Comments (1)
This is a good question. You're correct the compilation of JavaScript into optimized bytecode by Hermes inherently provides a significant level of obfuscation. This is because the bytecode is much more difficult to reverse-engineer compared to minified JavaScript source code.
However, it's important to note that while bytecode is harder to understand than JavaScript, it doesn't make reverse-engineering impossible. It preserves attributes like property names, and depending on compilation flags, function names (those can be disabled by passing -fstrip-function-names
). A determined attacker with enough time and resources could potentially still decipher it.
As for applying an additional layer of obfuscation to the bundle.js file, it could potentially add an extra layer of security. Obfuscation can make the reverse-engineering process more time-consuming and complex. It's good to keep in mind that obfuscation is not a foolproof security measure. It's more of a deterrent than a definitive protective measure.
The practical benefit of applying a code obfuscator would largely depend on the specific security needs of your project. If the code contains highly sensitive logic or information, then adding as many deterrents as possible could be beneficial. This is similar to Android apps, which are also compiled to bytecode, yet obfuscators for Android exist.
In conclusion, while Hermes' compilation to bytecode does provide a significant level of obfuscation, but the exact 'level' of obfuscation is challenging to quantify and should not be relied upon as a sole security measure. Additional security practices, such as code obfuscation, could be considered based on the specific needs and context of your project.
from hermes.
Related Issues (20)
- Building Static Hermes on Windows HOT 4
- Problems finding libraries with fresh compile under windows HOT 3
- Conversion of large array to a Set seems slow HOT 5
- Array.protoype.indexOf() Performance Regression HOT 3
- 'hermes-engine' uses the unencrypted 'http' protocol to transfer the Pod.
- hermes-eslint missing `__defineGeneric` in context `getScope` HOT 1
- Date constructor accept wrong ISO 8601 date HOT 2
- libc.so (SIGABRT, SIGSEGV) HOT 4
- Performance regression traversing large arrays compared to other engines HOT 4
- Hermes 0.7.2 : Max heap size was exceeded HOT 4
- hermes eslint: No sourceCode in context HOT 6
- Bug: recursion: "Maximum call stack size exceeded" HOT 2
- Wrong `DCMAKE_TOOLCHAIN_FILE` in docs HOT 3
- Intl.NumberFormat can't always display the number's sign HOT 1
- Intl.NumberFormat with compact notation doesn't display formatting HOT 1
- Examples how to use the experimental C ABI? HOT 3
- babel-plugin-syntax-hermes-parser drops chunk names HOT 1
- static_h: Assertion `Val && "isa<> used on a null pointer"' failed with -typed on tsc.js HOT 2
- fatal: unable to access 'http://github.com/facebook/hermes.git/' HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from hermes.