RE: obfuscation
Hi Stephen, I am getting FileNotFound exception as I don't have config.properties file in the specified path. Can you please let me know, what that file contains and where can I get that file. Can you also please post that sample file if possible... Thanks, Ravindar -- View this message in context: http://maven.40175.n5.nabble.com/obfuscation-tp97608p5775014.html Sent from the Maven - Users mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
Re: obfuscation
That is a JavaGuard problem not a Maven problem... you'd need to know how to set up JavaGuard... I don't claim to know that On 12 November 2013 13:20, ravindar ravindar.gumm...@gmail.com wrote: Hi Stephen, I am getting FileNotFound exception as I don't have config.properties file in the specified path. Can you please let me know, what that file contains and where can I get that file. Can you also please post that sample file if possible... Thanks, Ravindar -- View this message in context: http://maven.40175.n5.nabble.com/obfuscation-tp97608p5775014.html Sent from the Maven - Users mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
Re: obfuscation
Ravindar, for replying to a nearly 6 year old thread... YOU'VE BEEN AWARDED AN ACHIEVEMENT! The Crypt Keeper If the thread gets more than 6 replies, you will also be awarded The Necromancer for bringing an old, dead topic back to life. ;-) Wayne On Tue, Nov 12, 2013 at 7:20 AM, ravindar ravindar.gumm...@gmail.com wrote: Hi Stephen, I am getting FileNotFound exception as I don't have config.properties file in the specified path. Can you please let me know, what that file contains and where can I get that file. Can you also please post that sample file if possible... Thanks, Ravindar -- View this message in context: http://maven.40175.n5.nabble.com/obfuscation-tp97608p5775014.html Sent from the Maven - Users mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
Re: obfuscation
Ha! I didn't spot the date... Further information. I no longer work for the people that the pom snippet was from, so even if I could have been bothered to try and dig the source out of source control (in this case it would have been Accurev, so there is no guarantee that that specific lying SCM would actually have kept the revision in question) I no longer have access... You're on your own CryptKeeper On 12 November 2013 15:50, Wayne Fay wayne...@gmail.com wrote: Ravindar, for replying to a nearly 6 year old thread... YOU'VE BEEN AWARDED AN ACHIEVEMENT! The Crypt Keeper If the thread gets more than 6 replies, you will also be awarded The Necromancer for bringing an old, dead topic back to life. ;-) Wayne On Tue, Nov 12, 2013 at 7:20 AM, ravindar ravindar.gumm...@gmail.com wrote: Hi Stephen, I am getting FileNotFound exception as I don't have config.properties file in the specified path. Can you please let me know, what that file contains and where can I get that file. Can you also please post that sample file if possible... Thanks, Ravindar -- View this message in context: http://maven.40175.n5.nabble.com/obfuscation-tp97608p5775014.html Sent from the Maven - Users mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
finished 1.0 of my IDFC obfuscation plugin
Hey all - just wanted to let the list know that I completed the 1.0 release of my obfuscation maven plugin and its available on the central repo. The full artifact is com.idfconnect.devtools:idfc-proguard-maven-plugin:1.0.0. I got some very helpful answers from the list - mainly I was stuck on the exact definition and purpose of attaching a generated artifact back into the project. It took me a while to understand that this is not intended as a mechanism to inject an artifact into subsequent plugin processing, but is solely for adding artifacts back to the repositories. The plugin uses the 3.1-specific API - it was very easy to ask maven to see what dependencies have already been resolved in the project, and also to programmatically resolve any new dependencies specifically needed for obfuscation. The source could be useful for anyone else developing a new plugin for 3.1, although I'm certainly no authority on the API! I took pains to make the plugin configuration as maven-esque as possible. The plugin website is here: http://mavenproguard.sourceforge.net/ and all of source code is on SourceForge. There's a brief explanation of how to use and an example based of how I used the plugin to obfuscate a specific set of libraries within a web archive here: https://sourceforge.net/p/mavenproguard/wiki/Home/ Any feedback appreciated. Thanks! Best regards, Richard - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
Re: How to migrate Ant obfuscation build to Maven?
Karsten Silz wrote: So I assume that right way for Maven obfuscation is to do the obfuscation in the prepare-package state through a plugin (e.g., mine in this case), build the ZIP file there and deploy it to our repository. Correct? Turns out we can't do this - we use MyEclipse where the Maven package is the only way to update the WEB-INF/lib directory with the latest JARS (that directory is used by the Tomcat integration). -- View this message in context: http://maven.40175.n5.nabble.com/How-to-migrate-Ant-obfuscation-build-to-Maven-tp3362293p3366939.html Sent from the Maven - Users mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
Re: How to migrate Ant obfuscation build to Maven?
We use another obfuscation software - Zelix Klassmaster (http://www.zelix.com/klassmaster). They only have an Ant task, no Maven plugin. But I could write my own plugin that calls the Ant task or call the obfuscator directly. So I assume that right way for Maven obfuscation is to do the obfuscation in the prepare-package state through a plugin (e.g., mine in this case), build the ZIP file there and deploy it to our repository. Correct? -- View this message in context: http://maven.40175.n5.nabble.com/How-to-migrate-Ant-obfuscation-build-to-Maven-tp3362293p3363421.html Sent from the Maven - Users mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
How to migrate Ant obfuscation build to Maven?
Hi, Part of my job is to maintain an Ant build to obfuscate a web app. This happens in four steps: - Ant builds the WAR file on PC - WAR file gets uploaded to a server where it is obfuscated (which - due to class and method renaming - also changes configuration files and accesses the libraries) - obfuscated WAR file and obfuscation log (needed for decoding stack traces) are added to an internal build application on that server - obfuscated WAR file and obfuscation log are downloaded again to PC, obfuscation log is added to version management (just to be on the safe side) The web app was migrated to Maven more than a year ago, and we've just started using the release plugin (we run our own internal Nexus Maven repository). But now we want to change the obfuscation build. Additionally, we want to build a ZIP file as the build result that includes the WAR file, along with database scripts, release notes and such. Now I have these questions: - The Maven Assembly plug-in seems to be the right choice for changing what goes into the WAR file (which we don't want to change), but how can I build the above described ZIP file instead? - How does the obfuscation fit into the Maven lifecylce, since it creates the final artifact, so to speak, but also requires the WAR file to be built, which itself already concludes the packaging phase? Would I need to abuse a later phase (such as verify) to do the obfuscation? - Sine the AntRun plugin got deprecated with Maven 3, is our own custom plugin the best way to trigger the obfuscation process and download its results? - Since the obfuscation should be part of a Maven release (using the release plugin), the release plugin assumes that there is no locally changed file, compared against the source code repository. How could we then update the obfuscation log in the our source code management system as part of the Maven release, if at all? - I read somewhere that deploying a custom ZIP file like the one described aboveto our own Maven repository is frowned upon because the Maven repository doesn't know what to do with such a file, unlike a JAR file, for instance. If that is true, what would we then deploy to our internal Maven repository - just the WAR file? Thank you for your help! Karsten Silz -- View this message in context: http://maven.40175.n5.nabble.com/How-to-migrate-Ant-obfuscation-build-to-Maven-tp3362293p3362293.html Sent from the Maven - Users mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
Re: How to migrate Ant obfuscation build to Maven?
http://pyx4me.com/pyx4me-maven-plugins/proguard-maven-plugin/. Obfuscate the jars that go into the war or obfuscate the classes directly before they are packaged into the war. The plugin can do both. Deploy the zip to your repository as well as the war. Kalle On Fri, Jan 28, 2011 at 4:23 PM, Karsten Silz karsten.s...@me.com wrote: Hi, Part of my job is to maintain an Ant build to obfuscate a web app. This happens in four steps: - Ant builds the WAR file on PC - WAR file gets uploaded to a server where it is obfuscated (which - due to class and method renaming - also changes configuration files and accesses the libraries) - obfuscated WAR file and obfuscation log (needed for decoding stack traces) are added to an internal build application on that server - obfuscated WAR file and obfuscation log are downloaded again to PC, obfuscation log is added to version management (just to be on the safe side) The web app was migrated to Maven more than a year ago, and we've just started using the release plugin (we run our own internal Nexus Maven repository). But now we want to change the obfuscation build. Additionally, we want to build a ZIP file as the build result that includes the WAR file, along with database scripts, release notes and such. Now I have these questions: - The Maven Assembly plug-in seems to be the right choice for changing what goes into the WAR file (which we don't want to change), but how can I build the above described ZIP file instead? - How does the obfuscation fit into the Maven lifecylce, since it creates the final artifact, so to speak, but also requires the WAR file to be built, which itself already concludes the packaging phase? Would I need to abuse a later phase (such as verify) to do the obfuscation? - Sine the AntRun plugin got deprecated with Maven 3, is our own custom plugin the best way to trigger the obfuscation process and download its results? - Since the obfuscation should be part of a Maven release (using the release plugin), the release plugin assumes that there is no locally changed file, compared against the source code repository. How could we then update the obfuscation log in the our source code management system as part of the Maven release, if at all? - I read somewhere that deploying a custom ZIP file like the one described aboveto our own Maven repository is frowned upon because the Maven repository doesn't know what to do with such a file, unlike a JAR file, for instance. If that is true, what would we then deploy to our internal Maven repository - just the WAR file? Thank you for your help! Karsten Silz -- View this message in context: http://maven.40175.n5.nabble.com/How-to-migrate-Ant-obfuscation-build-to-Maven-tp3362293p3362293.html Sent from the Maven - Users mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
Re: How to migrate Ant obfuscation build to Maven?
I can only second that idea. I am using it for Android applications built with Maven and blogged a few tips for setting it up recently. That might help for normal stuff as well (e.g. keeping the map file if you obfuscate..) See more http://www.simpligility.com/2010/12/proguard-for-android-with-maven-without-shooting-yourself-in-the-foot/ http://www.simpligility.com/2010/12/hints-for-using-proguard-on-your-android-app/ manfred http://pyx4me.com/pyx4me-maven-plugins/proguard-maven-plugin/. Obfuscate the jars that go into the war or obfuscate the classes directly before they are packaged into the war. The plugin can do both. Deploy the zip to your repository as well as the war. Kalle On Fri, Jan 28, 2011 at 4:23 PM, Karsten Silz karsten.s...@me.com wrote: Hi, Part of my job is to maintain an Ant build to obfuscate a web app. This happens in four steps: - Ant builds the WAR file on PC - WAR file gets uploaded to a server where it is obfuscated (which - due to class and method renaming - also changes configuration files and accesses the libraries) - obfuscated WAR file and obfuscation log (needed for decoding stack traces) are added to an internal build application on that server - obfuscated WAR file and obfuscation log are downloaded again to PC, obfuscation log is added to version management (just to be on the safe side) The web app was migrated to Maven more than a year ago, and we've just started using the release plugin (we run our own internal Nexus Maven repository). But now we want to change the obfuscation build. Additionally, we want to build a ZIP file as the build result that includes the WAR file, along with database scripts, release notes and such. Now I have these questions: - The Maven Assembly plug-in seems to be the right choice for changing what goes into the WAR file (which we don't want to change), but how can I build the above described ZIP file instead? - How does the obfuscation fit into the Maven lifecylce, since it creates the final artifact, so to speak, but also requires the WAR file to be built, which itself already concludes the packaging phase? Would I need to abuse a later phase (such as verify) to do the obfuscation? - Sine the AntRun plugin got deprecated with Maven 3, is our own custom plugin the best way to trigger the obfuscation process and download its results? - Since the obfuscation should be part of a Maven release (using the release plugin), the release plugin assumes that there is no locally changed file, compared against the source code repository. How could we then update the obfuscation log in the our source code management system as part of the Maven release, if at all? - I read somewhere that deploying a custom ZIP file like the one described aboveto our own Maven repository is frowned upon because the Maven repository doesn't know what to do with such a file, unlike a JAR file, for instance. If that is true, what would we then deploy to our internal Maven repository - just the WAR file? Thank you for your help! Karsten Silz -- View this message in context: http://maven.40175.n5.nabble.com/How-to-migrate-Ant-obfuscation-build-to-Maven-tp3362293p3362293.html Sent from the Maven - Users mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
Obfuscation of several artifacts with Proguard
Hi, we have a main application with plugins where each plugin is a jar depending on the main application jar. I would like to obfuscate all jars (main and plugins) in one go with the proguard maven plugin without using ant. Does anyone know what is the best way to achieve this? - To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org
RE: A Maven plugin for obfuscation
I would like to obfuscate the jar, war and ear packages so class, variables, methods, attributes names are changed and Strings are encrypted. -Mensaje original- De: Wayne Fay [mailto:[EMAIL PROTECTED] Enviado el: Viernes, 11 de Julio de 2008 11:05 a.m. Para: Maven Users List Asunto: Re: A Maven plugin for obfuscation What exactly do you want to obfuscate? There are various security tools that work on Java classes and jars available and at least one or two have been mentioned on this list recently. Wayne On 7/11/08, Néstor Boscán [EMAIL PROTECTED] wrote: Hi Has anybody worked with a Maven plugin for obfuscation? Regads, Néstor Boscán - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
A Maven plugin for obfuscation
Hi Has anybody worked with a Maven plugin for obfuscation? Regads, Néstor Boscán
Re: A Maven plugin for obfuscation
What exactly do you want to obfuscate? There are various security tools that work on Java classes and jars available and at least one or two have been mentioned on this list recently. Wayne On 7/11/08, Néstor Boscán [EMAIL PROTECTED] wrote: Hi Has anybody worked with a Maven plugin for obfuscation? Regads, Néstor Boscán
Re: A Maven plugin for obfuscation
Néstor Boscán wrote: Hi Has anybody worked with a Maven plugin for obfuscation? You might want to look at the proguard-maven-plugin [0] and search for the archives of this list for threads relating to it ... -dirk [0] http://pyx4me.com/pyx4me-maven-plugins/proguard-maven-plugin/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: obfuscation
Have a look at the antrun plugin [1] [1] http://maven.apache.org/plugins/maven-antrun-plugin/ On Nov 29, 2007 10:29 AM, Richard Chamberlain [EMAIL PROTECTED] wrote: Hi all, I've got a requirement to obfuscate the java code we produce. Currently we use yguard with ant, there doesn't seem to be a maven plugin for it :-( Does anyone use yguard with maven? So I was looking for a maven-friendly obfuscator. Does anyone use any good ones? Cheers, Rich Richard Chamberlain Software Engineer | Caplin Systems Ltd Office: +44 (0)20 7826 9639 Mobile: +44 (0)77 2068 6064 www.caplin.com http://www.caplin.com/ Registered in England and Wales No. 02823818 Registered Office: Triton Court, Finsbury Square, London EC2A 1BR This message contains information which may be confidential or privileged. Unless you are the addressee, you may not use, copy or disclose to anyone the message or any information contained in the message. This message does not contain information which can be relied upon by any party unless expressly specified. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: obfuscation
We use JavaGuard with the following in the pom.xml You could probably adapt it to your config plugin groupIdorg.codehaus.mojo/groupId artifactIdexec-maven-plugin/artifactId executions execution phasepackage/phase goals goaljava/goal /goals /execution /executions configuration mainClassJavaGuard/mainClass executablejava/executable includeProjectDependenciesfalse/includeProjectDependencies includePluginDependenciestrue/includePluginDependencies arguments argument-i/argument argument${project.build.directory}/${project.build.finalName}.jar/argument argument-o/argument argument${project.build.directory}/${project.build.finalName}-obfuscated.jar/argument argument-s/argument argument${basedir}/src/main/obfuscate/config.properties/argument /arguments /configuration dependencies dependency groupIdoro/groupId artifactIdoro/artifactId version2.0.6/version typejar/type /dependency dependency groupIdnet.sf.javaguard/groupId artifactIdjavaguard/artifactId version1.0beta4/version typejar/type /dependency /dependencies /plugin plugin groupIdorg.codehaus.mojo/groupId artifactIdbuild-helper-maven-plugin/artifactId executions execution phasepackage/phase goals goalattach-artifact/goal /goals configuration artifacts artifact file${project.build.directory}/${project.build.finalName}-obfuscated.jar/file classifierobfuscated/classifier typejar/type /artifact /artifacts /configuration /execution /executions /plugin On Nov 29, 2007 10:31 AM, ben short [EMAIL PROTECTED] wrote: Have a look at the antrun plugin [1] [1] http://maven.apache.org/plugins/maven-antrun-plugin/ On Nov 29, 2007 10:29 AM, Richard Chamberlain [EMAIL PROTECTED] wrote: Hi all, I've got a requirement to obfuscate the java code we produce. Currently we use yguard with ant, there doesn't seem to be a maven plugin for it :-( Does anyone use yguard with maven? So I was looking for a maven-friendly obfuscator. Does anyone use any good ones? Cheers, Rich Richard Chamberlain Software Engineer | Caplin Systems Ltd Office: +44 (0)20 7826 9639 Mobile: +44 (0)77 2068 6064 www.caplin.com http://www.caplin.com/ Registered in England and Wales No. 02823818 Registered Office: Triton Court, Finsbury Square, London EC2A 1BR This message contains information which may be confidential or privileged. Unless you are the addressee, you may not use, copy or disclose to anyone the message or any information contained in the message. This message does not contain information which can be relied upon by any party unless expressly specified. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: obfuscation
Thanks Ben and Steve! -Original Message- From: Stephen Connolly [mailto:[EMAIL PROTECTED] Sent: 29 November 2007 11:08 To: Maven Users List Subject: Re: obfuscation We use JavaGuard with the following in the pom.xml You could probably adapt it to your config plugin groupIdorg.codehaus.mojo/groupId artifactIdexec-maven-plugin/artifactId executions execution phasepackage/phase goals goaljava/goal /goals /execution /executions configuration mainClassJavaGuard/mainClass executablejava/executable includeProjectDependenciesfalse/includeProjectDependencies includePluginDependenciestrue/includePluginDependencies arguments argument-i/argument argument${project.build.directory}/${project.build.finalName}.jar/arg ument argument-o/argument argument${project.build.directory}/${project.build.finalName}-obfuscat ed.jar/argument argument-s/argument argument${basedir}/src/main/obfuscate/config.properties/argument /arguments /configuration dependencies dependency groupIdoro/groupId artifactIdoro/artifactId version2.0.6/version typejar/type /dependency dependency groupIdnet.sf.javaguard/groupId artifactIdjavaguard/artifactId version1.0beta4/version typejar/type /dependency /dependencies /plugin plugin groupIdorg.codehaus.mojo/groupId artifactIdbuild-helper-maven-plugin/artifactId executions execution phasepackage/phase goals goalattach-artifact/goal /goals configuration artifacts artifact file${project.build.directory}/${project.build.finalName}-obfuscated.j ar/file classifierobfuscated/classifier typejar/type /artifact /artifacts /configuration /execution /executions /plugin On Nov 29, 2007 10:31 AM, ben short [EMAIL PROTECTED] wrote: Have a look at the antrun plugin [1] [1] http://maven.apache.org/plugins/maven-antrun-plugin/ On Nov 29, 2007 10:29 AM, Richard Chamberlain [EMAIL PROTECTED] wrote: Hi all, I've got a requirement to obfuscate the java code we produce. Currently we use yguard with ant, there doesn't seem to be a maven plugin for it :-( Does anyone use yguard with maven? So I was looking for a maven-friendly obfuscator. Does anyone use any good ones? Cheers, Rich Richard Chamberlain Software Engineer | Caplin Systems Ltd Office: +44 (0)20 7826 9639 Mobile: +44 (0)77 2068 6064 www.caplin.com http://www.caplin.com/ Registered in England and Wales No. 02823818 Registered Office: Triton Court, Finsbury Square, London EC2A 1BR This message contains information which may be confidential or privileged. Unless you are the addressee, you may not use, copy or disclose to anyone the message or any information contained in the message. This message does not contain information which can be relied upon by any party unless expressly specified. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
code obfuscation plugin?
Hi, I would like to obfuscate my java code after compiling. Is there any Maven plugin available that does this? Thanks, Kapil