I recently wrote userscript and uploaded it here to get automatic update feature and one-click-install. But, as I read through ToS, I examined that obfuscation is prohibited and there is discussion about minification.

What should I do to help people confirm that my code is not malicious? I already provided @supportURL link to GitHub repo where all sources and build scripts are stored. What to do next?

Re: @Lera_Rosalene:

Obfuscation is, in part, when you can't immediately read it with the existing tools on the site (Beautify for example). From what I've examined on your script you are mangling (shortening to be specific) your identifiers (variables) to one letter identifiers and LF/CR equivalents (minification). This in my book is okay atm however if you start substituting with hex identifiers or making the strings unreadable on what you are doing (base64 for example) then any user may be eligible for immediate, unnotified, removal. localStorage for example on your script, if you were to obfuscate built in identifiers that would be a TOS ding. Usually more critical are external urls, cookies, QSP, port to port, and ajax (xhr) requests. If they become obfuscated then the axe will fall.

What should I do to help people confirm that my code is not malicious?

A SCM (like GitHub, GitLab, etc.) that has the pure raw, readable, code is always a plus for evaluation of the readability. Usually it's best to include a framework stub with the script encapsulated in an IIFE (for your scripts safety) that does it on the fly. For example btoa is a common method in all browsers, in the DOM, to base64 a string on the fly.

Obfuscation can also include if you don't explain what the script is doing. i.e. throwing ads on unsuspecting users. Tell everyone on your script description here on OUJS or you can get the axe as well. Not everyone knows every aspect of JavaScript so it's best to put a clear description both in the script and its relevant "Script Info".

Use your best judgement. As it stands now with 0.1.5+ba9dba3 of your script I don't see any immediate issue flags at this time.

OUJS Admin

atob for those being picky too... inverse function. If you need specific implementations usually it's best to have a library from a common, well known, source.

OUJS Admin