Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
[Feature-Request] Don't minify / uglify released extension versions
See original GitHub issueCurrent release versions of Violentmonkey downloaded from addons.mozilla.org are getting minified. I propose to omit this build step and just deliver the extension unminified for privacy reasons and trust in the published source code.
Minifying makes sense for web applications to reduce the bundle size and increase performance. Though an installed browser extension does not need this build step - the code is already available locally.
(For those who would like to verify this: go to https://addons.mozilla.org/en-US/firefox/addon/violentmonkey and download the extension as .xpi and open with your archive manager of choice.)
Sad reality is: It is very easy to embed trackers in releases, while still being MIT licensed - I wouldn’t state, this is the norm, but auditing certainly still remains necessary.
To make it clear, I really like Violentmonkey as an open source alternative to Tampermonkey! It also seems to have more active development than Greasemonkey. After having researched a bit, I am willing to trust gera2ld (and other contributors) considering that user-script extensions in general are getting a multitude of permissions in the browser, which for nearly all of us is the most important and frequently used app.
Being a privacy conscious user, I just would like to get an eye on the released source code. Uglifying/Minifying/obfuscating complicates auditing and is is not needed in my view.
Issue Analytics
- State:
- Created 3 years ago
- Comments:9 (4 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
No, it’s not feasible and there’ll be no benefits for anyone.
Without the minifying step of the build process the size of files will be approximately 10 times bigger than the original source because that’s how WebPack compiles stuff. You can view the result when running
yarn dev, see README.md.No, it’s needed because the much more pronounced benefit is the shorter compilation and parsing time in the JavaScript engine.
That’s a common misconception whereas all you need is to build the source code and compare it to the released version, which is what AMO (addons.mozilla.org) reviewers do.
Added a question to FAQ: https://violentmonkey.github.io/faq/#why-is-the-release-minified