I'm building a chrome extension with Parcel. According to chrome webstore policy (that hosts Chrome extensions) - Chrome extensions are prohibited to use obfuscation.
Unfortunately, for now, we cannot move mission-critical code to a server; and have to keep it inside the extension code, which is very easy to download and read.
Although, Parcel minifies the code - it's still possible to reverse engineer, especially because Parcel doesn't mangle import paths.
For now my bundled files look similar to this (excerpt):
is_js: "YVwU",
"../../../../../../../utility-belt/helpers/dom/is-el-visible": "NBkX",
"./preformat-label-text": "uVmy",
"./find-label-element/find-label-element": "PpOy",
"../../../../../../../utility-belt/helpers/array/has-contents": "gtdY",
"../../../../../../../utility-belt/helpers/dom/get-text-content-from-el": "SRGb",
"./input-is-empty": "xrMH",
"../../edge-cases/raw-inputs-found": "b9fD",
"../../edge-cases/associated-labels": "KiPW",
"../../../../../../../utility-belt/helpers/dom/compare-DOM-positions": "lAHL",
"../../../../../../data/dictionary/BANKS": "CVde",
"../../../../../../../utility-belt/helpers/dom/DOM-shortcuts": "lN5N",
As you can see - from file names and paths, with some effort it can be deduced what each module does, and also its hash name. From hash name its contents are found and read.
It would really help if those imports be obfuscated or encoded.
Is there a way to achieve that?
