DEV Community

Discussion on: Do not leak your codebase in private projects

Collapse
 
skyrpex profile image
Cristian Pallarés

I guess it just depends on the nature of your app. Javascript source code is easily beautified back again (without any sourcemap), so maybe isn't even worth removing them. Having the sourcemaps available improves Sentry reports, for example.

Collapse
 
pojntfx profile image
Felicitas Pojtinger

Also, it respects your user's freedom. And it makes reporting bugs by a casual dev much simpler ;)

Collapse
 
carloslfu profile image
Carlos Galarza

I agree, there is no such thing as full-security, neither in frontend nor your backend systems. What really makes the difference is the number of layers you have, but systems always can be broken. So not leaking your codebase in a readable manner is another security layer you can have. From a developer perspective, the real value of a codebase is the time you put in organize, name things (a hard part), give structure and meaning to your code, not so much the code itself as a sequence of statements. So, if your code is readable and understandable, is also easy to reuse and then it becomes a business concern because if you leak this type of code, anyone can copy & paste and reuse your components and I think business people are going to be not so happy about this. I think for this reason companies like Facebook do not leak his code in this way if they want to share those valuable assets they do it in a way they can gain some value and do not lose some competitive advantage.