Hey there board members… got a question here, 'cause I am stumped.
I have been using AppleScript (stand-alone) as well as FaceSpan (OS 9) for many years, and I am now starting to utilize AppleScript Studio… and it is going quite well.
I am writing my first full-blown program in AppleScript Studio… however, I am not happy that anyone (with even just a little OS X Mac experience) can use the “Show Package Contents” sub-menu item to get full access to my scripts, that are the heart of the program (Contents > Resources > Scripts). I am doing some fairly “innovative” things, and I don’t want every Tom, Dick and Harry to come along and copy-cat me by simply stealing the code I have worked so hard on… at least those without some technical experience under their belt (and the initiative to try and do it themselves as well).
I keep trying to figure out a way to hide them, encrypt them (without making my program 10x larger than it is), kill access rights to them and so forth… but I can not seem to figure out how to hide my scripts from snoopers.
You need to build your project with the deployment set as the active build style, not development. Before that though you need to remove your scripts from the built application.
In XCode, to set your active build style, right click on the top item in the groups and files column on the left of your XCode window, then select get info from the contextual menu, click on the styles tab. At the top of the tabbed pane you will see Active Build Style: and a popup menu. Select “Deployment”. Close the window and rebuild your application.
After this your code will be unreadable, but determined people can find out your variable names, and even perhaps work out registration numbers etc if they are built into the script and associated with obviously named variables.
After you remove your scripts, and have set the build style to deployment, you then rebuild your application. The scripts will be recreated, but they will be tokenized and the source will not be available which is similar to saving your script as run only in the script editor.
What i prefer to do (and that’s for every kind of projects) is to clean every target before compiling the final application, it’s longer but safer, you won’t have to wonder wether or not your scripts are still in the bundle or not :=)
a - Clean the project
b - Choose the Target Pane => set the target to ‘Deployment’
c - Compile your project => your scripts won’t be editable
XCode or PB knows what to compile by comparing the dates of modifications between the sources and the executable, if you don’t modify the sources, then the executable won’t be modified and your scripts will still be editable. If you clean the target, the last executable will be deleted and the executable will be rebuild from scratch and then your scripts won’t be editable anymore because you have change to ‘Deployment’ (the one to use when you wan to deliver your work to others)
but unless i’m missing something, this doesn’t alter the problem that ktam was addressing.
by merely building as deployment instead of development, the script is not editable or readable in Script Editor, but it IS openable in a text editor and semi-readable.
ktam is discussing some way to eliminate even that, but i don’t understand what he means by “removing” the scripts.
You mean that you can see the code of the script ?
I’ve a couple of applescript studio application here, and the script is no editable, I canopen it with textEdit, but there is nothing usable by a user to reverse-engineer
the code of the application.
see ktam’s first post. you can get SOME info out of the script, which could be important in trying to reverse engineer registration codes, to think of one example.
ktam seems to have a solution, but i don’t understand how to implement it.
I’m afraid I don’t have a solution. The scripts will always remain semi-readable. Jean-Baptiste’s solution is just a neater way of doing the same thing that I suggested. In other words, you can use both methods to stop people from working out your latest nifty AppleScript coding trick, but you should be aware that it is not very good if you do something like:
set gListOfValidRegistrationNumbers = {“0x086ef73a”, “0x056efea7”, “0xABCDEF01”, “0x012345678”}
because your variable name is obviously named and a list of valid registration numbers follow. Just use some other variable name and mask your registration numbers in some way should be enough to disguise your registration number mechanism from all but the most determined, and those people are almost impossible to beat anyway. It is just a question of diminishing returns.