Firebase In-App Messaging leaks Guava to the compile classpath.

[R4md4c]

• Android Studio version: 3.2.1
• Firebase Component: firebase-inappmessaging
• Component version: 17.0.4

When using implement with the In-App Messaging library, Guava v20.0 is leaked to the APK through the io.grpc dependency group. This causes other annotation processors like Dagger 2 to generate code that uses Guava Collections like ImmutableMap since it detected it, instead of using their internal collections.

Steps to reproduce:

Just include as a dependency

implementation com.google.firebase:firebase-inappmessaging-display:17.0.4

Relevant Code:

The relevant output from ./gradlew :app:dependencies under the flavorReleaseCompileClasspath

+--- com.google.firebase:firebase-inappmessaging-display:17.0.4
|    +--- com.android.support:appcompat-v7:27.1.1 -> 28.0.0 (*)
|    +--- com.android.support:customtabs:27.1.1 -> 28.0.0 (*)
|    +--- com.android.support.constraint:constraint-layout:1.1.2 -> 1.1.0 (*)
|    +--- com.google.auto.value:auto-value-annotations:1.6 -> 1.6.2
|    +--- com.google.dagger:dagger:2.13 -> 2.18 (*)
|    +--- com.google.dagger:dagger-android-support:2.13 -> 2.18 (*)
|    +--- com.google.firebase:firebase-common:16.0.4 (*)
|    +--- com.google.firebase:firebase-core:16.0.4
|    |    +--- com.google.firebase:firebase-analytics:16.0.4
|    |    |    +--- com.google.android.gms:play-services-basement:16.0.1 (*)
|    |    |    +--- com.google.android.gms:play-services-measurement-api:16.0.2
|    |    |    |    +--- com.google.android.gms:play-services-ads-identifier:16.0.0
|    |    |    |    |    \--- com.google.android.gms:play-services-basement:16.0.1 (*)
|    |    |    |    +--- com.google.android.gms:play-services-basement:16.0.1 (*)
|    |    |    |    +--- com.google.android.gms:play-services-measurement-base:16.0.3
|    |    |    |    +--- com.google.android.gms:play-services-stats:16.0.1 (*)
|    |    |    |    +--- com.google.android.gms:play-services-tasks:16.0.1 (*)
|    |    |    |    +--- com.google.firebase:firebase-analytics-impl:16.2.2
|    |    |    |    |    +--- com.google.android.gms:play-services-ads-identifier:16.0.0 (*)
|    |    |    |    |    +--- com.google.android.gms:play-services-basement:16.0.1 (*)
|    |    |    |    |    +--- com.google.android.gms:play-services-measurement-base:16.0.3
|    |    |    |    |    +--- com.google.android.gms:play-services-stats:16.0.1 (*)
|    |    |    |    |    +--- com.google.android.gms:play-services-tasks:16.0.1 (*)
|    |    |    |    |    +--- com.google.firebase:firebase-common:16.0.3 -> 16.0.4 (*)
|    |    |    |    |    \--- com.google.firebase:firebase-iid:17.0.3 -> 17.0.4 (*)
|    |    |    |    +--- com.google.firebase:firebase-common:16.0.3 -> 16.0.4 (*)
|    |    |    |    \--- com.google.firebase:firebase-iid:17.0.3 -> 17.0.4 (*)
|    |    |    +--- com.google.android.gms:play-services-measurement-base:16.0.3
|    |    |    +--- com.google.android.gms:play-services-stats:16.0.1 (*)
|    |    |    +--- com.google.firebase:firebase-analytics-impl:16.2.2 (*)
|    |    |    \--- com.google.firebase:firebase-common:16.0.3 -> 16.0.4 (*)
|    |    \--- com.google.firebase:firebase-measurement-connector-impl:17.0.2
|    |         +--- com.google.android.gms:play-services-basement:16.0.1 (*)
|    |         +--- com.google.android.gms:play-services-measurement-api:16.0.2 (*)
|    |         +--- com.google.android.gms:play-services-measurement-base:16.0.3
|    |         +--- com.google.firebase:firebase-analytics:16.0.4 (*)
|    |         +--- com.google.firebase:firebase-analytics-impl:16.2.2 (*)
|    |         +--- com.google.firebase:firebase-common:16.0.3 -> 16.0.4 (*)
|    |         \--- com.google.firebase:firebase-measurement-connector:17.0.1 (*)
|    +--- com.google.firebase:firebase-inappmessaging:17.0.4
|    |    +--- com.google.android.gms:play-services-clearcut:16.0.0
|    |    |    +--- com.google.android.gms:play-services-base:16.0.1 (*)
|    |    |    +--- com.google.android.gms:play-services-basement:16.0.1 (*)
|    |    |    +--- com.google.android.gms:play-services-phenotype:16.0.0
|    |    |    |    +--- com.google.android.gms:play-services-base:16.0.1 (*)
|    |    |    |    +--- com.google.android.gms:play-services-basement:16.0.1 (*)
|    |    |    |    \--- com.google.android.gms:play-services-tasks:16.0.1 (*)
|    |    |    \--- com.google.android.gms:play-services-tasks:16.0.1 (*)
|    |    +--- com.google.auto.value:auto-value-annotations:1.6 -> 1.6.2
|    |    +--- com.google.dagger:dagger:2.13 -> 2.18 (*)
|    |    +--- com.google.firebase:firebase-common:16.0.4 (*)
|    |    +--- com.google.firebase:firebase-iid:17.0.3 -> 17.0.4 (*)
|    |    +--- com.google.firebase:firebase-measurement-connector:17.0.0 -> 17.0.1 (*)
|    |    +--- com.google.firebase:protolite-well-known-types:16.0.1
|    |    |    \--- com.google.protobuf:protobuf-lite:3.0.1
|    |    +--- com.squareup.okhttp:okhttp:2.7.5
|    |    |    \--- com.squareup.okio:okio:1.6.0 -> 1.15.0
|    |    +--- io.grpc:grpc-okhttp:1.12.0
|    |    |    +--- io.grpc:grpc-core:[1.12.0] -> 1.12.0
|    |    |    |    +--- io.grpc:grpc-context:1.12.0
|    |    |    |    +--- com.google.code.gson:gson:2.7 -> 2.8.0
|    |    |    |    +--- com.google.guava:guava:20.0
|    |    |    |    +--- com.google.errorprone:error_prone_annotations:2.1.2
|    |    |    |    +--- com.google.code.findbugs:jsr305:3.0.0 -> 3.0.1
|    |    |    |    +--- io.opencensus:opencensus-api:0.11.0
|    |    |    |    \--- io.opencensus:opencensus-contrib-grpc-metrics:0.11.0
|    |    |    |         \--- io.opencensus:opencensus-api:0.11.0
|    |    |    +--- com.squareup.okhttp:okhttp:2.5.0 -> 2.7.5 (*)
|    |    |    \--- com.squareup.okio:okio:1.13.0 -> 1.15.0
|    |    +--- io.grpc:grpc-protobuf-lite:1.12.0
|    |    |    +--- io.grpc:grpc-core:1.12.0 (*)
|    |    |    +--- com.google.protobuf:protobuf-lite:3.0.1
|    |    |    \--- com.google.guava:guava:20.0
|    |    +--- io.grpc:grpc-stub:1.12.0
|    |    |    \--- io.grpc:grpc-core:1.12.0 (*)
|    |    +--- io.reactivex.rxjava2:rxandroid:2.0.2 -> 2.1.0 (*)
|    |    \--- io.reactivex.rxjava2:rxjava:2.1.14 -> 2.2.2 (*)
|    +--- com.squareup.okhttp:okhttp:2.7.5 (*)
|    \--- com.squareup.picasso:picasso:2.5.2

I tried putting exclude module: 'guava' then it crashes at the start up with

    java.lang.NoClassDefFoundError: Failed resolution of: Lcom/google/common/base/Preconditions;
        at io.grpc.Metadata$Key.<init>(Metadata.java:635)
        at io.grpc.Metadata$Key.<init>(Metadata.java:566)
        at io.grpc.Metadata$AsciiKey.<init>(Metadata.java:740)
        at io.grpc.Metadata$AsciiKey.<init>(Metadata.java:735)
        at io.grpc.Metadata$Key.of(Metadata.java:592)
        at io.grpc.Metadata$Key.of(Metadata.java:588)
        at io.grpc.internal.GrpcUtil.<clinit>(GrpcUtil.java:83)
        at io.grpc.internal.AbstractManagedChannelImplBuilder.<clinit>(AbstractManagedChannelImplBuilder.java:81)
        at io.grpc.okhttp.OkHttpChannelBuilder.forTarget(OkHttpChannelBuilder.java:137)
        at io.grpc.okhttp.OkHttpChannelProvider.builderForTarget(OkHttpChannelProvider.java:48)
        at io.grpc.okhttp.OkHttpChannelProvider.builderForTarget(OkHttpChannelProvider.java:27)
        at io.grpc.ManagedChannelBuilder.forTarget(ManagedChannelBuilder.java:70)
        at com.google.firebase.inappmessaging.internal.injection.modules.GrpcChannelModule.providesGrpcChannel(com.google.firebase:firebase-inappmessaging@@17.0.4:41)
        at com.google.firebase.inappmessaging.internal.injection.modules.GrpcChannelModule_ProvidesGrpcChannelFactory.get(com.google.firebase:firebase-inappmessaging@@17.0.4:27)
        at com.google.firebase.inappmessaging.internal.injection.modules.GrpcChannelModule_ProvidesGrpcChannelFactory.get(com.google.firebase:firebase-inappmessaging@@17.0.4:9)
        at dagger.internal.DoubleCheck.get(DoubleCheck.java:47)
        at com.google.firebase.inappmessaging.internal.injection.components.DaggerUniversalComponent.gRPCChannel(com.google.firebase:firebase-inappmessaging@@17.0.4:211)
        at com.google.firebase.inappmessaging.internal.injection.components.DaggerAppComponent$com_google_firebase_inappmessaging_internal_injection_components_UniversalComponent_gRPCChannel.get(com.google.firebase:firebase-inappmessaging@@17.0.4:388)
        at com.google.firebase.inappmessaging.internal.injection.components.DaggerAppComponent$com_google_firebase_inappmessaging_internal_injection_components_UniversalComponent_gRPCChannel.get(com.google.firebase:firebase-inappmessaging@@17.0.4:375)
        at com.google.firebase.inappmessaging.internal.injection.modules.GrpcClientModule_ProvidesInAppMessagingSdkServingStubFactory.get(com.google.firebase:firebase-inappmessaging@@17.0.4:35)
        at com.google.firebase.inappmessaging.internal.injection.modules.GrpcClientModule_ProvidesInAppMessagingSdkServingStubFactory.get(com.google.firebase:firebase-inappmessaging@@17.0.4:11)
        at dagger.internal.DoubleCheck.get(DoubleCheck.java:47)
        at com.google.firebase.inappmessaging.internal.GrpcClient_Factory.get(com.google.firebase:firebase-inappmessaging@@17.0.4:23)
        at com.google.firebase.inappmessaging.internal.GrpcClient_Factory.get(com.google.firebase:firebase-inappmessaging@@17.0.4:8)
        at dagger.internal.DoubleCheck.get(DoubleCheck.java:47)
        at com.google.firebase.inappmessaging.internal.injection.modules.ApiClientModule_ProvidesApiClientFactory.get(com.google.firebase:firebase-inappmessaging@@17.0.4:40)
        at com.google.firebase.inappmessaging.internal.injection.modules.ApiClientModule_ProvidesApiClientFactory.get(com.google.firebase:firebase-inappmessaging@@17.0.4:12)
        at dagger.internal.DoubleCheck.get(DoubleCheck.java:47)
        at com.google.firebase.inappmessaging.internal.InAppMessageStreamManager_Factory.get(com.google.firebase:firebase-inappmessaging@@17.0.4:64)
        at com.google.firebase.inappmessaging.internal.InAppMessageStreamManager_Factory.get(com.google.firebase:firebase-inappmessaging@@17.0.4:10)
        at dagger.internal.DoubleCheck.get(DoubleCheck.java:47)
        at com.google.firebase.inappmessaging.FirebaseInAppMessaging_Factory.get(com.google.firebase:firebase-inappmessaging@@17.0.4:33)
        at com.google.firebase.inappmessaging.FirebaseInAppMessaging_Factory.get(com.google.firebase:firebase-inappmessaging@@17.0.4:10)
        at dagger.internal.DoubleCheck.get(DoubleCheck.java:47)
  at com.google.firebase.inappmessaging.internal.injection.components.DaggerAppComponent.providesFirebaseInAppMessaging(com.google.firebase:firebase-inappmessaging@@17.0.4:244)
        at com.google.firebase.inappmessaging.FirebaseInAppMessagingRegistrar.providesFirebaseInAppMessaging(com.google.firebase:firebase-inappmessaging@@17.0.4:87)
        at com.google.firebase.inappmessaging.FirebaseInAppMessagingRegistrar.lambda$getComponents$0(com.google.firebase:firebase-inappmessaging@@17.0.4:56)
        at com.google.firebase.inappmessaging.FirebaseInAppMessagingRegistrar$$Lambda$1.create(Unknown Source:2)
        at com.google.firebase.components.Lazy.lambda$new$0(com.google.firebase:firebase-common@@16.0.4:43)
        at com.google.firebase.components.Lazy$$Lambda$1.get(Unknown Source:4)
        at com.google.firebase.components.Lazy.get(com.google.firebase:firebase-common@@16.0.4:54)
        at com.google.firebase.components.AbstractComponentContainer.get(com.google.firebase:firebase-common@@16.0.4:26)
        at com.google.firebase.components.ComponentRuntime.get(com.google.firebase:firebase-common@@16.0.4:34)
        at com.google.firebase.components.ComponentRuntime.initializeEagerComponents(com.google.firebase:firebase-common@@16.0.4:82)
        at com.google.firebase.FirebaseApp.initializeAllApis(com.google.firebase:firebase-common@@16.0.4:761)
        at com.google.firebase.FirebaseApp.initializeApp(com.google.firebase:firebase-common@@16.0.4:359)
        at com.google.firebase.FirebaseApp.initializeApp(com.google.firebase:firebase-common@@16.0.4:324)
        at com.google.firebase.FirebaseApp.initializeApp(com.google.firebase:firebase-common@@16.0.4:310)
        at com.google.firebase.provider.FirebaseInitProvider.onCreate(com.google.firebase:firebase-common@@16.0.4:53)
        at android.content.ContentProvider.attachInfo(ContentProvider.java:1917)
        at android.content.ContentProvider.attachInfo(ContentProvider.java:1892)
        at com.google.firebase.provider.FirebaseInitProvider.attachInfo(com.google.firebase:firebase-common@@16.0.4:47)
        at android.app.ActivityThread.installProvider(ActivityThread.java:6391)
        at android.app.ActivityThread.installContentProviders(ActivityThread.java:5938)
        at android.app.ActivityThread.handleBindApplication(ActivityThread.java:5853)
        at android.app.ActivityThread.access$1100(ActivityThread.java:199)
        at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1650)
        at android.os.Handler.dispatchMessage(Handler.java:106)
        at android.os.Looper.loop(Looper.java:193)
        at android.app.ActivityThread.main(ActivityThread.java:6669)
        at java.lang.reflect.Method.invoke(Native Method)
        at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493)
        at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:858)

[vkryachko]

Hi @R4md4c , thanks for filing this bug.

As far as I can tell this is the behavior of the Android Gradle Plugin which is not consistent with Gradle's java/java-library plugins. With the java plugins the compileClasspath indeed contains only the immediate dependencies of a module and transitive dependencies are excluded.

That said, I don't think we can do anything about it in firebase-inappmessaging to avoid this, and as you mentioned exclusions won't help you as you need guava at runtime(grpc needs it to function), but you don't want it on compile classpath. I'd suggest you file the bug upstream to the Android Gradle Plugin.

[vkryachko]

Closing this since this is not something we have control over, feel free to reopen if you think otherwise

[gxshao]

@R4md4c
Hey bro, i am experiencing the same issue as you met. So, so you resolved that problem or not? I added gRPC and dagger-compiler into my dependency tag. And the conflict shows up:

Error: Program type already present: com.google.common.xxxxx

I've tried exclude com.google.guava from gRPC or dagger-compiler, it also doesn't work.
anyway, the problem wasn't the version of the dependencies. i think somehow the build.gradle needed to rewrite it. Now i am really out of options. can you help me out? thanks a lot.