Solutions
By Need
JavaScript Protection
Magecart Mitigation
Mobile App Protection
Data Leakage Prevention
Third Party Control
Customer Hijacking Prevention
User Data Protection & Compliance
By Sector
Financial Services
IT & Software
E-Commerce
Healthcare
Media & OTT
Gaming & Gambling
Products
Code Integrity
Application Shielding
Runtime Protection
JavaScript Threat Monitoring
Webpage Integrity
Webpage Inventory
Third Party Management
User Data Management
Webpage Threat Mitigation
Resources
Partners
Docs
Blog
Learning Hub
Help Center > Code Integrity > Documentation > Profiling > Profiling via CLI

Profiling via CLI

Disclaimer: Before using Profiling, protect your application and verify that performance is an issue (if it isn't, then there is no reason to profile the application).

The Jscrambler CLI offers mechanisms that allow users to easily integrate Application Profiling without the need to do it manually in the Jscrambler Web App.

It's essential for integration with CI/CD platforms as well as with JavaScript frameworks (e.g. React-Native, Nativescript) or module bundlers (e.g webpack, Browserify).

Usage

Regardless of your approach to using Application Profiling, whether it's via the CLI or using our Web App, we recommend that you take a look into Profiling via Web App. This guide will help you to have a clear picture of how the feature works and how its functionalities map into the CLI.

Profiling via The CLI Step-By-Step Guide

This guide assumes that you have already installed the latest version of the Jscrambler CLI and did all the necessary configuration set up. If not, you can find a short step by step guide in API Clients. If you are looking for the JavaScript/NodeJs client documentation, you can go directly to the GitHub repository.

1. Instrumenting the application

Instrumentation is the process of adapting the application to include measurement tools that report to Jscrambler how often and for how long each function of the program runs. It is a process similar to protecting your application.

To instrument the application you should execute the following command:

  jscrambler -c jscrambler.json --instrument --output-dir myInstrumentedApp/ myApp/

Note: In this example, we are assuming that you are using a configuration file named jscrambler.json containing all the required fields (access key, secret key, application ID, etc).

When the instrumentation process finishes, Jscrambler will output the instrumented version of that application to the file/directory specified with the --output-dir flag or filesDest config option. For more information check the client documentation or print the CLI usage by running:

  jscrambler --help

2. Running the Profiler

In this phase, you should use the instrumented version to simulate typical use cases of the application. Make sure to exercise areas where the performance after obfuscation has been an issue. We recommend running the automated tests using the instrumented code, thus ensuring greater coverage of the program flows.

During the execution of the instrumented application, the profiler will collect performance statistics and periodically upload them to our servers. For better results, ensure that the application maintains internet connectivity throughout this process to avoid loss of profiling data.

Make sure that you inform the Jscrambler CLI to start profiling before you start running the application tests.

To indicate the Jscrambler CLI to start the profiling process, run the following command:

  jscrambler -c jscrambler.json --start-profiling

After executing the command successfully, you are ready to start running your tests.

3. Stopping the Profiler

When the tests to the instrumented application have finished, you can stop the profiling process by running:

  jscrambler -c jscrambler.json --stop-profiling

At this point you have finished the profiling process! You can now proceed to the Jscrambler Web App where you will have a Profiling Report ready for analysis. More documentation on this can be found in Profiling via Web App: See Profiling Report.

4. Protecting Your Application

You are all set to protect your application using the profiling settings. To do that, you need to specify the appropriate Profiling Mode. You can check more about it on Profiling Modes.

For example, you could run the following command to protect your app using profiling data:

Keep in mind, that if you update your source code, the previous profiling data will be invalidated. Therefore, we will add an extra option --skip-sources to prevent this behaviour.

  jscrambler -c jscrambler.json --skip-sources --profiling-data-mode automatic

Note: If you are unsure about what are the advantages of using profiling annotations, consider reading the Profiling Annotations documentation.

Once the protection finishes, run the recently protected version and you should notice significant performance improvements over the protected version that did not use profiling data.

Custom Jscrambler Clients

For users that want to implement or are already using a custom Client to interact with Jscrambler. We added a set of methods:

  • instrumentAndDownload : it is similar to the existent protectAndDownload method and allows users to issue an instrumentation request which will return the instrumented application upon success;
  • setProfilingState : allows users to start and stop profiling.

More information on the existent methods can be found in the Jscrambler CLI repository.