MMO P&S No way to create a desktop app using node.js without showing the code?

PhiaWise · Mar 28, 2024

I'm redoing my automation project using Node.js, and I planned to use Electron. However, Electron exposes the source code, which is a security concern because I'll be sharing the app with others. Is there a package that doesn't have this security issue for creating apps?

Poolab · Apr 2, 2024

PhiaWise said:
I'm redoing my automation project using Node.js, and I planned to use Electron. However, Electron exposes the source code, which is a security concern because I'll be sharing the app with others. Is there a package that doesn't have this security issue for creating apps?

Node isn't designed for this task. The most you can do is make the code smaller and harder to understand, and then bundle the application using a format called asar.

Otherwise, they're just regular scripts. If someone is determined enough to figure out the obscured code, they could also figure out any code that's been compiled into an executable form.

PhiaWise · Apr 5, 2024

Poolab said:
Node isn't designed for this task. The most you can do is make the code smaller and harder to understand, and then bundle the application using a format called asar.

Otherwise, they're just regular scripts. If someone is determined enough to figure out the obscured code, they could also figure out any code that's been compiled into an executable form.

Thanks for the feedback. The current app is written in Python, but many users are encountering errors. I'm thinking of redoing it using Node.js because I prefer it. I'll try to make the code harder to understand by obfuscating it, and I'll use a format called asar to package it, which should make it more secure.

KixSpecials · Apr 9, 2024

There are different programs and tools that you can use with Node.js to make desktop apps secure, like NW.js and EncloseJS. These tools have options to keep your app's code safe, like encrypting and making it hard to understand, which helps prevent people from accessing or changing it without permission.

Trixtvil · Apr 11, 2024

There are different options for making safe desktop apps using Node.js, like NW.js and EncloseJS. These tools offer ways to secure your app's code, such as encryption and obfuscation, to stop unauthorized people from getting in and changing things.

Rockerwr · Apr 15, 2024

You can use a tool called "pkg" to turn your Node.js project into a .exe file. This file will work on different operating systems like Mac OS or Unix.

PhiaWise · Apr 19, 2024

Rockerwr said:
You can use a tool called "pkg" to turn your Node.js project into a .exe file. This file will work on different operating systems like Mac OS or Unix.

Trixtvil said:
There are different options for making safe desktop apps using Node.js, like NW.js and EncloseJS. These tools offer ways to secure your app's code, such as encryption and obfuscation, to stop unauthorized people from getting in and changing things.

I'll use pkg, bytenode, and obfuscation to protect the code. Thanks for the advice!

Rockerwr · Apr 21, 2024

PhiaWise said:
I'll use pkg, bytenode, and obfuscation to protect the code. Thanks for the advice!

You might not need to make the code hard to understand (obfuscate) because when you use pkg, it creates an executable file without showing the original source code. So, it's not clear what it looks like even if someone tries to reverse engineer it.

PhiaWise · Apr 23, 2024

Rockerwr said:
You might not need to make the code hard to understand (obfuscate) because when you use pkg, it creates an executable file without showing the original source code. So, it's not clear what it looks like even if someone tries to reverse engineer it.

If you open the executable created by pkg in VSCode, you can see the JavaScript code. Is there a way to prevent this?

Rockerwr · Apr 27, 2024

PhiaWise said:
If you open the executable created by pkg in VSCode, you can see the JavaScript code. Is there a way to prevent this?

So, if you look at the code of the .exe file using a special program called a hex editor, you can easily see what it does. To make it harder to understand, we could try to mess it up a bit, maybe using our own tricks to hide it better.

Rockerwr · Apr 30, 2024

I'm not sure if we can completely hide our code from determined hackers. Even if we use techniques like obfuscation, they can still figure it out given enough time, but it takes effort and resources.

The best way to protect our code would be to separate the important parts from the main application and create an interface (API) that the application can use. This means the crucial code is kept outside the reach of the client.

If your client isn't tech-savvy or doesn't seem like someone who would try to misuse the code, techniques like obfuscation, encryption, and packaging should provide enough security.

Trimblue · May 3, 2024

As others have mentioned, creating an executable file would be the quickest and simplest option.
For maximum security, consider hosting your application on a server. Then, the client can communicate with it through an API (like a messenger), keeping your code safe and separate from the client's device.

MMO P&S No way to create a desktop app using node.js without showing the code?

PhiaWise

Well-known member

Poolab

Active member

PhiaWise

Well-known member

KixSpecials

Well-known member

Trixtvil

Well-known member

Rockerwr

Active member

PhiaWise

Well-known member

Rockerwr

Active member

PhiaWise

Well-known member

Rockerwr

Active member

Rockerwr

Active member

Trimblue

Well-known member

	MMO P&S Whats the easiest way possible to create wep app? HotSport Sep 26, 2024 Programming & Scripting
	What is the best way to begin learning about browser automation? Delingha Dec 4, 2023 Programming & Scripting
	What is the best way to go about learning programming? Kadisent Nov 30, 2023 Programming & Scripting