if we're talking about a personal website nobody will care. if you are a multibillion company and there's the risk that literally anyone can create a 1:1 clone of your services... yeah that's a bit of a trouble

[–] mr_satan@lemmy.zip 8 points 2 weeks ago (2 children)

Omitting source maps doesn't prevent that.

[–] mack@lemmy.sdf.org 4 points 2 weeks ago (1 children)

no it doesn't, and I am very aware that if anything runs on someone's computer then it can get replicated. but it gets slightly harder, also to reverse-engineer it or find potential fallacies. as well as source maps on prod are just a waste of bandwidth

[–] mr_satan@lemmy.zip 1 points 2 weeks ago* (last edited 2 weeks ago)

Dunno, this "harder" argument while valid sounds just like false security. That's why I don't see much weight in it.

As for bandwidth, source maps are not automatically pulled from server, so it also seems like a false issue to me.

[–] Ibaudia@lemmy.world 1 points 2 weeks ago (1 children)

No, but it's a sensible security measure. Anything to make it harder.

[–] mr_satan@lemmy.zip 3 points 2 weeks ago

That's the thing, it's not actually a security measure. Security through obscurity is not security. It can provide false security impression that is more harmful in my opinion.

Having source maps can encourage proper security practices. Which, in my books, very much outweighs any security benefits of hiding them.