Chrome Web Store Violation: Having obfuscated code in the package
valyefimov opened this issue · 3 comments
Checklist
- The issue can be reproduced in the auth0-react sample app (or N/A).
- I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
- I have looked into the API documentation and have not found a suitable solution or answer.
- I have searched the issues and have not found a suitable solution or answer.
- I have searched the Auth0 Community forums and have not found a suitable solution or answer.
- I agree to the terms within the Auth0 Code of Conduct.
Description
I got a violation at the Chrome Web Store.
Code Readability Requirements
Violation reference ID: Red Titanium
Violation: Having obfuscated code in the package.
Violating content:
Code snippet:
ar Bt, Nt, Vt, st, Ir = (Bt = "Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwohZnVuY3Rpb24oKXsidXNlIHN0cmljdCI7Y2xhc3MgZSBleHRlbmRzIEVycm9ye2NvbnN0cnVjdG9yKHQscil7c3VwZXIociksdGhpcy5lcnJvcj10LHRoaXMuZXJyb3JfZGVzY3JpcHRpb249cixPYmplY3Quc2V0UHJvdG90eXBlT2YodGhpcyxlLnByb3R
How to rectify: Replace the obfuscated code with human-readable code and resubmit the item.
Reproduction
- install npm module
- Go to the dist folder and find the string starting with
Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2Vy
Additional context
No response
auth0-react version
2.1.1
React version
18.2.0
Which browsers have you tested in?
Chrome
@valyefimov were you able to find a solution for this? I've just encountered the same issue.
@valyefimov were you able to find a solution for this? I've just encountered the same issue.
Yes, I wrote a script that decodes the string and updates the final JS file. I run that script after making a production build for Chrome Web Store submissions.
"postbuild-production": "node ./scripts/fix-auth0-violation.js",
https://gist.github.com/valyefimov/f2fc1c70c9bfd94fba98d962e1112c8c
Note: you have to update this line to specify your build folder
const assetsPath = path.join(__dirname, '../build/chrome-mv3-production');
@valyefimov were you able to find a solution for this? I've just encountered the same issue.
Yes, I wrote a script that decodes the string and updates the final JS file. I run that script after making a production build for Chrome Web Store submissions.
"postbuild-production": "node ./scripts/fix-auth0-violation.js",
https://gist.github.com/valyefimov/f2fc1c70c9bfd94fba98d962e1112c8c
Note: you have to update this line to specify your build folder
const assetsPath = path.join(__dirname, '../build/chrome-mv3-production');
Thank you so much for this, this is super helpful!!