Chrome Web Store Violation: Having obfuscated code in the package

valyefimov commented 10 months ago

Checklist

[X] The issue can be reproduced in the auth0-react sample app (or N/A).
[X] I have looked into the Readme, Examples, and FAQ and have not found a suitable solution or answer.
[X] I have looked into the API documentation and have not found a suitable solution or answer.
[X] I have searched the issues and have not found a suitable solution or answer.
[X] I have searched the Auth0 Community forums and have not found a suitable solution or answer.
[X] I agree to the terms within the Auth0 Code of Conduct.

Description

I got a violation at the Chrome Web Store.

Code Readability Requirements

Violation reference ID: Red Titanium Violation: Having obfuscated code in the package. Violating content: Code snippet:

ar Bt, Nt, Vt, st, Ir = (Bt = "Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwohZnVuY3Rpb24oKXsidXNlIHN0cmljdCI7Y2xhc3MgZSBleHRlbmRzIEVycm9ye2NvbnN0cnVjdG9yKHQscil7c3VwZXIociksdGhpcy5lcnJvcj10LHRoaXMuZXJyb3JfZGVzY3JpcHRpb249cixPYmplY3Quc2V0UHJvdG90eXBlT2YodGhpcyxlLnByb3R

How to rectify: Replace the obfuscated code with human-readable code and resubmit the item.

Reproduction

install npm module
Go to the dist folder and find the string starting with Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2Vy

Additional context

No response

auth0-react version

2.1.1

React version

18.2.0

Which browsers have you tested in?

Chrome

jeremiahmark commented 7 months ago

@valyefimov were you able to find a solution for this? I've just encountered the same issue.

valyefimov commented 7 months ago

@valyefimov were you able to find a solution for this? I've just encountered the same issue.

Yes, I wrote a script that decodes the string and updates the final JS file. I run that script after making a production build for Chrome Web Store submissions.

    "postbuild-production": "node ./scripts/fix-auth0-violation.js",

https://gist.github.com/valyefimov/f2fc1c70c9bfd94fba98d962e1112c8c

Note: you have to update this line to specify your build folder const assetsPath = path.join(__dirname, '../build/chrome-mv3-production');

jeremiahmark commented 7 months ago

@valyefimov were you able to find a solution for this? I've just encountered the same issue.

Yes, I wrote a script that decodes the string and updates the final JS file. I run that script after making a production build for Chrome Web Store submissions.
    "postbuild-production": "node ./scripts/fix-auth0-violation.js",
https://gist.github.com/valyefimov/f2fc1c70c9bfd94fba98d962e1112c8c

Note: you have to update this line to specify your build folder const assetsPath = path.join(__dirname, '../build/chrome-mv3-production');

Thank you so much for this, this is super helpful!!

auth0 / auth0-react