if we're talking about a personal website nobody will care. if you are a multibillion company and there's the risk that literally anyone can create a 1:1 clone of your services... yeah that's a bit of a trouble

[–] mr_satan@lemmy.zip 9 points 1 month ago (2 children)

Omitting source maps doesn't prevent that.

[–] mack@lemmy.sdf.org 4 points 1 month ago (1 children)

no it doesn't, and I am very aware that if anything runs on someone's computer then it can get replicated. but it gets slightly harder, also to reverse-engineer it or find potential fallacies. as well as source maps on prod are just a waste of bandwidth

[–] mr_satan@lemmy.zip 2 points 1 month ago* (last edited 1 month ago)

Dunno, this "harder" argument while valid sounds just like false security. That's why I don't see much weight in it.

As for bandwidth, source maps are not automatically pulled from server, so it also seems like a false issue to me.

[–] Ibaudia@lemmy.world 1 points 1 month ago (1 children)

No, but it's a sensible security measure. Anything to make it harder.

[–] mr_satan@lemmy.zip 4 points 1 month ago

That's the thing, it's not actually a security measure. Security through obscurity is not security. It can provide false security impression that is more harmful in my opinion.

Having source maps can encourage proper security practices. Which, in my books, very much outweighs any security benefits of hiding them.