Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

vite-plugin-bundle-obfuscator

Package Overview
Dependencies
Maintainers
0
Versions
15
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

vite-plugin-bundle-obfuscator

JavaScript obfuscator plugin for Vite environments

  • 1.3.1
  • latest
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
885
increased by17.84%
Maintainers
0
Weekly downloads
 
Created
Source
vite-plugin-bundle-obfuscator logo

vite-plugin-bundle-obfuscator

JavaScript obfuscator plugin for Vite environments

awesome-vite

Changelog · Report Bug · Request Feature

English | 中文

⭐️ Features

  • ✅ ⚡ Supports JavaScript obfuscation in Vite projects.
  • ✅ 🚀 Multi-threading support for better performfance.
  • ✅ ⚙️ Customizable obfuscator options to fit your needs.
  • ✅ 🛡️ Auto-excludes node_modules.
  • ✅ 📦 Support the node_modules split chunk.

⚠️ Notice

  • If the obfuscation option stringArray is true.
    • Your results may lose some bundles (in __vite__mapDeps array).
    • I'm looking for an accurate case.
  • If a memory overflow occurs, modify the packaging command to "build": "cross-env NODE_OPTIONS=--max-old-space-size=8192 vite build", where max-old-space-size is set according to the configuration.
  • When setting up node_modules split chunk, please place the accurate package name at the front. For example: ["vue-router", "vue"], "vue" can match both "vue" and "vue-router" at the same time.

🌐 Online

Vite - VanillaVite - VueVite - ReactVite - PReactVite - litVite - SvelteVite - SolidVite - Qwik ✦ ...

📦 Installation

# Using npm
npm install vite-plugin-bundle-obfuscator -D

# Using pnpm
pnpm add vite-plugin-bundle-obfuscator -D

# Using yarn
yarn add vite-plugin-bundle-obfuscator -D

👨‍💻 Usage

  1. Install the plugin using your preferred package manager.
  2. Register the plugin in vite.config.js
  3. Customize the obfuscator configuration or use the default options.

Example:

import vitePluginBundleObfuscator from 'vite-plugin-bundle-obfuscator';

// All configurations
const allObfuscatorConfig = {
  excludes: [],
  enable: true,
  log: true,
  autoExcludeNodeModules: true,
  // autoExcludeNodeModules: { enable: true, manualChunks: ['vue'] }
  threadPool: true,
  // threadPool: { enable: true, size: 4 }
  options: {
    compact: true,
    controlFlowFlattening: true,
    controlFlowFlatteningThreshold: 1,
    deadCodeInjection: false,
    debugProtection: false,
    debugProtectionInterval: 0,
    disableConsoleOutput: false,
    identifierNamesGenerator: 'hexadecimal',
    log: false,
    numbersToExpressions: false,
    renameGlobals: false,
    selfDefending: true,
    simplify: true,
    splitStrings: false,
    stringArray: false,
    stringArrayCallsTransform: false,
    stringArrayCallsTransformThreshold: 0.5,
    stringArrayEncoding: [],
    stringArrayIndexShift: true,
    stringArrayRotate: true,
    stringArrayShuffle: true,
    stringArrayWrappersCount: 1,
    stringArrayWrappersChainedCalls: true,
    stringArrayWrappersParametersMaxCount: 2,
    stringArrayWrappersType: 'variable',
    stringArrayThreshold: 0.75,
    unicodeEscapeSequence: false,
  }
};

export default {
  plugins: [
    vitePluginBundleObfuscator(allObfuscatorConfig)
  ]
};

// Simplified configurations
const minimizeObfuscatorConfig = {
  autoExcludeNodeModules: true,
  // autoExcludeNodeModules: { enable: true, manualChunks: ['vue'] }
  threadPool: true,
  // threadPool: { enable: true, size: 4 }
};

export default {
  plugins: [
    vitePluginBundleObfuscator(minimizeObfuscatorConfig)
  ]
};

// Default configurations
export default {
  plugins: [
    vitePluginBundleObfuscator()
  ]
};

🚀 Performance Comparison

With 7000+ modules and 400+ bundles on a 4C 8G machine:

  • ThreadPool Enabled : 🟩🟩🟩⬜⬜⬜⬜⬜⬜ (About 30 seconds)
  • ThreadPool Disabled : 🟥🟥🟥🟥🟥🟥🟥🟥🟥 (About 90 seconds)

🛠️ Options

Property NameDescriptionTypeDefaultVersion
threadPoolConfiguration for the thread pool.boolean | ({ enable: true; size: number } | { enable: false })falsev1.2.0
applyApply the plugin only for serve or build, or on certain conditions.'serve' | 'build' | ((this: void, config: UserConfig, env: ConfigEnv) => boolean)buildv1.1.0
autoExcludeNodeModulesEnable auto exclude node_modules.boolean | ({ enable: true; manualChunks: string[] } | { enable: false })falsev1.0.9 (originally boolean, extended to current type in v1.3.0)
logShow or hide log output.booleantruev1.0.4
enableEnable or disable the obfuscator.booleantruev1.0.1
excludesBundle names to be excluded. Starting from v1.0.8, RegExp is supported.(RegExp | string)[][]v1.0.0
optionsOptions for the JavaScript obfuscator.ObfuscatorOptionsdefaultObfuscatorConfigv1.0.0

📄 License

MIT License Copyright (c) 2024-present, Zoffy

Keywords

FAQs

Package last updated on 19 Nov 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Malicious npm Package Targets Solana Developers and Hijacks Funds

Research

Security News

Malicious npm Package Targets Solana Developers and Hijacks Funds

A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.

By Socket Research Team  -  Dec 02, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc