nextjs-obfuscator v3.0.0
javascript-obfuscator plugin for Next.js
The nextjs-obfuscator
enables you to make your Next.js app difficult to be reverse-engineered, using javascript-obfuscator.
ℹ️ If you are looking for README for v1, see here.
There are some useful notes:
- The app router is supported.
- Building by turbopack is currently NOT supported.
- Minimum supported Next.js version is v13.
Installation
You have to install javascript-obfuscator separately.
On npm:
npm i -D javascript-obfuscator nextjs-obfuscator
On yarn:
yarn add -D javascript-obfuscator nextjs-obfuscator
Usage
Wrap your configuration in your next.config.js
to use this plugin, for example:
const withNextJsObfuscator = require("nextjs-obfuscator")(obfuscatorOptions, pluginOptions);
/** @type {import('next').NextConfig} */
const nextConfig = withNextJsObfuscator({
// ... your next.js configuration
});
module.exports = nextConfig;
If you use some other plugins, we recommend applying this plugin later than any other ones because in most cases the obfuscation will change a large portion of the code.
API
obfuscatorOptions
Type: Object
(required)
This is the options of javascript-obfuscator, but there are some important notes:
disableConsoleOutput
should be set tofalse
and you can easily notice the error logging by React on console. If they are present, they indicate your app has been broken.There are some options that MUST NOT be set:
These options will be set by the nextjs-obfuscator plugin internally if necessary.
pluginOptions
Type: Object
(optional)
More options for this plugin. All properties are optional.
{
enabled: boolean | "detect",
patterns: string[],
obfuscateFiles: Partial<{
buildManifest: boolean,
ssgManifest: boolean,
webpack: boolean,
additionalModules: string[],
}>,
log: boolean,
};
Option | Type | Default Value | Description |
---|---|---|---|
enabled | boolean | "detect" | "detect" | Indicates if the plugin is enabled or not.If "detect" specified, the plugin will be enabled only when building for production. |
patterns | string[] | "./*/.(js|jsx|ts|tsx)" | Glob patterns to determine which files to be obfuscated. They must be relative paths from the directory where next.config.js is placed. |
obfuscateFiles | object | Additional files to be obfuscated. | |
obfuscateFiles.buildManifest | boolean | false | If set to true, the plugin will obfuscate _buildManifest.js |
obfuscateFiles.ssgManifest | boolean | false | If set to true, the plugin will obfuscate _ssgManifest.js |
obfuscateFiles.webpack | boolean | false | If set to true, the plugin will obfuscate webpack.js , which is an entry point. |
obfuscateFiles.additionalModules | string[] | [] | Names of additional external modules to be obfuscated. Convenient if you are using custom npm package, for instance. Use like ["module-a", "module-b", ...] . |
log | boolean | false | If set to true, the plugin will use console.log as logger. Otherwise, it uses webpack's standard logger. |
How it works
- This plugin inserts a custom loader to obfuscate project files and external modules.
- This plugin inserts a custom plugin to obfuscate
buildManifest
,ssgManifest
,webpack
assets.
Disclaimer
Using this plugin can break your next.js app, so you have to check carefully your app works fine.
License
6 months ago
6 months ago
11 months ago
9 months ago
11 months ago
11 months ago
11 months ago
2 years ago
2 years ago
2 years ago