{"id":16962753,"url":"https://github.com/kevinrohn/github-action-javascript-obfuscator","last_synced_at":"2025-04-11T21:31:04.264Z","repository":{"id":42455906,"uuid":"494396385","full_name":"KevinRohn/github-action-javascript-obfuscator","owner":"KevinRohn","description":"Github action to obfuscate javascript code by using the javascript-obfuscator (https://obfuscator.io).","archived":false,"fork":false,"pushed_at":"2024-06-21T10:16:52.000Z","size":41,"stargazers_count":4,"open_issues_count":1,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-09T12:16:48.834Z","etag":null,"topics":["actions","github-actions"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/KevinRohn.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-05-20T09:11:51.000Z","updated_at":"2024-11-14T18:44:27.000Z","dependencies_parsed_at":"2023-01-11T17:22:12.284Z","dependency_job_id":null,"html_url":"https://github.com/KevinRohn/github-action-javascript-obfuscator","commit_stats":{"total_commits":31,"total_committers":1,"mean_commits":31.0,"dds":0.0,"last_synced_commit":"4c17874d862979e5b7ce8dda82112e20f6a6cf50"},"previous_names":[],"tags_count":6,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KevinRohn%2Fgithub-action-javascript-obfuscator","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KevinRohn%2Fgithub-action-javascript-obfuscator/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KevinRohn%2Fgithub-action-javascript-obfuscator/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/KevinRohn%2Fgithub-action-javascript-obfuscator/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/KevinRohn","download_url":"https://codeload.github.com/KevinRohn/github-action-javascript-obfuscator/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248482882,"owners_count":21111398,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["actions","github-actions"],"created_at":"2024-10-13T23:07:47.512Z","updated_at":"2025-04-11T21:31:03.650Z","avatar_url":"https://github.com/KevinRohn.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# :package: Github Action `Javascript obfuscator`\n\n\u003e A Github action to obfuscate javascript code by using the [javascript-obfuscator](https://github.com/javascript-obfuscator/javascript-obfuscator)\n\n## About\n\nObfuscate javascript and node with Github action to secure your code.\nThe Github action uses the [javascript-obfuscator](https://github.com/javascript-obfuscator/javascript-obfuscator).\n\n## Usage\n\n\u003e:white_flag: See the [inputs](#inputs) section for detailed descriptions.\n\n### Example low obfuscation\n\n```yml\n      - name: Create distribution path\n        run: |\n         mkdir -p distribution_path\n      \n      - name: Low obfuscation test\n        uses: KevinRohn/github-action-javascript-obfuscator@v1\n        with:\n          input_path: input_path\n          output_path: distribution_path\n          compact: true\n          control_flow_flattening: false\n          dead_code_injection: false\n          debug_protection: false\n          debug_protection_interval: 0\n          log: false\n          disable_console_output: true\n          rename_globals: false\n          string_array_rotate: true\n          self_defending: true\n          string_array: true\n          string_array_encoding: 'none'\n          string_array_threshold: 0.75\n          unicode_escape_sequence: false\n          target: node\n``` \n\n## Inputs\n\n\u003e **Note:** \nFor an detailed documentation, please check the full documentation of the [javascript-obfuscator](https://github.com/javascript-obfuscator/javascript-obfuscator)\n\nThe action supports the following inputs:\n\n- `input_path`\n  \n  Input path of the js file(s)\n  \n  \u003e Can be a single js file or also an directory with js files.\n\n  **Required:**\n  *true*\n\n- `output_path`\n  \n  Output path to save the obfuscated file(s).\n\n  \u003e If you use the same output path as the input path, the postfix `obfuscated` will be added to the file(s) name.\n  e.g. `index-obfuscated.js`\n\n  **Required:**\n  *true*\n\n- `compact`\n\n  Compact code output on one line.\n\n  \u003e Type: `boolean` Default: `true`\n\n  **Required:**\n  *false*\n\n- `control_flow_flattening`\n\n  Enables code control flow flattening. Control flow flattening is a structure transformation of the source code that hinders program comprehension.\n\n  \u003e Type: `boolean` Default: `false`\n\n  **Required:**\n  *false*\n\n- `control_flow_flattening_threshold`\n  \n  The probability that the control flow flattening transformation will be applied to the node.\n\n  \u003e Type: `number` Default: `0.75` Min: `0` Max: `1`\n\n  **Required:**\n  *false*\n\n- `dead_code_injection`\n\n  With this option, random blocks of dead code will be added to the obfuscated code.\n\n  \u003e Type: `boolean` Default: `false`\n\n  **Required:**\n  *false*\n\n- `dead_code_injection_threshold`\n\n  Allows to set percentage of nodes that will affected by deadCodeInjection.\n\n  \u003e Type: `number` Default: `0.4` Min: `0` Max: `1`\n\n  **Required:**\n  *false*\n\n- `debug_protection`\n\n  This option makes it almost impossible to use the debugger function of the Developer Tools (both on WebKit-based and Mozilla Firefox).\n\n  \u003e Type: `boolean` Default: `false`\n\n  **Required:**\n  *false*\n\n- `debug_protection_interval`\n\n  If set, an interval in milliseconds is used to force the debug mode on the Console tab, making it harder to use other features of the Developer Tools. Works if debugProtection is enabled. Recommended value is between `2000` and `4000` milliseconds.\n  \n  \u003e Type: `number` Default: `0`\n\n  **Required:**\n  *false*\n\n- `disable_console_output`\n\n  Disables the use of `console.log`, `console.info`, `console.error`, `console.warn`, `console.debug`, `console.exception` and `console.trace` by replacing them with empty functions. This makes the use of the debugger harder.  \n  \n  \u003e Type: `boolean` Default: `false`\n\n  **Required:**\n  *false*\n\n- `domain_lock`\n\n  Allows to run the obfuscated source code only on specific domains and/or sub-domains. This makes really hard for someone to just copy and paste your source code and run it elsewhere.\n\n  \u003e Type: `string[]` Default: `[]`\n\n  **Required:**\n  *false*\n\n- `domain_lock_redirect_url`\n\n  Allows the browser to be redirected to a passed URL if the source code is not run on the domains specified by `domain_lock`.\n\n  \u003e Type: `string` Default: `about:blank`\n\n  **Required:**\n  *false*\n\n- `exclude`\n\n  A filename or glob which indicates files to exclude from obfuscation.\n\n  \u003e Type: `string[]` Default: `[]`\n\n  **Required:**\n  *false*\n\n- `force_transform_strings`\n\n  Enables force transformation of string literals, which is matched by RegExp patterns (comma separated).\n\n  \u003e Type: `string[]` Default: `[]`\n\n  **Required:**\n  *false*\n\n- `identifier_names_cache_path`\n\n  The existing `.json` file that will be used to read and write identifier names cache.\n\n  If a path to the empty file will be passed - identifier names cache will be written to that file.\n\n  \u003e Type: `string` Default: ``\n\n  **Required:**\n  *false*\n\n- `identifier_names_generator`\n\n  Sets identifier names generator.\n\n  \u003e Type: `string` Default: `hexadecimal`\n\n  Available values:\n    - `dictionary`: identifier names from `identifiers_dictionary` list\n    - `hexadecimal`: identifier names like `_0xabc123`\n    - `mangled`: short identifier names like `a, b, c`\n    - `mangled-shuffled`: same as `mangled` but with shuffled alphabet\n\n  **Required:**\n  *false*\n\n- `identifiers_dictionary`\n\n  Sets identifiers dictionary for `identifier_names_generator`: `dictionary` option. Each identifier from the dictionary will be used in a few variants with a different casing of each character. Thus, the number of identifiers in the dictionary should depend on the identifiers amount at original source code.\n\n  \u003e Type: `string[]` Default: `[]`\n\n  **Required:**\n  *false*\n\n- `identifiers_prefix`\n\n  Sets prefix for all global identifiers.\n\n  \u003e Type: `string` Default: ``\n\n  **Required:**\n  *false*\n\n- `ignore_imports`\n\n  Prevents obfuscation of `require` and `dynamic` imports'.\n\n  \u003e Type: `boolean` Default: `false`\n\n  **Required:**\n  *false*\n\n- `log`\n\n  Enables logging of the information to the console.\n\n  \u003e Type: `boolean` Default: `false`\n\n  **Required:**\n  *false*\n\n- `numbers_to_expressions`\n\n  Enables numbers conversion to expressions.\n\n  \u003e Type: `boolean` Default: `false`\n\n  **Required:**\n  *false*\n\n- `options_preset`\n\n  Allows to set [options preset](https://obfuscator.io/#preset-options).\n\n  \u003e Type: `string` Default: `default`\n\n  Available values:\n  - `default`\n  - `low-obfuscation`\n  - `medium-obfuscation`\n  - `high-obfuscation`\n  \n  All addition options will be merged with selected options preset.\n\n  **Required:**\n  *false*\n\n- `rename_globals`\n\n  Allows to enable obfuscation of global variable and function names with declaration\n\n  \u003e Type: `boolean` Default: `false`\n\n  **Required:**\n  *false*\n\n- `rename_properties_mode`\n\n  Specify `rename_properties` option mode.\n\n  \u003e Type: `string` Default: `save`\n\n  Available values:\n    - `safe`\n    - `unsafe`\n\n  **Required:**\n  *false*\n\n- `reserved_names`\n\n  Disables obfuscation and generation of identifiers, which being matched by passed RegExp patterns (comma separated).\n\n  \u003e Type: `string[]` Default: `[]`\n  \n  **Required:**\n  *false*\n\n- `reserved_strings`\n\n  Disables transformation of string literals, which being matched by passed RegExp patterns.\n  \n  \u003e Type: `string[]` Default: `[]`\n  \n  **Required:**\n  *false*\n\n- `seed`\n\n  Sets seed for random generator. This is useful for creating repeatable results.\n  \n  \u003e Type: `string|number` Default: `0`\n  \n  **Required:**\n  *false*\n\n- `self_defending`\n\n  Disables self-defending for obfuscated code.\n\n  \u003e Type: `boolean` Default: `false`\n  \n  **Required:**\n  *false*\n\n- `simplify`\n\n  Enables additional code obfuscation through simplification.\n\n  \u003e Type: `boolean` Default: `true`\n  \n  **Required:**\n  *false*\n\n- `source_map`\n\n  Enables source map generation for obfuscated code.\n\n  \u003e Type: `boolean` Default: `true`\n\n  Source maps can be useful to help you debug your obfuscated JavaScript source code. If you want or need to debug in production, you can upload the separate source map file to a secret location and then point your browser there.\n  \n  **Required:**\n  *false*\n\n- `source_map_base_url`\n\n  Sets base url to the source map import url when `source_map_mode: separate`.\n \n  \u003e Type: `string` Default: ``\n\n  **Required:**\n  *false*\n\n- `source_map_file_name`\n\n  Sets file name for output source map when `source_map_mode: separate`.\n \n  \u003e Type: `string` Default: ``\n\n  **Required:**\n  *false*\n\n- `source_map_mode`\n\n  Specify source map output mode.\n\n  \u003e Type: `string` Default: `separate`\n\n  Available values:\n    - `inline`\n    - `separate`\n  \n  **Required:**\n  *false*\n\n- `source_map_sources_mode`\n\n  Specify source map sources mode.\n\n  \u003e Type: `string` Default: `sources-content`\n\n  Available values:\n    - `sources-content`\n    - `sources`\n  \n  **Required:**\n  *false*\n\n- `split_strings`\n\n  Splits literal strings into chunks with length of `split_strings_chunk_length` option value.\n\n  \u003e Type: `boolean` Default: `false`\n\n  **Required:**\n  *false*\n\n- `split_strings_chunk_length`\n\n  Sets chunk length of `split_strings` option.\n\n  \u003e Type: `number` Default: `10`\n\n  **Required:**\n  *false*\n\n- `string_array`\n\n  Enables gathering of all literal strings into an array and replacing every literal string with an array call.\n\n  \u003e Type: `boolean` Default: `true`\n\n  Removes string literals and place them in a special array. For instance, the string `\"Hello World\"` in `var m = \"Hello World\";` will be replaced with something like `var m = _0x12c456[0x1];`.\n\n  **Required:**\n  *false*\n\n- `string_array_calls_transform`\n\n  Enables the transformation of calls to the `string_array`.\n\n  \u003e Type: `boolean` Default: `false`\n\n  All arguments of these calls may be extracted to a different object depending on `string_array_calls_transform_threshold` value. So it makes it even harder to automatically find calls to the string array.\n\n  **Required:**\n  *false*\n\n- `string_array_calls_transform_threshold`\n\n  The probability that that calls to the string array will be transformed.\n\n  \u003e Type: `number` Default: `0.5`\n\n  **Required:**\n  *false*\n\n- `string_array_encoding`\n\n  Encodes each string in strings array using `base64` or `rc4` (this option can slow down your code speed).\n\n  \u003e Type: `string[]` Default: `[]`\n\n  Available values:\n    - `none`\n    - `base64`\n    - `rc4`\n\n  **Required:**\n  *false*\n\n- `string_array_indexes_type`\n\n  Allows to control the type of string array call indexes.\n\n  \u003e Type: `string[]` Default: `['hexadecimal-number']`\n\n  Each `string_array` call index will be transformed by the randomly picked type from the passed list. This makes possible to use multiple types.\n\n  Available values:\n    - `hexadecimal-number`\n    - `hexadecimal-numeric-string`\n\n  **Required:**\n  *false*\n\n- `string_array_index_shift`\n\n  Enables additional index shift for all string array calls.\n\n  \u003e Type: `boolean` Default: `true`\n\n  **Required:**\n  *false*\n\n- `string_array_rotate`\n\n  Shift the `string_array` array by a fixed and random (generated at the code obfuscation) places. This makes it harder to match the order of the removed strings to their original place.\n  \n  \u003e Type: `boolean` Default: `true`\n\n  **Required:**\n  *false*\n\n- `string_array_shuffle`\n\n  Randomly shuffles the `string_array` array items.  \n\n  \u003e Type: `boolean` Default: `true`\n\n  **Required:**\n  *false*\n\n- `string_array_shuffle`\n\n  Randomly shuffles the `string_array` array items.  \n\n  \u003e Type: `boolean` Default: `true`\n\n  **Required:**\n  *false*\n\n- `string_array_wrappers_count`\n\n  Sets the count of wrappers for the `string_array` inside each root or function scope. The actual count of wrappers inside each scope is limited by a count of literal nodes within this scope. \n\n  \u003e Type: `number` Default: `1`\n\n  **Required:**\n  *false*\n\n- `string_array_wrappers_chained_calls`\n\n  Enables the chained calls between `string_array` wrappers.\n\n  \u003e Type: `boolean` Default: `true`\n\n  **Required:**\n  *false*\n\n- `string_array_wrappers_parameters_max_count`\n\n  Allows to control the maximum number of string array wrappers parameters. Default and minimum value is `2`. Recommended value between `2` and `5`.\n  \n  \u003e Type: `number` Default: `2`\n\n  **Required:**\n  *false*\n\n- `string_array_wrappers_type`\n\n  Allows to select a type of the wrappers that are appending by the `string_array_wrappers_count` option.\n\n  \u003e Type: `string` Default: `variable`\n\n  Available values:\n    - `variable`\n    - `function`\n\n  **Required:**\n  *false*\n\n- `string_array_threshold`\n\n  The probability that the literal string will be inserted into `string_array`.\n\n  \u003e Type: `number` Default: `0.8` Min: `0` Max: `1`\n\n  **Required:**\n  *false*\n\n- `target`\n\n  Allows to set target environment for obfuscated code.\n  \n  \u003e Type: `string` Default: `browser`\n\n  Available values:\n    - `browser`\n    - `browser-no-eval`\n    - `node`\n\n  **Required:**\n  *false*\n\n- `transform_object_keys`\n\n  Enables transformation of object keys.\n  \n  \u003e Type: `boolean` Default: `false`\n\n  **Required:**\n  *false*\n\n- `unicode_escape_sequence`\n\n  Allows to enable/disable string conversion to unicode escape sequence.\n  \n  \u003e Type: `boolean` Default: `false`\n\n  **Required:**\n  *false*\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkevinrohn%2Fgithub-action-javascript-obfuscator","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fkevinrohn%2Fgithub-action-javascript-obfuscator","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fkevinrohn%2Fgithub-action-javascript-obfuscator/lists"}