nextjs-obfuscator
Advanced tools
The nextjs-obfuscator enables you to make your Next.js app difficult to be reverse-engineered, using javascript-obfuscator.
There are some useful notes:
You have to install javascript-obfuscator separately.
On npm:
npm i -D javascript-obfuscator nextjs-obfuscator
On yarn:
yarn add -D javascript-obfuscator nextjs-obfuscator
Wrap your configuration in your next.config.js to use this plugin, for example:
const withNextJsObfuscator = require("nextjs-obfuscator")(obfuscatorOptions, pluginOptions);
/** @type {import("next").NextConfig} */
const nextConfig = withNextJsObfuscator({
// ... your next.js configuration
});
module.exports = nextConfig;
Or if you use next.config.mjs:
import createNextJsObfuscator from "nextjs-obfuscator";
const withNextJsObfuscator = createNextJsObfuscator(obfuscatorOptions, pluginOptions);
/** @type {import("next").NextConfig} */
const nextConfig = withNextJsObfuscator({
// ... your next.js configuration
});
export default nextConfig;
require("nextjs-obfuscator")(obfuscatorOptions, pluginOptions)
obfuscatorOptionsType: Object (required)
This is the options of javascript-obfuscator, but there are some important notes:
disableConsoleOutput should be set to false and you can easily notice the error logging by React on console. If they are present, they indicate your app has been broken.pluginOptionsType: Object (optional)
More options for this plugin. All properties are optional.
{
enabled: boolean | "detect",
patterns: string[],
obfuscateFiles: Partial<{
buildManifest: boolean,
ssgManifest: boolean,
webpack: boolean,
additionalModules: string[],
}>,
log: boolean,
};
| Option | Type | Default Value | Description |
|---|---|---|---|
enabled | boolean | "detect" | "detect" | Indicates if the plugin is enabled or not. If "detect" specified, the plugin will be enabled only when building for production. |
patterns | string[] | ["./**/*.(js|jsx|ts|tsx)"] | Glob patterns to determine which files to be obfuscated. They must be relative paths from the directory where next.config.js is placed. |
obfuscateFiles | object | Additional files to be obfuscated. | |
obfuscateFiles.buildManifest | boolean | false | If set to true, the plugin will obfuscate _buildManifest.js |
obfuscateFiles.ssgManifest | boolean | false | If set to true, the plugin will obfuscate _ssgManifest.js |
obfuscateFiles.webpack | boolean | false | If set to true, the plugin will obfuscate webpack.js, which is an entry point. |
obfuscateFiles.additionalModules | string[] | [] | Names of additional external modules to be obfuscated. Convenient if you are using custom npm package, for instance. Use like ["module-a", "module-b", ...]. |
log | boolean | false | If set to true, the plugin will use console.log as logger. Otherwise, it uses webpack's standard logger. |
buildManifest, ssgManifest, webpack assets.Using this plugin can break your next.js app, so you have to check carefully your app works fine.
FAQs
javascript obfuscator plugin for next.js
The npm package nextjs-obfuscator receives a total of 4,248 weekly downloads. As such, nextjs-obfuscator popularity was classified as popular.
We found that nextjs-obfuscator demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CAI is a new open source AI framework that automates penetration testing tasks like scanning and exploitation up to 3,600× faster than humans.
Security News
Deno 2.4 brings back bundling, improves dependency updates and telemetry, and makes the runtime more practical for real-world JavaScript projects.
Security News
CVEForecast.org uses machine learning to project a record-breaking surge in vulnerability disclosures in 2025.