[ehwhyreally]

Or you could just use lodash source and compile using your own compiler like rollup and remove uglification.

Or just not use lodash. most of their helpers are easily done these days.

[stygiansonic]

From the article: “In other words, this had nothing to do with code obfuscation or minification. My extension would still include the violating strings even if it were published without processing the source code in any way, simply because Lodash explicitly declares Unicode characters.”

[ehsankia]

While it's true that the part that was tagged happened to be the Unicode declaration bit, it's still not a proof that the unminified version would've gotten hit too, especially once you have the full variable names and comments explaining what the code does.

Random binary strings looks a lot more like obfuscated code when it's minified. The easier to make it for the reviewer to understand what the code does, the less likely it is to get taken down.

At the end of the day, the goal is to put a stop to extensions being bought off and tracking code being added to them in an obfuscated way.

[jbackus]

Nope. If you read the post, you'll see he mentions that it isn't related to uglification. It's a definition of unicode characters

[charcircuit]

To me the problem seems to be minification causing something to look like obfuscation. If you look at the article you can see that the minifier combined the short strings of hex characters into longer ones. I think it's entirely possible that the length of a string like that plays a factor in what gets flagged.

[jfrunyon]

He does indeed mention that. However, as he is not Google, I'm not sure how he could possibly know that.