Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

yarn build and the project contains the entire source code

See original GitHub issue

I came across this accidently. In the past I was used to have an obfuscated version of my SPA after “npm run build”.

With the latest react-static (which does not work correctly with npm run build, but it passes with yarn build, see here https://github.com/nozzle/react-static/issues/1053) there is the full source code available in user’s browser. In the beginning I thought, this is just because there is somewhere a file link to the source code in a map or so and it would be only visible to me, but after deploying it to a webserver it was also available to all.

Steps to reproduce:

  • react-static create
  • use “blank” target
  • To visualize the issue add a console.log("Hello World") in App.js, but you could also browse the source tree in developer console
render () {
    console.log("Hello World")
    return (
  • run yarn build
  • run `yarn serve``
  • open localhost:3000 in your browser
  • open developer console
  • find Hello World and click the right most link to ‘App.js:9’

Find your sources. Bummer

I never had this with previous react-static versions.

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:46 (46 by maintainers)

github_iconTop GitHub Comments

1reaction
tannerlinsleycommented, Mar 26, 2019

We’ll have a config option for this sourceMaps: true and possibly some other options. This option will likely default to false, given that most people don’t need source maps in production.

Yes, you could easily just not upload them, but I think that would provide more trouble for people who repeatedly have to remove them or exclude them from the build directory, etc. While that’s still possible, I think the flag will be more intuitive for both use cases.

0reactions
neilyoungcommented, Mar 26, 2019

Right, feel free to close. I’m having my solutions

Read more comments on GitHub >

github_iconTop Results From Across the Web

Creating a Package - Yarn
A package is a directory with some code and a package.json file that provides information to Yarn about your package. Most packages use...
Read more >
Why does bundle include source files and other non-runtime ...
The yarn build -c option, is really a way for you to leverage the dependency graph to run a script in parallel, such...
Read more >
Always commit your yarn.lock file into the source code repo
I use the Yarn package manager for all my Angular projects. Besides being faster than npm, yarn creates a file yarn.lock that stores...
Read more >
What does " yarn build " command do? Are " npm build " and ...
after yarn build you can see the build folder inside your project, this folder contains the bundled app or compiled project. – noe....
Read more >
Yarn Workspaces: Organize Your Project's Codebase Like A Pro
React is a good example of an open-source project that is monorepo. ... To fully complete this tutorial, you will need to have...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

[Bug] SSR does not seem to work on new project

Next page

Easier access to node devtools inspector