Protecting and Optimizing your JavaScript Source Code.
When do you need this module?
- Hide keys or secret algorithms in a project.
- Want to detect if the project source code is changed.
- Protecting application from illegal distribution.
- Optimizing nodejs project source code.
This is a Node.js module available through the npm registry.
This module can be used on node or web projects develop with Node.js version 18.0 or higher.
Installation is done using the npm install command:
npm install --save-dev cubegenjsor
yarn add --dev cubegenjsYou need create two configuration files cg.builder.js and cb.protector.js.
Generate these files with the command:
npx cubegen initAfter that, you have to select the target environment NodeJS or Web Browser based on your project type.
To use protector, you mush import cg.protector.js file in your project.
For example Express.js project in /src/index.js:
import express from 'express'
import '../cg.protector.js'
const app = express()
app.listen(3000, () => {
...
})or React.js project in /src/App.jsx:
import { useState } from 'react'
import '../cg.protector.js'
function App() {
...
}After everything is done, build your project with the command:
npx cubegen buildThe module use cg.builder.js and cb.protector.js files to define how the module works. Each properties and methods can be set according to your project needs.
Cubegen provides a terminal interface to manage your project.
CLI options of npx cubegen:
-v, --version
-h, --help
commands:
init [options] initialize cubegen configuration
build [options] building your project to distribution code
options:
-r, --root <string> relative root project directory (default: "./")
The cg.builder.js file contains the rules for how your project will be transformed with bundlers and obfuscators.
Type: string Default: <generate by system>
Application key for generate private keys inner your code. You can use a custom random characters.
Type: string Default: <generate by system>
Target where your application will be run in production. Available options: node and browser
Type: string Default: npm run build
Command to build your web project. The build command example: npm run build or yarn build.
Type: object Default: {}
Bundler option to optimize your code with parcel.
Example:
codeBundlingOptions: {
rootDir: './',
outDir: './dist',
entries: [
'src/main.js',
'src/worker.js'
],
staticDirs: [
'public',
'storages'
],
buildMode: 'production'
}Type: object Default: {}
Obfuscation option to obfuscate your protector code with javascript-obfuscator.
Example:
codeObfuscationOptions: {
target: 'node',
seed: '0fddc96ac6cad3b0',
controlFlowFlattening: true,
controlFlowFlatteningThreshold: 1,
...
compact: true,
simplify: true
}See more option in https://github.com/javascript-obfuscator/javascript-obfuscator?tab=readme-ov-file#options
The cg.protector.js file is the protection algorithm for your project. Your code in cg.protector.js will be fully obfuscated after the build process is complete.
This method will be called after protector is started.
Example:
onStart(() => {
console.log('Cubegen protector is starting.')
})This method will be called after after DOM loaded.
Example:
onDocumentLoaded(() => {
console.log('Web document is loaded.')
})This method will be called if site host is not in the whitelist.
Example only allow hosted web app in localhost:*:
const domainLockingOptions = {
enabled: true,
whitelist: [
'localhost',
'localhost:\\d+',
'127.0.0.1:\\d+'
]
}
onDomainNotAllowed(domainLockingOptions, () => {
window.location.host = 'https://your_site.com'
})This method will be called if distributed code changed or not match with signiture.
Example:
const modifiedCodeOptions = {
enabled: true
}
onModifiedCode(modifiedCodeOptions, () => {
console.log('Source code is changed.')
process.exit()
})This method will be called continuously.
Example:
const intervalCallOptions = {
enabled: false,
eventLoopInterval: 5000
}
onIntervalCall(intervalCallOptions, () => {
// call monitoring service or do something
})The main forum for free and community support is the project Issues on GitHub.