cubegenjs
v0.1.11
Published
Protecting and Optimizing your JavaScript Source Code
Downloads
29
Maintainers
Readme
CubegenJS
Protecting and Optimizing your JavaScript Source Code.
When do you need this module?
- Hide keys or secret algorithms in a project.
- Want to detect if the project source code is changed.
- Protecting application from illegal distribution.
- Optimizing nodejs project source code.
Table of contents
Installation
This is a Node.js module available through the npm registry.
This module can be used on node or web projects develop with Node.js version 18.0 or higher.
Installation is done using the npm install
command:
npm install --save-dev cubegenjs
or
yarn add --dev cubegenjs
Configuration and Usage
You need create two configuration files cg.builder.js
and cb.protector.js
.
Generate these files with the command:
npx cubegen init
After that, you have to select the target environment NodeJS
or Web Browser
based on your project type.
To use protector, you mush import cg.protector.js
file in your project.
For example Express.js project in /src/index.js
:
import express from 'express'
import '../cg.protector.js'
const app = express()
app.listen(3000, () => {
...
})
or React.js project in /src/App.jsx
:
import { useState } from 'react'
import '../cg.protector.js'
function App() {
...
}
After everything is done, build your project with the command:
npx cubegen build
Options
The module use cg.builder.js
and cb.protector.js
files to define how the module works. Each properties and methods can be set according to your project needs.
Cubegen CLI
Cubegen provides a terminal interface to manage your project.
CLI options of npx cubegen
:
-v, --version
-h, --help
commands:
init [options] initialize cubegen configuration
build [options] building your project to distribution code
options:
-r, --root <string> relative root project directory (default: "./")
Cubegen Builder
The cg.builder.js
file contains the rules for how your project will be transformed with bundlers and obfuscators.
appKey
Type: string
Default: <generate by system>
Application key for generate private keys inner your code. You can use a custom random characters.
target
Type: string
Default: <generate by system>
Target where your application will be run in production. Available options: node
and browser
buildCommand
Type: string
Default: npm run build
⚠️ Only available in web project.
Command to build your web project. The build command example: npm run build
or yarn build
.
codeBundlingOptions
Type: object
Default: {}
⚠️ Only available in node project.
Bundler option to optimize your code with parcel.
Example:
codeBundlingOptions: {
rootDir: './',
outDir: './dist',
entries: [
'src/main.js',
'src/worker.js'
],
staticDirs: [
'public',
'storages'
],
buildMode: 'production'
}
codeObfuscationOptions
Type: object
Default: {}
Obfuscation option to obfuscate your protector code with javascript-obfuscator.
Example:
codeObfuscationOptions: {
target: 'node',
seed: '0fddc96ac6cad3b0',
controlFlowFlattening: true,
controlFlowFlatteningThreshold: 1,
...
compact: true,
simplify: true
}
See more option in https://github.com/javascript-obfuscator/javascript-obfuscator?tab=readme-ov-file#options
Cubegen Protector
The cg.protector.js
file is the protection algorithm for your project. Your code in cg.protector.js
will be fully obfuscated after the build process is complete.
onStart()
This method will be called after protector is started.
Example:
onStart(() => {
console.log('Cubegen protector is starting.')
})
onDocumentLoaded()
⚠️ Only available in web project.
This method will be called after after DOM loaded.
Example:
onDocumentLoaded(() => {
console.log('Web document is loaded.')
})
onDomainNotAllowed()
⚠️ Only available in web project.
This method will be called if site host is not in the whitelist.
Example only allow hosted web app in localhost:*
:
const domainLockingOptions = {
enabled: true,
whitelist: [
'localhost',
'localhost:\\d+',
'127.0.0.1:\\d+'
]
}
onDomainNotAllowed(domainLockingOptions, () => {
window.location.host = 'https://your_site.com'
})
onModifiedCode()
⚠️ Only available in node project.
This method will be called if distributed code changed or not match with signiture.
Example:
const modifiedCodeOptions = {
enabled: true
}
onModifiedCode(modifiedCodeOptions, () => {
console.log('Source code is changed.')
process.exit()
})
onIntervalCall()
This method will be called continuously.
Example:
const intervalCallOptions = {
enabled: false,
eventLoopInterval: 5000
}
onIntervalCall(intervalCallOptions, () => {
// call monitoring service or do something
})
Support
The main forum for free and community support is the project Issues on GitHub.