I want to use node.js in my next project, but my boss does not like that our competitors can read the source code.
Is there a way to protect the JavaScript code?
You could accomplish this with a NativeExtension for node
You'd have a boostrap.js
file that adds a extension handler for .jse files
// register extension
require.extensions[".jse"] = function (m) {
m.exports = MyNativeExtension.decrypt(fs.readFileSync(m.filename));
};
require("YourCode.jse");
YourCode.jse
would be the encrypted version of your source code (the key for decryption wouldn't be anywhere in plain-text because the decryption process takes place in the native extension).
Now you have your NativeExtensions decrypt
function transform the source back to javascript. Just have your build process create encrypted .jse
versions of all your files and release those to your customers. They'd also need the native extension but now you've made it a little harder to modify your code without too much effort. You can even make the native extension call home and check license information to help prevent piracy (keep in mind this won't stop piracy, there's no solution for that).