When does create-react-app obfuscate or minify code?

this helped me:

"scripts": {
    "build": "set \"GENERATE_SOURCEMAP=false\" && react-scripts build",   
  },

Just build it with --nomaps parameter:

npm run build --nomaps

React minifies the code during the build and generates source maps. JS ends up being sort of obfuscated as a byproduct of minification, not because of secrecy. That way, the end users are able to load scripts faster than if they were not minified, and you (and everybody else) get to navigate around original code when you (or they) open Developer Tools.

If you take a look in build/static/js directory after the build, there are pairs of .js and .map files. JS files are loaded with your website, and .map files are loaded on demand, when Developer Tools are opened.

To disable sourcemap generation, run your build with GENERATE_SOURCEMAP environment variable set to false.

GENERATE_SOURCEMAP=false npm run build

or

GENERATE_SOURCEMAP=false yarn build

or make it part of build script in package.json

  {
    …
    "scripts": {
      …
-     "build": "react-scripts build"
+     "build": "GENERATE_SOURCEMAP=false react-scripts build"
    }
  }

If you omit the sourcemap generation, .map files will not end up in production, and your original source code will not be available for anyone (including you).


There is a better way to make sure source maps are not included. Create .env file in your project root folder and add GENERATE_SOURCEMAP=false. You will get you build without source maps.