Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Provide a closure-medium obfuscation setting #1504

Closed
dchambers opened this issue Aug 17, 2015 · 9 comments
Closed

Provide a closure-medium obfuscation setting #1504

dchambers opened this issue Aug 17, 2015 · 9 comments
Assignees
@dchambers
Labels
enhancement high-priority
Milestone
1.2.0

Comments

@dchambers
Copy link
Contributor

We need a custom minification level (say closure-medium) between closure-simple and closure-advanced, that causes private members (i.e. members starting with _ or m_) to be obfuscated. Over time, we might enable more settings if we can determine that it's safe to do so.
@dchambers dchambers added this to the 1.1 milestone Aug 17, 2015
@dchambers dchambers self-assigned this Aug 17, 2015
@dchambers
Copy link
Contributor Author

I've done some work on this (see the new-closure-obfuscation-setting branch), but I've discovered that it's dependent on an upstream change to Google Closure as a pre-requisite, so won't be able to progress it further until/if I manage to get my pull-request accepted.

@dchambers
Copy link
Contributor Author

Marking this as a high-priority issue since it's blocking our ability to make some of our demo apps available publicly.

@andy-berry-dev
Copy link
Member

@dchambers if this is needed ASAP we could build our own version of the closure compiler and host it at https://github.com/BladeRunnerJS/brjs-build-dependencies. Make sure to add a -brjs to the artefact name though so we know its a custom built version.

@dchambers
Copy link
Contributor Author

Okay, that's a really good back-up plan. I think we're nearing a conclusion on how this can be done in a way that would be acceptable to merge upstream, so will wait till I hear more before I do anything.

@andy-berry-dev
Copy link
Member

So we don't loose track of the whole story google/closure-compiler#1087 is the (unmerged) PR for the Google closure project.

@dchambers
Copy link
Contributor Author

So we don't loose track of the whole story google/closure-compiler#1087 is the (unmerged) PR for the Google closure project.

This is now available in:

@dchambers dchambers modified the milestones: Bugs & Docs, 1.1 Sep 15, 2015
@dchambers dchambers removed their assignment Sep 15, 2015
@andy-berry-dev andy-berry-dev self-assigned this Sep 15, 2015
@andy-berry-dev
Copy link
Member

#1524 is the PR for the BRJS changes required for this.

@dchambers
Copy link
Contributor Author

Problem:

There is widespread use of the following methods in presenter:

  • Property.addChangeListener(oListener, sMethod, bNotifyImmediately)
  • Property.addUpdateListener(oListener, sMethod, bNotifyImmediately)
  • EditableProperty.addValidationErrorListener(oListener, sMethod, bNotifyImmediately)
  • EditableProperty.addValidationSuccessListener(oListener, sMethod, bNotifyImmediately)
  • EditableProperty.addValidationCompleteListener(oListener, sMethod, bNotifyImmediately)

which aren't currently Closure Compatible since the sMethod parameters are string representations of private methods that will be obfuscated by Closure Compiler.

Solution:

We could solve this by changing the names of call-back methods (e.g. _amountChanged) so that they are no longer recognized as private methods, but are still distinguishable from public methods by the developer (e.g. $amountChanged).

Or, alternatively, we could support an alternate call signature for these methods, so that in addition to addXXXListener(oListener, sMethod, bNotifyImmediately) we also support addXXXListener(fCallback, bNotifyImmediately), allowing code like this:

this.amount.addChangeListener(this, '_amountChanged');

to be changed to this:

this.amount.addChangeListener(this._amountChanged.bind(this));

where the second proposal has the advantage that far more of our code will end up being obfuscated.

@dchambers
Copy link
Contributor Author

Another block I've discovered is the PresentationNode.isPrivateKey() method, because:

  1. It's not able to determine which methods are private once the code has been obfuscated.
  2. We could change Closure Compiler to prepend an _ prefix to renamed properties, but this would mean we'd be permanently stuck on our fork of Closure Compiler, and that download sizes would be marginally bigger.
  3. Although we could encourage people to hide their properties within closures rather than relying on naming, this would still lead to differences between development and production since:
    1. Private properties would no longer be recognized as such in production.
    2. Public properties might be incorrectly recognized as private properties if closure-advanced is used and if a property is renamed so that it starts with an _ or m_.

If we don't want to permanently fork Closure Compiler, than it makes sense to use a deprecation-flag to allow the functionality within isPrivate() to be disabled, so that things work the same in dev and production.

@andy-berry-dev andy-berry-dev modified the milestones: Bugs & Docs, 1.1.0, 1.X Sep 23, 2015
@Aivarass Aivarass added 6 - Done and removed 5 - Test labels Nov 2, 2015
@andy-berry-dev andy-berry-dev modified the milestones: 1.2.0, 1.X Nov 17, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dchambers dchambers

Labels
enhancement high-priority
Projects
None yet
Milestone
1.2.0
Development

No branches or pull requests
3 participants
@dchambers @andy-berry-dev @Aivarass