Open Abdelgha-4 opened 3 months ago
Thanks but it's not possible to protect such code and data by nature of Stlite like other frontend apps. As you wrote encoding makes it a bit hard to read the data, but it still can't protect the data as it's just a serialization but not encryption and even the serializer/deserializer are open. Users just have to be aware of this nature.
Well, that's unfortunate, it eliminates the possibility of using Stlite for any project that has any level of privacy or non open source code.
With that said, how about code minification for the sole purpose of reducing the page size? I think that removing comments and docsrtings may have some effect. Minifying the full code source with tools like python-minifier might be even better. @whitphx, What do you think?
One native feature of Streamlit that may lack in Stlite is the protection of the python source code. With Streamlit, users can never reach the source code used in the application, while in Stlite it should be included in the html by desing. This could repel users who prefer to keep their App's code as closed-source or use some sensitive information in the app code.
Potential solutions: 1- Encoding: I don't know if this is an intended feature, but currently Stlite sharing already encodes python files to base64 when they are uploaded, which could at least prevent shoulder surfing. 2- Minification: minified code can improve rendering times due to less payload size, while also making it harder to understand and reverse engineer. 3- Hiding: With #901, I'm not sure if it's possible to completely hide the original python code after reducing it to a lower level version during the build time ?