-
-
Notifications
You must be signed in to change notification settings - Fork 388
MSBuild Integration
ConfuserEx is also deployed as a nuget package that contains the integration into MSBuild.
The integration is available at the usual places:
- Nuget.org Gallery - The main releases and the release candidates are available here.
- AppVeyor Nuget Feed - This feed contains all builds, including every unstable and prerelease.
Using the integration works by simply adding the package to the C#- or VisualBasic project. Both SDK and legacy style projects are supported.
To control the integration, there are a couple of MSBuild properties that need to be set in the project to use the integration properly.
-
<Obfuscate>- This is the central property that controls if the obfuscation is active or not. This property needs to be set totrue, otherwise nothing will happen. -
<ConfuserReplaceOutput>- This property controls, if the obfuscated output is replacing the normal build output or if the obfuscated assemblies should be placed next to the original build result. Defaults tofalse. -
<ConfuserProject>- This property should reference the confuser project file that should be used as a template for the protection. This file is used to setup the protections that should be applied. This property defaults to the name of the project file with the extension replaced with.crproj. In the default case the file is expected to be located next to the project file.
Those are the most common properties. There are a few additional ones that are rarely required.
-
<ConfuserKeyFile>- This property allows to overwrite the name of the key file that should be used in case the build assembly is signed. This property defaults to theAssemblyOriginatorKeyFileproperty. This should be correct in most cases. -
<ConfuserIntermediateOutputPath>- Contains the path where ConfuserEx stores it's temporary files during the build process. This defaults to a "confused" directory inside the "obj" directory of the project. -
<ConfuserOutDir>- Contains the directory, where the protected build output should be placed. This property has no effect, in case<ConfuserReplaceOutput>is set totrue. The default value uses the "confused" directory inside the output directory (usually "bin") of the project. -
<ConfuserSymbolFileName>- Contains the name of the resulting symbols.map file that is copied to the output, if that file is present. It defaults to "symbols.map", unless<ConfuserReplaceOutput>is set totrue. In that case it will prefix the name with the assembly name to avoid collisions.
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net48</TargetFramework>
</PropertyGroup>
<PropertyGroup>
<Obfuscate>true</Obfuscate>
<!-- Default values. The following lines can be removed, unless they are changed. -->
<ConfuserReplaceOutput>false</ConfuserReplaceOutput>
<ConfuserProject>$(MSBuildProjectDirectory)\$(MSBuildProjectName).crproj</ConfuserProject>
<ConfuserKeyFile>$(AssemblyOriginatorKeyFile)</ConfuserKeyFile>
<ConfuserIntermediateOutputPath>$(IntermediateOutputPath)confused\</ConfuserIntermediateOutputPath>
<ConfuserOutDir>$(OutDir)confused\</ConfuserOutDir>
<ConfuserSymbolFileName>symbols.map</ConfuserSymbolFileName>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Confuser.MSBuild" Version="1.5.0">
<PrivateAssets>all</PrivateAssets>
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
</PackageReference>
</ItemGroup>
</Project>Replacing the output by the integration is handy in case the assembly should be packed into a nuget package for example, because the assembly will be obfuscated before the package is created. This means that the package contains the protected assembly.
Enabling this extension in general may cause issues, because the protected assemblies may cause problems for Visual Studio, in case they are the dependencies of other builds. It's recommended to only enable the obfuscation for the release builds that are deployed to the customers or used for testing.