I know that the rule is that we should exclude (e.g. not obfuscate) libraries from ProGuard obfuscation if we want it to work properly. And this is where all tutorials stop.
Under the hood, what is the reason for this? Is it because it does not have the same package name as our project? I know this is mandatory, because I faced horror stories when I forgot excluding such libraries from ProGuard obfuscation.
Does this rule apply for our own library projects? They also have different package name, however while public project do not need to be obfuscated, our own libraries do have to be obfuscated.
Obviously, I have a whole in ProGuard knowledge and cannot make quality obfuscation plan because the questions I asked above do not give me clear and understandable answer.
Library projects can be obfuscated and minimized. There is no need to completely exclude libraries from obfuscation or minification.
Some libraries do require special rules to ensure they work properly, and the causes for that extend to your own libraries. The issues don't stem from the fact that they are libraries, the issues are related to what the libraries do.
GSON, for example requires you to add this line:
Their sample proguard file conveniently provides this explanation:
For similar reasons, you need to tell proguard to ignore your models that GSON will be serializing or deserializing. Since GSON works using reflection, you need to ensure that the member fields are not obfuscated, or GSON will have no idea what fields to look for.
While I seem to recall having issues with Facebook in the past, their documentation currently explicitly states that you do not need to do anything special with Proguad.