Hardening to prevent reverse engineering.

2026-03-20 15:59:01 -07:00
parent fe6dec09db
commit 1b9c04f418
9 changed files with 664 additions and 409 deletions
--- a/scripts/build-electron.mjs
+++ b/scripts/build-electron.mjs
@@ -0,0 +1,40 @@
+import { build } from "esbuild";
+import fs from "node:fs";
+import path from "node:path";
+
+const repoRoot = path.resolve(process.cwd());
+const pkg = JSON.parse(fs.readFileSync(path.join(repoRoot, "package.json"), "utf8"));
+
+const externals = [
+  "electron",
+  ...Object.keys(pkg.dependencies || {}),
+  ...Object.keys(pkg.devDependencies || {})
+];
+
+/**
+ * Bundle/minify Electron main + preload.
+ *
+ * NOTE: This is source protection / IP hardening, not a security boundary.
+ */
+await build({
+  entryPoints: {
+    main: path.join(repoRoot, "electron", "main-src.js"),
+    preload: path.join(repoRoot, "electron", "preload-src.js")
+  },
+  outdir: path.join(repoRoot, "dist-electron"),
+  outExtension: { ".js": ".cjs" },
+  platform: "node",
+  format: "cjs",
+  bundle: true,
+  minify: true,
+  sourcemap: false,
+  legalComments: "none",
+  target: "node22",
+  define: {
+    "process.env.NODE_ENV": '"production"'
+  },
+  external: externals,
+  logLevel: "info"
+});
+
+console.log("Built dist-electron outputs.");