Android's Russian Doll Approach to Dependencies
One of the great things about Android is the ability to include pretty much any Java library (.jar) into a project and stand on the shoulders of open source giants.
What you may not know is that sometimes these libraries can have some hidden surprises. We found that out when we tried to remove a library dependency from one of our Android projects.
Our project used the xmpcore.jar file as a dependency. This restricted the portability of the app as it contained native-level method calls and Google Play basically told us that zero Android devices were supported still.
So we modified the code that required xmpcore (we weren’t actually using it) and removed xmpcore.jar from our project - or so we thought. But to our surprise this is what Google told us:
The xmlcore.jar library was still there?! Well this caused alot of bewilderment and head scratching - actually into the late hours (we had deadline!). Until I decided to take a closer look at another quite fat jar we were using metadata-extractor-2.6.3
The solution was to modify the sources of the metadata-extractor to remove any refs to xmpcore.jar classes, remove the embedded xmpcore.jar from the metadata-extrator and resubmit. And the lesson learnt was - always check what’s in your jars!