Can I obfuscate the product's core functions?

I’m developing a jamstack application. Is it okay to obfuscate core functions for the security of the application? I will not hide components for users to make changes to the UI. Obfuscated core functions will be an npm package.

1 Like

I doubt it - obfuscating generally is not allowed as the item needs to be entirely editable

2 Likes

Thanks for your feedback! The obfuscated functions will actually be part of an npm package, not within the app itself. The UI components will remain fully editable for users. The obfuscation is solely for core functions to enhance security and won’t impact user experience. Do you think this approach could work, given that the main app code remains accessible and editable?

Definitely the best option is to ask support only they will be able to confirm one way or another

Envato Author Support

1 Like

No, you’re not allowed. It’s not allowed for any items on WordPress/CodeCanyon category, it won’t be allowed for other categories, too

Themes must not obfuscate or hide code in any way, including through the use of base64 encoding.

Hi Charlie4282,

I hope you’re doing well. I have a question regarding Envato’s rules on code editability, specifically about the use of 3rd party software in Jamstack applications.

I understand that all code included in the item being sold must be editable. However, many Jamstack applications, including mine, rely on various 3rd party dependencies (e.g., Next.js, Stripe) that are not editable by the end user.

In my case, I’ve developed a core functionality package, obfuscated it for security reasons, and included it in my project as a 3rd party dependency (similar to how Next.js is included). The UI components and other parts of the project, which are the actual item being sold, remain fully editable by the buyer.

My question is: Does Envato’s rule about “editable code” apply to the 3rd party dependencies as well, or only to the actual code that is part of the product being sold? In other words, do these 3rd party dependencies (whether it’s Next.js or my own core package) need to be editable, or is it sufficient that the buyer can fully modify the code within the project itself?

Thanks for your guidance on this!

It has to be editable/not obfuscated. You’d be getting “soft” rejection to provide the “human can read” codes.

You “can” if it is not the core part of what you you’re selling.

1 Like

hi Vibe Themes

First of all, thank you for your comment. The core package forms the basis of the product. but is not included in the sale. It is not included in the product anyway. It is installed as an npm package during the installation phase.

The license for this package will belong to me. The product I sell will include components, styles and hooks, the UI is completely replaceable by users.

Additionally, this core package will also include the Envato product key verification system. If the core package is unlocked, customers can use the product unlimitedly and face the risk of piracy