create-react-app Don't generate source maps by default as this make production code visible to anyone

Don't generate source maps by default as this make production code visible to anyone

Open pimmee opened this issue 4 years ago • 3 comments

Is your proposal related to a problem?

Yes. I just had one of my users linking a screenshot of my code and found out that my entire codebase (not minified) was completely visible to anyone in the Sources tab in Chrome dev tools. I found this rather insane. There's a reason people want to open-source their code. Screenshot from 2020-09-23 20-50-31

It was fixed by adding GENERATE_SOURCEMAP=false to the .env file. I found similar issues, but none that pointed out the serious business implications this may have.

Describe the solution you'd like

I think this should definitely not be default behavior, or at least give strong warnings against it.

I've loved the development experience besides this <3

Sep 23 '20 19:09 pimmee

create-react-app create-react-app copied to clipboard

Don't generate source maps by default as this make production code visible to anyone

Is your proposal related to a problem?

Describe the solution you'd like

create-react-app
create-react-app copied to clipboard