Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
grunt-jscrambler
Advanced tools
Obfuscate your source files.
This plugin requires Grunt ~0.4.2
If you haven't used Grunt before, be sure to check out the Getting Started guide, as it explains how to create a Gruntfile as well as install and use Grunt plugins. Once you're familiar with that process, you may install this plugin with this command:
npm install grunt-jscrambler --save-dev
Once the plugin has been installed, it may be enabled inside your Gruntfile with this line of JavaScript:
grunt.loadNpmTasks('grunt-jscrambler');
In your project's Gruntfile, add a section named jscrambler
to the data object passed into grunt.initConfig()
.
grunt.initConfig({
jscrambler: {
main: {
options: {
keys: {
accessKey: '',
secretKey: ''
}
},
files: [
{src: ['foo.js', 'bar.js'], dest: 'output/'},
]
}
},
});
Type: String
A string value that is used to provide the jscrambler api with the access key.
Type: String
A string value that is used to sign requests to the jscrambler api.
The following options are passed to the jscrambler API. More information about them can be found at https://jscrambler.com/en/help/webapi/documentation
Type: String
name1;name2;...
- assert function names
Remove function definitions and function calls with a given name.
Type: String
%DEFAULT%
- enable constant folding
Simplifies constant expressions at compile-time to make your code faster at run-time.
Type: String
%DEFAULT%
- enable dead code
Randomly injects dead code into the source code.
Type: String
%DEFAULT%
- enable dead code elimination
Removes dead code and void code from your JavaScript.
Type: String
name1;name2;...
- debugging code names
Removes statements and public variable declarations used to control the output of debugging messages that help you debug your code.
Type: String
%DEFAULT%
- enable dictionary compression
Dictionary compression to shrink even more your source code.
Type: String
domain1;domain2;...
- your domains
Locks your project to a list of domains you specify.
Type: String
%DEFAULT%
- enable dot notation elimination
Transforms dot notation to subscript notation.
Type: String
name;name1;name2;...
- list of exceptions that will never be replaced or used to create new declarations
There are some names that should never be replaced or reused to create new declarations e.g. document, toUpperCase. Public declarations existing in more than one source file should not be replaced if you submit only a part of the project where they appear. Therefore a list of irreplaceable names and the logic to make distinction between public and local names already exists on JScrambler to avoid touching those names. Use this parameter to add your own exceptions.
Type: String
date
- date format YYYY/MM/DD
Sets your JavaScript to expire after a date of your choosing.
Type: String
%DEFAULT%
- enable function outlining
Turns statements into new function declarations.
Type: String
%DEFAULT%
- enable function reordering
Randomly reorders your source code's function declarations.
Type: String
filename;filename1
- List of files (relative paths) to be ignored
Define a list of files (relative paths) that JScrambler must ignore.
Type: String
min;max[;percentage]
- min and max predicates in ternary operator and percentage chance of replacement
Replaces literals by a randomly sized chain of ternary operators. You may configure the minimum and maximum number of predicates per literal, as the occurrence probability of the transformation. This allows you to control how big the obfuscated JavaScript grows and the potency of the transformation.
Type: String
%DEFAULT%
- enable literal duplicates
Replaces literal duplicates by a symbol.
Type: String
%DEFAULT%
- enable member enumeration
Replaces Browser and HTML DOM objects by a member enumeration.
Type: String
starter
- Standard protection and optimization behavior. Enough for most JavaScript applications
mobile
- Transformations are applied having into account the limitations and needs of mobile devices
html5
- Protects your HTML5 and Web Gaming applications by targeting the new HTML5 features
Type: String
Set a prefix to be appended to the new names generated by JScrambler.
Type: String
%DEFAULT%
- enable rename local
Renames local names only. The best way to replace names without worrying about name dependencies.
Type: String
occurrences[;concatenation]
occurrences - Percentage of occurrences. Accepted values between 0.01 and 1. concatenation - Percentage of concatenation occurrences. Accepted values between 0 and 1 (0 means chunks of a single character and 1 the whole string).
Type: String
%DEFAULT%
- enable whitespace
Shrink the size of your JavaScript removing unnecessary whitespaces and newlines from the source code.
Usage examples are given in the examples directory.
FAQs
Obfuscate your source files using the Jscrambler API.
The npm package grunt-jscrambler receives a total of 418 weekly downloads. As such, grunt-jscrambler popularity was classified as not popular.
We found that grunt-jscrambler demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.