npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@feasibleone/aegis

v1.1.1

Published

Aegis code protection

Downloads

37

Readme

Aegis code protection

Aegis is a code protection tool that helps you protect node.js applications from reverse engineering and tampering. It is designed to be easy to use and integrate into your existing projects.

Features

  • Code Encryption: Aegis encrypts your code to make it difficult to reverse engineer.
  • Code Obfuscation: Aegis obfuscates your code by compiling it to bytecode.
  • License Management: Aegis allows you to manage licenses for your applications.

Usage

Aegis currently supports the following node.js versions:

  • 16.20.2, also likely other 16.x versions

To use Aegis, you need to install the package from npm:

npm @feasibleone/aegis

General Usage

Aegis works by requiring the package at the files you want to protect.

  • Protecting files

    Aegis will generate protected versions of the files upon process exit when the AEGIS_BUILD environment variable is set. The encryption parameters for protecting the files can be set via the following environment variables:

    • AEGIS_CIPHER - The encryption algorithm to use. The default is aes-256-cbc.
    • AEGIS_KEY - The encryption key to use. If not set, a built-in key is used.
    • AEGIS_IV - The initialization vector to use. If not set, a built-in IV is used.
  • Naming of output files

    By default Aegis does not overwrite the original files, instead it creates new files by adding .cjs extension to the original file name. This is done to prevent accidental loss of source code files at developer machines.

    Usually Aegis will run in a CI job, where it can be configured to overwrite the original source code file by setting the AEGIS_OVERWRITE environment variable.

[!WARNING] Aegis will overwrite any existing files without a warning. Even if you have not set AEGIS_OVERWRITE, be careful if you have .js.cjs files that match names of .js files.

Obfuscating Code

To obfuscate your code, require aegis at the top of each file you want to obfuscate, as shown below:

require('@feasibleone/aegis')(module);

Obfuscating code has some side effects, such as loosing line numbers from call stack for the files that were obfuscated. This is because the code is compiled to bytecode and the original source code is not available.

Encrypting Code

If you only want to encrypt your code, without obfuscating it, you can pass an additional parameter, as shown below:

require('@feasibleone/aegis')(module, 'js');

Checking Licenses

Aegis returns an object, which can be used to check licenses. This object has a property named active which is a function. This function returns an object, that gives information about the licensed features. This object always has a property named expires which holds the timestamp of the license expiration date. If the license has expired this function will throw an error with code AEGIS_EXPIRED and type aegis.expired. In addition to the expires property, the returned object can have other properties, depending on the license.

Example usage:

const license = require('@feasibleone/aegis')(module);

// log the license information for the feature 'test'
console.log(license.active('test'));

In addition to checking the license information, you can also write logic, which depends on the license data:

const license = require('@feasibleone/aegis')(module);

console.log(`You have a license for ${license.active('test').users} users`)

Generating a license

Aegis allows you to generate licenses for your applications. The license contains the license terms and the cryptographic parameters needed to load the protected files. Be sure to set the same values (or defaults) for AEGIS_CIPHER, AEGIS_KEY and AEGIS_IV as you used to protect the files.

To generate a license, you can use the aegis command line tool. The tool is installed with the package and can be used as shown below:

AEGIS='{
    "terms":{
        "expires":2208988800000
    },
    "features":{
        "test":{
            "aegis":true
        }
    }
}' aegis

Generating is also possible via the API:

console.log(require('@feasibleone/aegis')({
    terms: {
        expires: 2208988800000
    },
    features: {
        test: {
            users: 10
        }
    }
}));

The license is a string, which can be saved to a file or a database.

Loading a license

Loading the license should happen early in the application, before loading any of the protected files. The license is loaded as shown below:

require('@feasibleone/aegis')('license string');

Reading license details

require('@feasibleone/aegis').info('license string');