Command line options
The JSDefender CLI supports short and long option names. The short names start with a single dash (
-), while long names start with two dashes (
--). Many options have only long names.
Basic configuration settings:
--version: Displays the product version.
--help: Displays help information about using the CLI, including the command line options.
--config: The configuration file containing the settings. The name of the file should follow the option.
--mapout: With this option, you can specify the name and path of the map file. Or, using the
offvalue, you can turn off saving the map file. The name of the file (or the
offswitch) should follow the option. See more details in the Lexical map section.
--runtime: You can specify a separate file name so that the protection engine emits the JSDefender runtime to that file.
--license: Provides the license key to run the JSDefender CLI. See Licensing to learn about alternative ways to specify the license key.
--estarget: When transforming the code, JSDefender uses the highest ECMAScript version recognized while parsing the input. With this option, you can change the ECMAScript version. The name of the ES version to apply (
es2018) should follow the option. Setting the target ECMAScript version with
--esTargetmeans that JSDefender will not inject any protection code that is incompatible with the specified standard. However, if your source code contains syntax with a higher ECMAScript standard, JSDefender will not transpile it back to the older version; instead, it will display a warning message.
--quiet: Turns on quiet mode. In this mode, JSDefender emits only some general information, errors and warnings. Default is off.
--randomseed: Some protection techniques use randomization, so every run with the same configuration results in different outputs. The value should be a 32-bit integer number that follows the option. If it is not specified or 0, the protection uses a non-deterministic seed value.
--disable-inline: Disables using the inline protection directives, as if they were omitted from the source code.
--nocolor: Disables using colors in the CLI output.
--repbool: Turns on replacing Boolean literals.
--repbooloff: Turns off replacing Boolean literals.
--constarg: Turns on constant argument obfuscation.
--constargoff: Turns off constant argument obfuscation.
--conscloaking: Turns on console cloaking obfuscation.
--conscloakingoff: Turns off console cloaking obfuscation.
--datelock: Sets a runtime date interval to test if the current date is within a particular range. The interval can have an open start or end date. The interval value should follow the option. See more details in the dateLock section.
--debrem: Turns on
--debremoff: Turns off
--devtools: Turns on DevTools blocking.
--devtoolsoff: Turns off DevTools blocking.
--domainlock: Locks the code to the domain specified in the argument following the option. See more details in the domainLock section.
--extstr: Turns on extracting string literals. For details, see the String Literal Extraction section.
--extstroff: Turns off extracting string literals.
--exprseq: Turns on expression sequence obfuscation.
--exprseqoff: Turns off expression sequence obfuscation.
--flow: Turns on control flow protection.
--flowoff: Turns off control flow protection.
--funcreord: Turns on function reordering.
--funcreordoff: Turns off function reordering.
--repint: Turns on replacing integer literals.
--repintoff: Turns off replacing integer literals.
--radix: Changes all integer literals to their representation with the specified radix. Learn more in the integerLiterals section.
--localdecl: Turns on renaming local declarations.
--localdecloff: Turns off renaming local declarations. See the localDeclarations section for details.
--names: Sets the name mangling method to use for identifiers. See the localDeclarations section for details.
--propind: Turns on property indirection. Learn more in the Property Indirection section.
--propindoff: Turns off property indirection.
--propsparsing: Turns on property sparsing. Find more details in the Property Sparsing section.
--propsparsingoff: Turns off property sparsing.
--randomize: Turns on randomization with all protection techniques that support it.
--randomizeoff: Turns off randomization.
--selfdefend: Turns on self-defending transformation. Read more details in the Self-Defending Protection section.
--selfdefendoff: Turns off self-defending transformation.
--vargroup: Turns on variable grouping transformation. Find more details in the Variable Grouping Protection section.
--vargroupoff: Turns off variable grouping transformation.
--globobjhiding: Turns on global object hiding transformation. Find more details in the Global Object Hiding section.
--globobjhidingoff: Turns off global object hiding transformation.
Default command line options
By default, JSDefender turns on string literal extraction and local declaration renaming. Assuming there is no default configuration file present, these command lines are equivalent:
jsdefender myJsBundle.js myProtectedScript.js jsdefender myJsBundle.js myProtectedScript.js -e -l
Let's assume you intend to use only Boolean literal replacement without the default transform methods. You need to issue this command:
jsdefender myJsBundle.js myProtectedScript.js -E -L -b
-E turns off string literal extraction, while
-L turns off local declaration renaming.