I just noted that obfuscation on WebCore VSC still leaves function names and variable names visible (but not all of them, for some reason) on the obfuscated javascript file. It seems more like minimizer than obfuscator.
In order to develop intuitively in my apps, for example, some encryption and decryption routines are named accordingly. And the encrypted variables too.
Since any web app source can be inspected and checked by an skilled person, my concern is that any hacker could go through the code faster if he know the function names, while it can take much longer to actually determine what this or that does in the application if the name is anonymized.
My release build settings are the default:
debug info =False, Obfuscation= True, optimization=True, Single js file=True
How can we make a stronger obfuscation? Maybe not as stronger as WebAsm looks but at least hide variable and function names.
At this moment, the built-in JavaScript obfuscation tool is the free & open-source terser
We have no impact over the obfuscation strategy of terser. It is recognized as a standard obfuscation / compressor toolkit. But nothing prevents you from using another tool to obfuscate your resulting .JS file(s).
Thanks Bruno.
Is there a way I can put some step into the compiler so that I can change the javascript obfuscation part? or to configure Terser for that matter....
You do not need to change the compiler for this.
Just run the obfuscation tool of your choice on the resulting .JS file generated, i.e. after you compiled.
Sure, Will do that.
But In my question I was actually trying to refer to the build script, thinking on automating the process from within the IDE.
Thank you!
Did not find any reference to post build action on the documentation, the project settings or looking in the Visual studio code Tms-related settings. Is it implemented? how do I add a post build action? Just need a little pointer, thanks.
In any case, you can execute any action by modifying the .vscode/tasks.json for that specific project. There is one task called "Build" that is a compound task of "Echo" and "Active", if you place any other task after "Active", it will be executed after compilation. You can get more information here:
Jose. Am going to read about it.
I also found an OmniPascal option that creates a build script .bat, however it created the script, then the VSC Ide didn't do anything when clicking on Build for my project, so I disabled it, as it was before.
But that seemed a possible place to put the actions too.