npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

webpack-encrypt-nodejs-module

v1.0.3

Published

This is a webpack plugin (`webpack >= 5`) that creates an encrypted bundle nodejs module that will be decrypted at runtime on server using an environment variable as the desencryption key.

Downloads

348

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

fabielfabiel

Keywords

webpackencryptcryptdecryptenvironment variableencodedecodenodejsmoduleobfuscatehidesecurekeypasswordencryptionsymmetric encryption

Readme

webpack-encrypt-nodejs-module

This is a webpack plugin (webpack >= 5) that creates an encrypted bundle nodejs module that will be decrypted at runtime on server using an environment variable as the desencryption key.

how to use it

add it to a webpack project

npm i webpack-encrypt-nodejs-module -D

if you are creating a webpack configuration from zero use this

npm i @babel/core @babel/preset-env babel-loader copy-webpack-plugin webpack webpack-cli webpack-obfuscator webpack-node-externals encrypt-nodejs-module-webpack-plugin -D

generate a password

openssl rand -base64 128

then create a webpack.config.js configuration file or modify yours

const path = require("path");
const webpack = require("webpack");
const fs = require("fs");
const nodeExternals = require("webpack-node-externals");
const JavaScriptObfuscator = require("webpack-obfuscator");
const EncryptModule = require("webpack-encrypt-nodejs-module");
const CopyPlugin = require("copy-webpack-plugin");
// const HtmlWebPackPlugin = require('html-webpack-plugin');

module.exports = {
  entry: {
    server: "./index.js", // server is the name of your output file (server.js), and index.js your source script
  },
  output: {
    path: path.join(__dirname, "dist"), // dist is the output dir
    publicPath: "/",
    filename: "[name].js", // file output name, [name] variable will take the value declared in entry, in this case [server]
  },
  target: "node",
  node: {
    // Need this when working with express, otherwise the build fails
    __dirname: false, // if you don't put this is, __dirname
    __filename: false, // and __filename return blank or /
  },
  externals: [nodeExternals()], // Need this to avoid error when working with Express
  // module: {
  //   rules: [
  //     {
  //       // Transpiles ES6-8 into ES5
  //       test: /\.js$/,
  //       exclude: /node_modules/,
  //       use: {
  //         loader: "babel-loader",
  //       },
  //     },
  //   ],
  // },
  plugins: [
    new EncryptModule({
      algorithm: "aes-192-cbc", //default
      keylen: 24, // default key length, this depend of algorithm
      ivlen: 16, //  default initialization vector length, this depend of algorithm
      password:
        "copy here in one line the generated password with the command -> openssl rand -base64 128", // this is used to generate a key
      // password: 'r9jKFPQolKPkh1sMevkDlyHmSrcl5br1gQ8bRESC4UBBCXo4qC4O0S5PKAduodsejDW789RdOqpRQsez9I+4S0KUabHKPoYOZ3PP3ExAZiErMFs7HQqdNNBjkTG3EknH6OjkLhoHBZ3NmodBnURHkMf6CXucIrjt+dqMQoEOq1M=',
      envVar: "PROTECTION_KEY", // environment varible where password will be obtained at runtime in server
    }),
    new JavaScriptObfuscator(
      {
        // obfuscate code first
        unicodeEscapeSequence: true,
        rotateUnicodeArray: true,
      },
      ["excluded_bundle_name.js"]
    ),
    new CopyPlugin({
      patterns: ["package.json"],
    }),
  ],
};

to build with a command add this to your package.json

  "scripts": {
    "build": "webpack --mode production --config webpack.config.js",
  }

then run

npm run build

you should see the final result in dist folder

To test the result execute nodejs with the password in an environment variable called varName which is by default PROTECTION KEY

PROTECTION_KEY=yourpassword node dist/server.js

then use your selected method to upload your code to server then in your env variables add envVarName key (in this case is PROTECTION_KEY) with the value of your password

PROTECTION_KEY=content of your public key