For example, "!foobar,*bar" matches all names ending with bar, except foobar.

Overview of Keep Options

The various -keep  options for shrinking and obfuscation may seem a bit confusing at first, but there‘s actually a pattern behind them. The following table summarizes how they are related:
Keep From being removed or renamed From being renamed
Classes and class members -keep -keepnames
Class members only -keepclassmembers -keepclassmembernames
Classes and class members, if class members present -keepclasseswithmembers -keepclasseswithmembernames

Each of these -keep options is of course followed by a specification of the classes and class members (fields and methods) to which it should be applied.

If you‘re not sure which option you need, you should probably simply use -keep. It will make sure the specified classes and class members are not removed in the shrinking step, and not renamed in the obfuscation step.

attention Always remember:
  • Specifying a class without class members only preserves the class as an entry point — any class members may then still be removed, optimized, or obfuscated.
  • Specifying a class member only preserves the class member as an entry point — any associated code may still be optimized and adapted.

Keep Option Modifiers

allowshrinkingSpecifies that the entry points specified in the  -keep option may be shrunk, even if they have to be preserved otherwise. That is, the entry points may be removed in the shrinking step, but if they are necessary after all, they may not be optimized or obfuscated. allowoptimizationSpecifies that the entry points specified in the  -keep option may be optimized, even if they have to be preserved otherwise. That is, the entry points may be altered in the optimization step, but they may not be removed or obfuscated. This modifier is only useful for achieving unusual requirements. allowobfuscationSpecifies that the entry points specified in the  -keep option may be obfuscated, even if they have to be preserved otherwise. That is, the entry points may be renamed in the obfuscation step, but they may not be removed or optimized. This modifier is only useful for achieving unusual requirements.

Class Specifications

A class specification is a template of classes and class members (fields and methods). It is used in the various -keep  options and in the -assumenosideeffects  option. The corresponding option is only applied to classes and class members that match the template.

The template was designed to look very Java-like, with some extensions for wildcards. To get a feel for the syntax, you should probably look at the examples, but this is an attempt at a complete formal definition:

[@annotationtype] [[!]public|final|abstract|@ ...] [!]interface|class|enum classname [extends|implements [@annotationtype] classname]
[{ [@annotationtype] [[!]public|private|protected|static|volatile|transient ...] <fields> |
                                                                      (fieldtype fieldname); [@annotationtype] [[!]public|private|protected|static|synchronized|native|abstract|strictfp ...] <methods> | <init>(argumenttype,...) | classname(argumenttype,...) |
                                                                                           (returntype methodname(argumenttype,...)); [@annotationtype] [[!]public|private|protected|static ... ] *; ... }]

Square brackets "[]" mean that their contents are optional. Ellipsis dots "..." mean that any number of the preceding items may be specified. A vertical bar "|" delimits two alternatives. Non-bold parentheses "()" just group parts of the specification that belong together. The indentation tries to clarify the intended meaning, but white-space is irrelevant in actual configuration files.

  • The class keyword refers to any interface or class. The interface keyword restricts matches to interface classes. The enum keyword restricts matches to enumeration classes. Preceding the interface or enum keywords by a ! restricts matches to classes that are not interfaces or enumerations, respectively.
  • Every classname must be fully qualified, e.g. java.lang.String. Class names may be specified as regular expressions containing the following wildcards:
    ? matches any single character in a class name, but not the package separator. For example, "mypackage.Test?" matches "mypackage.Test1" and "mypackage.Test2", but not "mypackage.Test12".
    * matches any part of a class name not containing the package separator. For example, "mypackage.*Test*" matches "mypackage.Test" and "mypackage.YourTestApplication", but not "mypackage.mysubpackage.MyTest". Or, more generally, "mypackage.*" matches all classes in "mypackage", but not in its subpackages.
    ** matches any part of a class name, possibly containing any number of package separators. For example, "**.Test" matches all Test classes in all packages except the root package. Or, "mypackage.**" matches all classes in "mypackage" and in its subpackages.
    For additional flexibility, class names can actually be comma-separated lists of class names, with optional ! negators, just like file name filters. This notation doesn‘t look very Java-like, so it should be used with moderation.

    For convenience and for backward compatibility, the class name * refers to any class, irrespective of its package.

  • The extends and implements specifications are typically used to restrict classes with wildcards. They are currently equivalent, specifying that only classes extending or implementing the given class qualify. Note that the given class itself is not included in this set. If required, it should be specified in a separate option.
  • The @ specifications can be used to restrict classes and class members to the ones that are annotated with the specified annotation types. An annotationtype is specified just like a classname.
  • Fields and methods are specified much like in Java, except that method argument lists don‘t contain argument names (just like in other tools like javadoc and javap). The specifications can also contain the following catch-all wildcards:
    <init> matches any constructor.
    <fields> matches any field.
    <methods> matches any method.
    * matches any field or method.
    Note that the above wildcards don‘t have return types. Only the <init> wildcard has an argument list.

    Fields and methods may also be specified using regular expressions. Names can contain the following wildcards:

    ? matches any single character in a method name.
    * matches any part of a method name.

    Types in descriptors can contain the following wildcards:

    % matches any primitive type ("boolean", "int", etc, but not "void").
    ? matches any single character in a class name.
    * matches any part of a class name not containing the package separator.
    ** matches any part of a class name, possibly containing any number of package separators.
    *** matches any type (primitive or non-primitive, array or non-array).
    ... matches any number of arguments of any type.

    Note that the ?, *, and ** wildcards will never match primitive types. Furthermore, only the *** wildcards will match array types of any dimension. For example, "** get*()" matches "java.lang.Object getObject()", but not "float getFloat()", nor "java.lang.Object[] getObjects()".

  • Constructors can also be specified using their short class names (without package) or using their full class names. As in the Java language, the constructor specification has an argument list, but no return type.
  • The class access modifiers and class member access modifiers are typically used to restrict wildcarded classes and class members. They specify that the corresponding access flags have to be set for the member to match. A preceding ! specifies that the corresponding access flag should be unset.

    Combining multiple flags is allowed (e.g. public static). It means that both access flags have to be set (e.g. public and static), except when they are conflicting, in which case at least one of them has to be set (e.g. at least public or protected).

    ProGuard supports the additional modifiers syntheticbridge, and varargs, which may be set by compilers.

proguard usage