How to obfuscate an Android Library module

Question

I have 3 modules: 2 Android applications and 1 Android Library that I'll call "common module" in this question.

The Android Library module is included in the two Android applications and provides shared functionalities across the two applications. Both applications depend on the common module using: implementation project(":mylibrary")

Since the Android Library module contains sensitive functionalities, I'm trying to obfuscate it in order to make this part of the application harder to reverse-engineer. At the same time, I don't want to obfuscate the 2 Android applications as they are large and testing all functionalities after obfuscation is time consuming and not worth the effort.

I have enabled minifyEnabled in build.gradle file of the common module and added keep rules to proguard-rules.pro file. When I run assembleRelease task on it, the resulting .aar file is obfuscated but when I try assembleRelease on either of the applications, the classes from the common library are not obfuscated at all.

The only solution that I can think of is that I generate an .aar file of the common library and manually import it in the applications, which will work but it requires generating a new .aar file each time I make a change to the common module and importing it to several applications which can be time consuming and prone to human errors. I will also have to keep track of mapping files on each release of the .aar files.

Any thoughts on how I can either automate this process, or configure the common module to get obfuscate when a consumer module is being built?

Answer 1

try releaseImplementation project(":mylibrary")