Posted by redbell 11/3/2025
a lot of people learned to code on the web via viewsource - now we are obfuscating the code
To elaborate on your comment, if you just ship sourcemaps in production, that means you can ship minified code and track down what _actual_ source that you _aren't_ shipping to users is getting called, is in stack traces, etc.
I'm not aware of a point of sourcemaps otherwise.
Now that's a fine language for a server. It combines the type safety of Ruby, the memory safety of C, and the terseness of Java.
(I'm joking, mostly... Actually I was a big fan of Obj-C for desktop apps. Fond memories of times when I didn't have to care about servers and ever-changing web frameworks.)
And amusing to myself how many people actually remember or know what WebObjects was!
The same with everything called "XSan" and "Mac OS X Server". I don't know what any of it was, but the box art was always so cool.
Here's the original post by the author of the repo himself: https://old.reddit.com/r/webdev/comments/1onnzlj/app_store_w...
The pattern itself is a little bit different, has some conceptual overhead, but it's also fairly clean and scaleable.
I’ve been staring at Apple source code (the stuff they let The Great Unwashed see), for almost forty years.
It’s always been very polished, well-structured, well-documented, succinct, and beautifully written.
It’s been an inspiration for my own work. I have always striven to emulate them.
That’s why it’s so shocking for me to encounter the terrible quality of the Connect backend. It’s quite painful, and disappointing.
Often though, Javascript is hard to read not because it's been obfuscated, but because its been transpiled and/or minified for smaller network payloads.
I can understand why some don't want to ship their sourcemaps to prod, but also it really doesn't matter all that much.
Let's be honest, when a company makes a website they want you to see the website not the code. Of course front-end code is less private in nature but still, showing it could expose some vulnerabilities.
This issue is very wide-spread.
I wonder how much difference LLMs today have on being able to turn minified JS into something easily readable? JSNice already worked pretty well and I guess that was comparatively naive. You won't really stop anyone motivated to reverse-engineer it by not providing source maps, but you'll definitely stop at least some curious people from understanding how websites work. Your frontend also doesn't suddenly turn "open source" just because you shared the original source via source maps, that part sounds kind of FUD.
Was it, HTML, CSS & Javascript?
And the "leak" is fun for me because you can see how they write their components haha
Svelte files look like HTML+TS files. You aren’t learning some abstraction to HTML, you are just using HTML. But it adds the modern bits you need: reactivity, loops, components, routing, etc. Nothing react doesn’t have, but the devex is great.
Other benefits:
- your app is compiled. You don’t ship the framework to clients, they just get a minimal compiled app.
- The rendering modes are pretty great. Any page can be server side rendered, or client side, with per page flags. You also can easily setup SSR for the first page, and CSR for later pages - both the fastest option. It will even pre-fetch the next page when you hover a link, making most nav instant.
Same goes for most modern frameworks (Solid, Vue, Preact) and even old ones experiencing a renaissance like Angular.
However, they recently added runtime reactivity to be more flexible, so it seems to me they are becoming VueJS.
(note it won't work on apps.apple.com because apple has removed these sourcemaps)