I am trying to using PDF Library ITextSharp, in my project. ITextSharp has so many features, i am not using even 5% of it. I am just wondering, why i should ship the complete dll file, when i use only 5% of it.
Is there any way to statically link the library to my project and remove all unused methods,features from the library ?
Disclaimer: I work for the company whose product I'm going to mention. I do know that other tools can do this as well but I only have direct experience with this one.
It is not necessary to modify any of the ITextSharp source or to perform your own custom build. It is possible to achieve all that you need with just the assemblies in your bin directory.
You can use Dotfuscator (the Removal option) to perform static analysis of the entirety of your application and output an assembly that only contains code that is actually used in your app. In addition you can use the Linking feature to link the DLL into your exe so that you are only shipping one file to the customer. This can result in a significantly smaller application footprint. You can take advantage of all of this functionality even if you choose not to use the obfuscation features that make you application harder to crack and reverse engineer.
Dotfuscator can be added into your build process in a number of ways, we integrate directly into Visual Studio (versions 2002 through 2010) so that you can just build your solution, there is also an MSBuild task for using on a Team Build server (if you choose not to have the build server build your solution), as well as a command line version for any other build system.
Dotfuscator will work on any .NET assembly type from including Silverlight assemblies.
These features are only available in the Pro version of Dotfuscator, if you contact PreEmptive Solutions we can set you up with a free, time limited evaluation so you can see how the product works for you.
If you just want to perform linking of assemblies there is also the ILMerge utility from Microsoft Research that will link multiple .NET assemblies into a single assembly.
There is no benefit of static linking with .NET dlls.
Its not easy to judge that you are using only 5% of the library, library may be using so much of internal code inside it to do lots of small small things that may not be seen by naked eye.
However iTextSharp is open source, you can create striped down version of iTextSharp to ship with your project.
By the way iTextSharp is smaller quite compared to earlier dlls required on non .net days.
Without modifying the source code and building your own .dll, no there is no way to not ship the entire thing. Additionally, if you wanted to head the route of creating your own modified .dll, please be aware of any possible licensing issues involved (I don't know if there are any, but it's certainly something you should be aware of). And finally, I would add, I don't know how big the iTextSharp .dll is, but really ask yourself if however much space it takes up actually matters.
If you want to reduce the size you have two options an obfuscator or an assembly compressor.
I haven't used any obfuscator for .Net just for Java so I can't recommend you any but they do what you pretend: remove unused methods and classes.
Or you can create a single compressed executable with all the needed assemblies that is auto decompressed when started like the popular Aspack and UPX do for windows executables http://en.wikipedia.org/wiki/Executable_compression . I have tried .NetZ and was happy with the results.
In this type of situation, your best bet is the site where you downloaded the code.
In many cases they use conditional compilation to include/exclude certain pieces. If the code isn't written with conditional compilation in mind, it will be "difficult" to do it yourself.
I personally would not recompile the source, unless there is a bug that needs to be fixed and you cannot wait for a new release. The time spent on the changes is time lost on your main project (the one you're getting paid for).
Related
I have an .exe which is a portable program. It is assembled with Microsoft Visual C# / Basic .NET
I managed to find out that in order OllyDBG to be able to open it, it should be running and also JIT compiler producing some code. I am a beginner and not at all understand the full process. When it's running, it doesn't create any other files near it ( though when laucnhing the installable version it creates a temporary .dat file aside it). But the portable version is the same size so I am working with it.
While it is running, anyway the debugger can't open it ( nor the installed version )... So my question is - what am I missing in order to make it readable. I just need to make a small change in the .exe but I cannot get into it. Please help me with few more details to make it happen.
If it really is a managed application built with a .NET compiler, then the assembly program is actually composed of IL code, which can more or less be reverted back into source code for you to modify. In order to do this, you can use a tool such as ILSpy or .NET Reflector.
There is a possibility that the assembly may have some kind of obfuscation to discourage decompilation, and in that case, you will need either look to the developer of the software for permission, or to a specialized deobfuscation program like de4dot.
Keep in mind, the terms of service of the application may forbid you from modifying the assembly, but this isn't a legal advice forum.
I've got a .net windows service application that calls out to a bunch of other dlls of our own creation. However, all of these dlls were created for x86, and we've since moved on to Any CPU (on x64 environments). Sadly, thanks to .NET's delayed loading functionality, many of these dlls are not loaded unless we exercise some rare and somewhat complicated code paths. The net result? We get incorrect format exceptions days or weeks after deploying code.
I want to know if there's a way to force .NET to fully load all assemblies that it directly references so that I can see such incompatibilities without manually poring through the dozens of projects from which these dependent dlls were created, or worse, doing full regression tests to force all of the assemblies to be loaded.
Addendum: Even if there's an easier way to resolve my specific x86-dlls-in-a-x64-environment issue, I'm still interested in seeing if there's a way to force the environment to load all of its dependencies. You never know when it'll come in handy! :)
EDIT: These are all managed DLLS, and I actually have used reflection to triage the issue in production. However, in a development environment, it suffers from the same problem the other options have: manually traversing all of the DLLs in one way or another.
One way is to statically link the libraries using ILMerge to merge them into the executable itself. otherwise the whole point of DLLs is that they are not evaluated until they are used in code.
see The .NET equivalent of static libraries?
of course you could just run a diagnostic sequence on app load that touches some aspect of all your dlls, so at least you know on load what is there and what won't work.
We are developing a large software project which consists of a large number of projects, components and libraries. Our management has decided that for every deployment a snapshot of the entire system has to be saved so when a problem arises we can easily have the exact version of the entire system. The usual solution would be to branch the project after each deployment. And by the way, we are using VS2008, C# and SVN. But this is not practical beacase of the large number of sub-projects and libraries which also have their versions and are modified.
One answer to this problem is to have backwards compatibility and always fix problems on the trunk version, but in our case it would not be possible to test the changes of the system ( the software is an ITS system and once a system is deployed we can't do any more intergration testing).
And to make matters worse, out deploments are modular, so each time a different combinations of components is deployes and there is also the localization.
How are you resolving these kinds of problems? Are there any tools that can help?
You could use a dependency management system like ivy - this essentially keeps a record of every version of every dll you are using.
As a (very) brief overview, when you do a build (using nant, for example), you can hook in ivy to resolve all of the dependencies, getting the specific versions of dlls that you need. As the ivy config will be in svn, if you get out an older revision of your code, you also get out an older version of the ivy config.
I used to work on such project.
We used to branch each release candidates and report bugfixes applied to the RC branch onto the trunk. That was not really handy, but we could not find a decent alternative until we decided to split the projet into a lot of small and cute projects managed by a maven-like system.
Maybe using some continuous integration management tool associated to strong testing routines could help, too.
we have a number of c# projects that all depend on a common DLL (also c#). this DLL changes somewhat frequency as we're in an environment where we need to be able to build and deploy updated code frequently. the problem with this is, if one of these updates requires a change to the common DLL, we end up with several client apps that all have slightly different versions of the DLL.
we're trying to figure out how to improve this setup, so we can guarantee that anyone can check out a project (we use SVN) and be able to build it without issue. it seems like tagging each and every DLL change to a new version is excessive, but I'm not sure what the "right" solution is (or at least something elegant).
it would be ideal if any solution allowed a developer to be able to step into the DLL code from visual studio, which only seems to be possible if you have the project itself on your machine (might be wrong there).
Frankly, I think versioning your DLL in source control is the RIGHT solution.
It's very possible that a quickly changing core DLL could cause binary and source compatibility in a client project. By versioning, you can prevent each project from using the new DLL until you're ready to migrate.
This provides a level of safety - you know you won't break a client's project because somebody else changed something underneath you, but it's very easy to upgrade at any time to the new version.
Versioning in SVN is trivial - so I wouldn't let this be an issue. It's also safer from a business perspective, since you have a very clear "paper trail" of what version was used with a given deliverable of a client project, which has many benefits in terms of billing, tracking, testability, etc.
There's no easy solution - and the previous two answers are possibly the more accepted method of achieving what you want. If you had a CI environment, and were able to roll out all of your apps on-demand from a store that was built via CI, then you could avoid this problem. That can be lofty ambition, though, if there are old apps in there not governed by tests etc.
If your application is .Net 3.5 (might even need the SP1 too) then did you know that assemblies that are loaded from the network now no longer have any trust restrictions? This means that you could configure an assembly path on the machines in question to point to a shared, highly available, network location - and have all of your apps locate the assembly from there.
An alternative to this, but which would achieve the same goal, would be to build a component that hooks into the AppDomain.CurrentDomain.AssemblyResolve event - which is fired whenever the runtime can't auto-discover an assembly - and do a manual search in that network location for the dll in question (if you were to take the AssemblyName portion of the Full Name, append .dll to it, then you'd be reproducing the same search that the .Net Fusion binder performs anyway).
Just a thought ;)
I think you could benefit from setting up a continuous integration server with targets for each of the client projects and the common DLL project.
This way you'll immediately know when changes in the common DLL breaks any of the client projects. It could reduce the trouble of updating client projects when common DLL's interface changes. This solution might be inadequate if you development team is distributed and very large.
I wouldn't say there is a RIGHT solution though. There are many ways to manage dependency problems.
You could also have a look at Maven. It will help you set up project dependencies. Not sure how you can integrate Maven into Visual Studio though. Maven will allow you to specify which version of a project (in SVN) you want to depend on. Developers will then be able to checkout the correct project version and build their projects. Maven will checkout the correct version of the dependent projects from SVN for them. I haven't work with it myself, but a lot of open source projects in the Java community uses it.
How can I convert my C# code to DLL file in a way that the user of DLL can’t view my source code?
When I make DLL in the way I always do by making a class library project, importing my classes and compiling it, the source code can still be viewed.
I believe you are looking for an obfuscator. This is a tool that will take a compiled DLL and rewrite the code with the intent of it not being meaningfully decompiled by another user. Visual Studio comes with a free Dotfuscator
Note, this will not actually prevent people from looking at your code. They will instead be looking at a very weird translation of your code. There is no way to prevent people from looking at decompiled versions of your code in C# or any other .Net language for that matter.
This is not something that is unique to C#. It is fact a flaw of every language in existence. It's perfectly possible to decompile C code. The difference though is it's much easier to maintain a lot of the original code structure when decompiling managed languages (.Net and Java for instance) because the metadata maintains the original structure.
obfuscation is what you want to search for.
There is a free one (that is limited) in visual studio called Dotfuscator.
Uses fancy methods to rename your code and alter flowpaths to obscure it.
Consider using an obfuscator.
If you are developing desktop applications converting your code to Dll will not hide the it( there are many tools to decompile the dll or exe files).
but if you are using Asp.Net, then you can compile your site to Dll, and the code will not be visible in the aspx pages, it will be compiled to Dll, you can do that by right click on your project on solution explorer, then choose Publish website
But in all cases .Net Exe files and DLL will be easy to decompile and extract the source code again, unless you use tool to obfuscator your code.
If you mean, the end-user can view your source code by decompiling it, you can protect yourself using an obfuscator.
There is standard obfuscator build in into Visual Studio. In the menu choose Tools / Dotfuscator community edition.
I think my reply to a similar question about JavaScript obfuscation applies here as well: in short, why bother? Your question has already been answered here ("use an obfuscator"), but I thought it wouldn't hurt to find out what your motivations are. Generally, code that you give to people is "in the hands of the enemy" -- if somebody wants to use it/figure out how it works badly enough, they will.