MMO P&S No way to create a desktop app using node.js without showing the code?

[PhiaWise]

I'm redoing my automation project using Node.js, and I planned to use Electron. However, Electron exposes the source code, which is a security concern because I'll be sharing the app with others. Is there a package that doesn't have this security issue for creating apps?

 

[Poolab]

I'm redoing my automation project using Node.js, and I planned to use Electron. However, Electron exposes the source code, which is a security concern because I'll be sharing the app with others. Is there a package that doesn't have this security issue for creating apps?

Node isn't designed for this task. The most you can do is make the code smaller and harder to understand, and then bundle the application using a format called asar.

Otherwise, they're just regular scripts. If someone is determined enough to figure out the obscured code, they could also figure out any code that's been compiled into an executable form.

 

[PhiaWise]

Node isn't designed for this task. The most you can do is make the code smaller and harder to understand, and then bundle the application using a format called asar.

Otherwise, they're just regular scripts. If someone is determined enough to figure out the obscured code, they could also figure out any code that's been compiled into an executable form.

Thanks for the feedback. The current app is written in Python, but many users are encountering errors. I'm thinking of redoing it using Node.js because I prefer it. I'll try to make the code harder to understand by obfuscating it, and I'll use a format called asar to package it, which should make it more secure.

 

[KixSpecials]

There are different programs and tools that you can use with Node.js to make desktop apps secure, like NW.js and EncloseJS. These tools have options to keep your app's code safe, like encrypting and making it hard to understand, which helps prevent people from accessing or changing it without permission.

 

[Trixtvil]

There are different options for making safe desktop apps using Node.js, like NW.js and EncloseJS. These tools offer ways to secure your app's code, such as encryption and obfuscation, to stop unauthorized people from getting in and changing things.

 

[Rockerwr]

You can use a tool called "pkg" to turn your Node.js project into a .exe file. This file will work on different operating systems like Mac OS or Unix.

 

[PhiaWise]

You can use a tool called "pkg" to turn your Node.js project into a .exe file. This file will work on different operating systems like Mac OS or Unix.

There are different options for making safe desktop apps using Node.js, like NW.js and EncloseJS. These tools offer ways to secure your app's code, such as encryption and obfuscation, to stop unauthorized people from getting in and changing things.

I'll use pkg, bytenode, and obfuscation to protect the code. Thanks for the advice!

 

[Rockerwr]

I'll use pkg, bytenode, and obfuscation to protect the code. Thanks for the advice!

You might not need to make the code hard to understand (obfuscate) because when you use pkg, it creates an executable file without showing the original source code. So, it's not clear what it looks like even if someone tries to reverse engineer it.

 

[PhiaWise]

You might not need to make the code hard to understand (obfuscate) because when you use pkg, it creates an executable file without showing the original source code. So, it's not clear what it looks like even if someone tries to reverse engineer it.

If you open the executable created by pkg in VSCode, you can see the JavaScript code. Is there a way to prevent this?

 

[Rockerwr]

If you open the executable created by pkg in VSCode, you can see the JavaScript code. Is there a way to prevent this?

So, if you look at the code of the .exe file using a special program called a hex editor, you can easily see what it does. To make it harder to understand, we could try to mess it up a bit, maybe using our own tricks to hide it better.

 

[Rockerwr]

I'm not sure if we can completely hide our code from determined hackers. Even if we use techniques like obfuscation, they can still figure it out given enough time, but it takes effort and resources.

The best way to protect our code would be to separate the important parts from the main application and create an interface (API) that the application can use. This means the crucial code is kept outside the reach of the client.

If your client isn't tech-savvy or doesn't seem like someone who would try to misuse the code, techniques like obfuscation, encryption, and packaging should provide enough security.

 

[Trimblue]

As others have mentioned, creating an executable file would be the quickest and simplest option.
For maximum security, consider hosting your application on a server. Then, the client can communicate with it through an API (like a messenger), keeping your code safe and separate from the client's device.