{"id":20161,"library":"jscrambler-webpack-plugin","title":"Jscrambler Webpack Plugin","description":"Webpack plugin (v8.5.3) that integrates Jscrambler Code Integrity to protect JavaScript bundles via obfuscation, anti-tampering, and self-defensive capabilities. Active development with frequent releases tied to Jscrambler API changes. Keys: supports chunk-based protection, bundle/module-level obfuscation, SRI compatibility, and webpack 5 via processAssets hook. Differentiators: enterprise-grade protection with polymorphic transformations, vs free tools like UglifyJS or terser that only minify. Ships TypeScript types.","status":"active","version":"8.5.3","language":"javascript","source_language":"en","source_url":"https://github.com/jscrambler/jscrambler","tags":["javascript","jscrambler","webpack","obfuscate","protect","js","typescript"],"install":[{"cmd":"npm install jscrambler-webpack-plugin","lang":"bash","label":"npm"},{"cmd":"yarn add jscrambler-webpack-plugin","lang":"bash","label":"yarn"},{"cmd":"pnpm add jscrambler-webpack-plugin","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Plugin API dependency","package":"webpack","optional":false}],"imports":[{"note":"Package is ESM-first with named default export. CJS require works in Node 12+ but is not guaranteed in future versions.","wrong":"const JscramblerWebpack = require('jscrambler-webpack-plugin')","symbol":"default","correct":"import JscramblerWebpack from 'jscrambler-webpack-plugin'"},{"note":"This is a CommonJS pattern for webpack.config.js files which are often CJS. The default export is the constructor.","wrong":"const { JscramblerWebpack } = require('jscrambler-webpack-plugin')","symbol":"JscramblerWebpack","correct":"const JscramblerWebpack = require('jscrambler-webpack-plugin')"},{"note":"TypeScript types are included. No separate @types package needed.","symbol":"Type declarations","correct":"import JscramblerWebpack from 'jscrambler-webpack-plugin'"}],"quickstart":{"code":"// webpack.config.js\nconst JscramblerWebpack = require('jscrambler-webpack-plugin');\nconst path = require('path');\n\nmodule.exports = {\n  mode: 'production',\n  entry: './app/index.js',\n  output: {\n    filename: 'bundle.js',\n    path: path.resolve(__dirname, 'dist')\n  },\n  plugins: [\n    new JscramblerWebpack({\n      enable: true,\n      chunks: ['main'],\n      params: [\n        { name: 'accessKey', value: process.env.JSCRAMBLER_ACCESS_KEY ?? '' },\n        { name: 'secretKey', value: process.env.JSCRAMBLER_SECRET_KEY ?? '' },\n        { name: 'applicationId', value: process.env.JSCRAMBLER_APPLICATION_ID ?? '' }\n      ]\n    })\n  ]\n};","lang":"javascript","description":"Minimal webpack config with Jscrambler, using env vars for credentials and protecting the main chunk."},"warnings":[{"fix":"Ensure Jscrambler version >= 7.2 or use plugin <= 5.x.x for Jscrambler <= 7.1","message":"Version 6.0.0 requires Jscrambler >= 7.2. Using older plugin with newer Jscrambler causes failures","severity":"breaking","affected_versions":">=6.0.0"},{"fix":"If source maps are needed, use obfuscationLevel: 'bundle' (default)","message":"Setting obfuscationLevel to 'module' disables source maps. Source maps will not be generated.","severity":"gotcha","affected_versions":"*"},{"fix":"Ensure SubresourceIntegrityPlugin is added after JscramblerWebpack in the plugins array","message":"webpack-subresource-integrity plugin must run after JscramblerWebpackPlugin, otherwise SRI hashes will mismatch","severity":"gotcha","affected_versions":"*"},{"fix":"Remove obfuscationHook 'emit' or set to 'processAssets'","message":"The obfuscationHook: 'emit' option is deprecated in webpack 5. Use 'processAssets' instead.","severity":"deprecated","affected_versions":">=8.0.0"},{"fix":"Verify chunk names match your webpack entry names exactly","message":"Chunks option requires exact chunk names from entry. Misspelled chunk names silently protect no chunks.","severity":"gotcha","affected_versions":"*"},{"fix":"Regenerate tokens in Jscrambler dashboard and update .jscramblerrc","message":"JscramblerAccessToken replacement: old tokens stop working after migration, causing authorization errors","severity":"breaking","affected_versions":">=7.0.0"},{"fix":"Ensure CI/CD runners have outbound HTTPS access to api.jscrambler.com","message":"Plugin requires network access to Jscrambler API at build time. Offline builds will fail.","severity":"gotcha","affected_versions":"*"}],"env_vars":null,"last_verified":"2026-04-25T00:00:00.000Z","next_check":"2026-07-24T00:00:00.000Z","problems":[{"fix":"Use import JscramblerWebpack from 'jscrambler-webpack-plugin' or const JscramblerWebpack = require('jscrambler-webpack-plugin')","cause":"Using import { JscramblerWebpack } instead of the default export","error":"Error: Jscrambler is not defined"},{"fix":"Check applicationId in .jscramblerrc or plugin options, and verify application is active in Jscrambler dashboard","cause":"Invalid applicationId or application is deactivated","error":"JSCRAMBLER_ERROR: Application not found or inactive"},{"fix":"Use const JscramblerWebpack = require('jscrambler-webpack-plugin').default for ESM or default import","cause":"Importing as named export instead of default","error":"TypeError: JscramblerWebpack is not a constructor"},{"fix":"Use obfuscationHook: 'emit' for webpack 4, or upgrade to webpack 5","cause":"Using obfuscationHook: 'processAssets' with webpack 4","error":"Error: Invalid hook 'processAssets', webpack 4 does not support this hook"},{"fix":"Run npm install jscrambler-webpack-plugin","cause":"Package not installed","error":"Error: Cannot find module 'jscrambler-webpack-plugin'"}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}