Why your frontend repo is private?
Ok, Let me ask this very brave question. Why in 2020, the pure frontend code repo is still private?
In my opinion, there are no such benefits by keeping frontend code repo in private walls.
1. The output is already public
we generate the build/dist folder by webpack or similar tools. this is the end result of most frontend repo. and this folder is already public.
If anybody can do something by looking at your public frontend repo, she/he can do the same thing by looking at your dist folder too.
By uglifying and other stuff, we just reduce the small probability.
2. Data is precious, it is hidden by API
What exactly we are securing? Data, Server side stuff? All the security stuff goes on Backend APIs. APIs are responsible for security.
Backend APIs can be triggered from console and frontend “display: none” on an unauthorized part is the foolish trick.
3. Advantages when you public your frontend repo.
- Others will read the code and the speed of frontend evolution will increase and we can soon reach either “frontend singularity” or “frontend fully defined”.
- We all will be super cautious about not putting anything “secret” in the git repo.
- Instead of asking “Useless and Complex” algo questions, we can actually assign a real bug for the interview.
- Many things annoy on many websites, and I always think, If I can generate a pull request.
- maybe you can comment on a few advantages and disadvantages.
I really, don’t know if this ever is possible, but I really don’t see any point in keeping the frontend repo private. Of course, there are server-rendered web apps, which will always remain private and that is okay.
