uglify does not mangle the variables if "eval()" is present. Command line:
uglifyjs script/script.js --compress --mangle --unsafe /path/to/script
Example:
(function(window, document, $) {
"use strict";
var test = function( $data )
{
eval( $data );
};
test( '' );
})(window, document, jQuery);
Result:
!function(window,document,$){"use strict";var test=function($data){eval($data)};test("")}(window,document,jQuery);
Expected:
!function(n,t,u){"use strict";var c=function(n){eval(n)};c("")}(window,document,jQuery);
I encountered this myself recently, and while this question is quite old now, I think I found the solution.
The reason for this is that eval() could in theory access things from the parent scope there; you could pass "test" as the string and it would actually return the function wrapping eval.
This started happening in my project when I added a fallback to eval() for runtimes without a JSON.parse implementation.
In more recent versions of Uglify it looks like you can disable this as per the documentation:
To enable the mangler you need to pass --mangle (-m). The following (comma-separated) options are supported:
- toplevel — mangle names declared in the toplevel scope (disabled by default).
- eval — mangle names visible in scopes where eval or with are used (disabled by default).