Sto usando Spring Boot con bootRepackle gradle per creare il file jar di rilascio. Il mio progetto necessita di codice offuscatore prima di consegnarlo al cliente. Ho provato proguard e qualche altro strumento ma si sono verificati molti problemi. Posso avere consigli su come configurare questi strumenti per l'avvio a molla.Spring Boot offfuscator
ho cercato ProGuard con questi config
-injars ./build/libs/webservice-1.0.jar
-outjars ./build/libs/webservice-obs-1.0.jar
-libraryjars <java.home>/lib/rt.jar
-keep class !myapplicationpackage.** { *; }
-keep class myapplicationpackage.Application { *; }
-ignorewarnings
-keepdirectories **
-dontshrink
-keepattributes *Annotation*
-keepclassmembers class com.yumyumlabs.** { java.lang.Long id; }
-keepnames class com.yumyumlabs.** implements java.io.Serializable
-keepclassmembers class * implements java.io.Serializable {
static final long serialVersionUID;
private static final java.io.ObjectStreamField[] serialPersistentFields;
!static !transient <fields>;
private void writeObject(java.io.ObjectOutputStream);
private void readObject(java.io.ObjectInputStream);
java.lang.Object writeReplace();
java.lang.Object readResolve();
}
-keepclassmembers class * {
@org.springframework.beans.factory.annotation.Autowired *;
@org.springframework.beans.factory.annotation.Qualifier *;
@org.springframework.beans.factory.annotation.Value *;
@org.springframework.beans.factory.annotation.Required *;
@org.springframework.context.annotation.Bean *;
@javax.annotation.PostConstruct *;
@javax.annotation.PreDestroy *;
@org.aspectj.lang.annotation.AfterReturning *;
@org.aspectj.lang.annotation.Pointcut *;
@org.aspectj.lang.annotation.AfterThrowing *;
@org.aspectj.lang.annotation.Around *;
}
-keep @org.springframework.stereotype.Service class *
-keep @org.springframework.stereotype.Controller class *
-keep @org.springframework.stereotype.Component class *
-keep @org.springframework.stereotype.Repository class *
-keep @org.springframework.cache.annotation.EnableCaching class *
-keep @org.springframework.context.annotation.Configuration class *
-keepattributes Signature
-dontwarn com.yumyumlabs.web.controllers.auth.AuthController
-dontwarn com.google.apphosting.api.ReflectionUtils
-dontwarn sun.misc.Unsafe
-dontwarn org.tartarus.snowball.**
-dontnote
-keepattributes Signature,RuntimeVisibleAnnotations,AnnotationDefault
Ma il vaso generato non posso correre
java.lang.IllegalStateException: Unable to open nested entry 'lib/spring-boot-starter-web-1.2.0.RELEASE.jar'. It has been compressed and nested jar files must be stored without compression. Please check the mechanism used to create your executable jar file
at org.springframework.boot.loader.jar.JarFile.createJarFileFromFileEntry(Unknown Source)
at org.springframework.boot.loader.jar.JarFile.createJarFileFromEntry(Unknown Source)
at org.springframework.boot.loader.jar.JarFile.getNestedJarFile(Unknown Source)
at org.springframework.boot.loader.archive.JarFileArchive.getNestedArchive(Unknown Source)
at org.springframework.boot.loader.archive.JarFileArchive.getNestedArchives(Unknown Source)
at org.springframework.boot.loader.ExecutableArchiveLauncher.getClassPathArchives(Unknown Source)
at org.springframework.boot.loader.Launcher.launch(Unknown Source)
at org.springframework.boot.loader.JarLauncher.main(Unknown Source)
Per favore spiegate più in dettaglio cosa avete provato e quali problemi avete avuto, in modo che possiamo aiutarvi a risolvere questi problemi. – Jesper
Il problema è molto semplice se si dispone di un jar con dipendenze nidificate e si tenta di offuscare con proguard che comprime i jar annidati e il caricatore di avvio spring non è in grado di caricare quei jar. – telebog
Sei riuscito a offuscare la tua applicazione Spring-Boot? – Modi