gulp-jscrambler
Advanced tools
Obfuscate your source files using the Jscrambler Code Integrity API.
Jscrambler Code Integrity is a JavaScript protection technology for Web and Mobile Applications. Its main purpose is to enable JavaScript applications to become self-defensive and resilient to tampering and reverse engineering.
If you're looking to gain control over third-party tags and achieve PCI DSS compliance please refer to Jscrambler Webpage Integrity.
Add obfuscation to your build process with gulp and gulp-jscrambler.
The version's compatibility table match your Jscrambler Version with the Jscrambler Gulp Client. Please make sure you install the right version, otherwise some functionalities might not work properly.
| Jscrambler Version | Client and Integrations |
|---|---|
| <= 7.1 | <= 5.x.x |
| >= 7.2 | >= 6.0.0 |
Install with npm.
npm install -D gulp-jscrambler
Option -D will make sure it is installed as a devDependency.
In order to start using gulp-jscrambler you will need to add a new task to your project gulpfile.js. This task will be responsible for protecting your application with Jscrambler.
Here's an example of how Jscrambler task should look like:
const gulp = require('gulp');
const jscrambler = require('gulp-jscrambler');
function enable(filesSrc) {
if (filesSrc.length === 0) {
return false;
}
return true;
}
gulp.task('default', function (done) {
gulp
.src('app/**/*.js')
.pipe(jscrambler({
keys: {
accessKey: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
secretKey: 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX'
},
applicationId: 'XXXXXXXXXXXX',
enable,
params: [
{
name: 'whitespaceRemoval'
},
{
name: 'stringSplitting'
}
]
}))
.pipe(gulp.dest('dist/'))
.on('end', done);
});
You will need your credentials and Application ID in order to protect your application.
Navigate to your Settings page and grab your accessKey and secretKey at the API Credentials section.
Your applicationId can be found inside your application page just below your application name. Click the copy to clipboard icon to copy the applicationId.
You can also grab your current configuration on your application page. This will download a .json file containing a valid configuration with your currently selected options.
Keep in mind that the params object is optional and if it is not provided we will use your previous configuration.
The enable object is an optional function (returns true by default) that will allow to manipulate the files sources and decide if you want to protect them (returning true) or skip (returning false). The example provided before is a use case that will skip the Jscrambler protection when there isn't any files on source.
You can find some working examples here.
FAQs
Obfuscate your source files using the Jscrambler Code Integrity API.
The npm package gulp-jscrambler receives a total of 1,389 weekly downloads. As such, gulp-jscrambler popularity was classified as popular.
We found that gulp-jscrambler demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 11 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Socket uncovered npm malware campaign mimicking popular Node.js libraries and packages from other ecosystems; packages steal data and execute remote code.
Research
Socket's research uncovers three dangerous Go modules that contain obfuscated disk-wiping malware, threatening complete data loss.
Research
Socket uncovers malicious packages on PyPI using Gmail's SMTP protocol for command and control (C2) to exfiltrate data and execute commands.