node.js 代码保护 [英] node.js code protection

问题描述

我正在检查是否可以分发 node.js 应用程序封闭源代码.不是客户端 Javascript 文件，而是作为商业产品的服务器端文件.我认为代码混淆/丑化不会提供真正的隐私.也许诸如将源代码打包/编译成二进制之类的东西会有所帮助.这可能吗?

I was checking to see if it is possible to distribute a node.js application closed source. Not the client-side Javascript files but the server-side files as a commercial product. I suppose code obfuscation/uglification will not provide real privacy. Maybe something like packaging/compiling the source code into binary could help. Is this possible?

推荐答案

我搜索了一些 NodeJS 和 v8 代码.

I did some searching around the NodeJS and v8 code.

首先在 NodeJS 存储库上，我发现在 src/node.cc，第 1128 行上首次加载源代码的位置:

First on NodeJS repository I found where the source code is first loaded executing on src/node.cc, line 1128:

Local<Value> ExecuteString(Handle<String> source, Handle<Value> filename)

首先编译字符串，(然后执行)，使用:

Which first compiles the string, (and later executes), using:

Local<v8::Script> script = v8::Script::Compile(source, filename);

查看 deps/v8/include/v8.h 中的 v8 源代码，第 639 行，Compile 函数返回:

Taking a look at the v8 source code at deps/v8/include/v8.h, line 639, the Compile function returns:

Compiled script object, bound to the context that was active
  when this function was called.  When run it will always use this
  context.

我不确定绑定到上下文的脚本意味着什么，但我认为它不仅仅是一个二进制对象，您可以保存并传输到另一台机器而无需传输整个上下文.

I am not sure what the script being bound to the context implies, but I would argue that it is not just a binary object that you can save and transfer to another machine without having to transfer the whole context.

深入查看 v8.h，还有一个 ScriptData 类，它预编译一个脚本使编译更快，并且可以与 Script 类一起使用，但 Script 类仍然需要加载脚本时的原始源.(可能是因为在打印错误时，它知道错误的来源.)

Taking a deeper look at v8.h, there is also a ScriptData class, that pre-compiles a script to make the compilation faster, and that can be used with the Script class, but the Script class still requires the original source when loading the script. (Maybe for when printing errors, it knows where the error origin.)

总而言之，我认为没有太多工作是不可能的.

In summary, I do not think it is possible without much work.

这篇关于node.js 代码保护的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！