basic-webpack-obfuscator
Advanced tools
Readme
A simple solution to "obfuscate" the strings in your Webpack scripts.
We hook Compilation.PROCESS_ASSETS_STAGE_DEV_TOOLING and modify files matching .js and .mjs.
Your strings are represented as a section of a dump of strings, each string being XORed with a key derived from the salt.
Chunks are wrapped in an IIFE with an arrow function. The first parameter is the function that deobfuscates strings.
You can refer to the below type definitions and examples or the source code for usage. Our TypeScript code is very verbose.
import BasicWebpackObfuscator from 'basic-webpack-obfuscator';
import type { Configuration } from 'webpack';
const webpackConfig: Configuration = {
// ...
optimization: {
// ...
plugins: [
// ...
new BasicWebpackObfuscator(),
// ...
],
// ...
plugins: [
// ...
new BasicWebpackObfuscator({
sourceMap: process.env.GENERATE_SOURCEMAP !== 'false',
salt: 777,
allowedExtensions: ['.js'],
}),
// ...
]
},
// ...
};
export interface Options {
/**
* If source maps should be produced.
*/
sourceMap?: boolean;
/**
* A salt that is used to derive the XOR keys.
*/
salt?: number;
/**
* Allowed file extensions, each starting with a period.
* @default ['.js', '.mjs']
*/
allowedExtensions?: string[];
}
export default class BasicWebpackObfuscator implements WebpackPluginInstance {
constructor(options?: Options);
apply(compiler: Compiler): void;
}
⚠️ This API is unstable and may change across minor releases.
You can use the obfuscator alone to obfuscate your code. We provide an export with type definitions.
You will have to "transfer" the source map yourself. We use multi-stage-sourcemap and have a type definition for it in the source directory.
import obfuscate from 'basic-webpack-obfuscator/obfuscate';
const { code } = obfuscate('console.log("Obfuscated.");');
console.log(code);
FAQs
Unknown package
The npm package basic-webpack-obfuscator receives a total of 0 weekly downloads. As such, basic-webpack-obfuscator popularity was classified as not popular.
We found that basic-webpack-obfuscator demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.
Security News
This episode of the Risky Biz podcast discusses how the rise of small open source packages and the shift towards individual maintainers makes the ecosystem more vulnerable to supply chain attacks.
Product
Streamline your login process and enhance security by enabling Single Sign-On (SSO) on the Socket platform, now available for all customers on the Enterprise plan, supporting 20+ identity providers.