🚀 Feature Request: Auto-internalize Embedded Modules in Fat AAR

[ghasemdev]

When embedding modules using the fat-aar plugin, currently all public and internal declarations from the embedded modules are exposed as-is in the final AAR. This leads to unintended access to APIs that are not meant to be used externally.

Requested Feature:
Please add support for automatically internalizing or hiding all classes, methods, and resources from embedded modules when merging them into a fat AAR. Ideally, the plugin should treat embedded modules as implementation detail and prevent them from being visible outside the resulting AAR.

Use Case:
We often structure our code into modular components like:

:app
:core
:internal-feature (should be hidden)

Then we use:

embed(project(":internal-feature"))

But after building the fat AAR, the public and internal APIs of :internal-feature are still accessible to consumers of the AAR. This causes:

• Accidental usage of unstable/internal APIs
• Security and maintenance issues
• Violation of architectural boundaries

Expected Behavior:

• All public/internal classes from embedded modules should be "hidden" or transformed in a way that prevents their usage outside the AAR
• Possibly an option like:

embed(project(":internal-feature")) {
    hideApis = true // or internalize = true
}

Or even better: make this the default behavior unless explicitly overridden.

Why This Matters:
It enables proper encapsulation and makes fat AARs more production-ready and modular, especially for libraries that rely on clean separation between public and internal APIs.

Workarounds Tried:

• Obfuscation with R8 (not always safe or predictable)
• Rewriting access modifiers (cumbersome and error-prone)
• Custom packaging rules

Would love to see this handled natively by the plugin.

Thanks a lot for the great work!