nextjs-obfuscator
Advanced tools
Readme
The nextjs-obfuscator enables you to make your Next.js app difficult to be reverse-engineered, using javascript-obfuscator.
There are some useful notes:
You have to install javascript-obfuscator separately.
On npm:
npm i -D javascript-obfuscator nextjs-obfuscator
On yarn:
yarn add -D javascript-obfuscator nextjs-obfuscator
Wrap your configuration in your next.config.js to use this plugin, for example:
const withNextJsObfuscator = require("nextjs-obfuscator")(obfuscatorOptions, pluginOptions);
/** @type {import('next').NextConfig} */
const nextConfig = withNextJsObfuscator({
// ... your next.js configuration
});
module.exports = nextConfig;
If you use some other plugins, we recommend applying this plugin later than any other ones because in most cases the obfuscation will change a large portion of the code.
require("nextjs-obfuscator")(obfuscatorOptions, pluginOptions)
obfuscatorOptionsType: Object (required)
This is the options of javascript-obfuscator, but there are some important notes:
disableConsoleOutput should be set to false and you can easily notice the error logging by React on console. If they are present, they indicate your app has been broken.pluginOptionsType: Object (optional)
More options for this plugin. All properties are optional.
{
enabled: boolean | "detect",
patterns: string[],
obfuscateFiles: Partial<{
buildManifest: boolean,
ssgManifest: boolean,
webpack: boolean,
additionalModules: string[],
}>,
log: boolean,
};
| Option | Type | Default Value | Description |
|---|---|---|---|
enabled | boolean | "detect" | "detect" | Indicates if the plugin is enabled or not. If "detect" specified, the plugin will be enabled only when building for production. |
patterns | string[] | ["./**/*.(js|jsx|ts|tsx)"] | Glob patterns to determine which files to be obfuscated. They must be relative paths from the directory where next.config.js is placed. |
obfuscateFiles | object | Additional files to be obfuscated. | |
obfuscateFiles.buildManifest | boolean | false | If set to true, the plugin will obfuscate _buildManifest.js |
obfuscateFiles.ssgManifest | boolean | false | If set to true, the plugin will obfuscate _ssgManifest.js |
obfuscateFiles.webpack | boolean | false | If set to true, the plugin will obfuscate webpack.js, which is an entry point. |
obfuscateFiles.additionalModules | string[] | [] | Names of additional external modules to be obfuscated. Convenient if you are using custom npm package, for instance. Use like ["module-a", "module-b", ...]. |
log | boolean | false | If set to true, the plugin will use console.log as logger. Otherwise, it uses webpack's standard logger. |
buildManifest, ssgManifest, webpack assets.Using this plugin can break your next.js app, so you have to check carefully your app works fine.
FAQs
javascript obfuscator plugin for next.js
The npm package nextjs-obfuscator receives a total of 586 weekly downloads. As such, nextjs-obfuscator popularity was classified as not popular.
We found that nextjs-obfuscator demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
The Socket Research team found this npm package includes code for collecting sensitive developer information, including your operating system username, Git username, and Git email.
Security News
OpenJS is warning of social engineering takeovers targeting open source projects after receiving a credible attempt on the foundation.
Company News
Come meet the Socket team at BSidesSF and RSA! We're sponsoring several fun networking events and we would love to see you there.