npm - expose-kit - Versions diffs - 0.10.0 → 0.10.2 - Mend

expose-kit 0.10.0 → 0.10.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -1,230 +1,233 @@
-# Expose Kit
-![release workflow](https://github.com/evex-dev/linejs/actions/workflows/release.yml/badge.svg)
-[![](https://dcbadge.limes.pink/api/server/evex)](https://discord.gg/evex)
-> A universal toolkit for JavaScript deobfuscation
----
-## What is this?
-JavaScript deobfuscation tools are everywhere.
-But many of them are **too aggressive**, rewriting code until it breaks.
-Expose Kit takes a **different approach**.
-- No brute force
-- Step-by-step, verifiable transforms
-- Designed to *not* break your code silently
-Each transformation is meant to be **checked and validated**, so you always know *when* something goes wrong.
-Alongside deobfuscation, Expose Kit also provides a set of **practical utilities** for working with obfuscated JavaScript.
----
-## Installation
-Just one step:
-```bash
-npm i -g expose-kit
-# or
-bun i -g expose-kit
-```
-```bash
-expose --help
-expose parsable sample.js
-```
----
-## Usage Notes
-### Default arguments
-- The first argument is the input file
-  (`--file` / `--input` can also be used)
-- If required options are missing, Expose Kit will **prompt you**
-- A timeout is enabled by default to avoid hangs
-  Use `--unlimited` for long-running execution
----
-## Recommended Workflow
-First, an important premise:
-> It is **impossible** to create a static deobfuscation tool that *never* breaks.
-Reasons include:
-- Unpredictable execution (`eval`, dynamic code)
-- Bugs or edge cases in AST manipulation
-Because of this, you should **verify the code at every step**.
-### 1. Always verify with `parsable`
-After each transformation, run:
-```bash
-expose parsable file.js
-```
-This ensures the syntax is still valid.
----
-### 2. Make scopes safe first
-One of the most common causes of breakage is **variable name confusion**.
-If you try to write your own deobfuscation logic (e.g. in Python), you’ll quickly realize how painful it is to track scopes correctly.
-That’s why you should **always start with**:
-```bash
-expose safe-scope input.js
-```
-This renames bindings per scope, producing code like:
-```js
-Before: var x = 810;((x) => console.log(x))(114514);
-After:  var x = 810;((_x) => console.log(_x))(114514);
-```
-With this alone:
-- The code becomes far more resistant to breakage
-- Writing custom deobfuscation logic becomes much easier
-- You no longer need to worry about scope collisions
----
-### 3. Apply transforms step by step
-After `safe-scope`, combine common techniques like:
-- `expand-array`, `expand-object` and more
-- legacy obfuscator-specific commands
-After **each step**, run `parsable` again.
-Expose Kit will also clearly indicate whether a **diff** exists, making inspection easy.
-Repeat this process, and the original code will gradually reveal itself.
----
-## Commands
-### `expose parsable`
-Check whether a file is syntactically valid.
-```js
-parsable:     const x = 810;
-not parsable: const ;x; == 810;
-```
-```bash
-expose parsable path/to/file.js
-```
-Args:
-- Default args only
----
-### `expose safe-scope`
-Rename bindings per scope for safer transformations.
-```bash
-expose safe-scope path/to/file.js --output path/to/file.safe-scope.js
-```
-Example is [here](https://github.com/evex-dev/expose-kit/tree/main/commands/safe-scope/mocks).
-Args:
-- `--o, --output <file>`
-  Output file path
-  - No extension → `file.safe-scope.js`
-  - With extension → `file.safe-scope.<ext>`
----
-### `expose pre-evaluate`
-Pre-evaluate const numeric/string expressions. (Safe evaluate)
-```js
-const a = 1 + 2 * 3; // => 7
-const c = "aaaa";
-const b = "a" + c; // => "aaaaa"
-```
-```bash
-expose pre-evaluate path/to/file.js --output path/to/file.pre-evaluate.js
-```
-Args:
-- `--o, --output <file>`
-  Output file path
-  - No extension → `file.pre-evaluate.js`
-  - With extension → `file.pre-evaluate.<ext>`
----
-### `expose expand-array`
-Expand array index access for primitive values.
-```js
-var a = [1, 1, 4, 5, 1, 4];
-// before
-console.log(a[0], a[2], a[3]);
-// after
-console.log(1, 4, 5);
-```
-Example is [here](https://github.com/evex-dev/expose-kit/tree/main/commands/expand-array/mocks).
-```bash
-expose expand-array path/to/file.js --target arrayName --output path/to/file.expand-array.js
-```
-Args:
-- `--target <name>`
-  Target array variable name
-- `--o, --output <file>`
-  Output file path
-Notes:
-- Each replacement is validated by reparsing; unsafe replacements are skipped.
-    (This array is intended to be immutable, so caution is required)
----
+# Expose Kit
+![release workflow](https://github.com/evex-dev/linejs/actions/workflows/release.yml/badge.svg)
+[![](https://dcbadge.limes.pink/api/server/evex)](https://discord.gg/evex)
+> A universal toolkit for JavaScript deobfuscation
+---
+## What is this?
+JavaScript deobfuscation tools are everywhere.
+But many of them are **too aggressive**, rewriting code until it breaks.
+Expose Kit takes a **different approach**.
+- No brute force
+- Step-by-step, verifiable transforms
+- Designed to *not* break your code silently
+Each transformation is meant to be **checked and validated**, so you always know *when* something goes wrong.
+Alongside deobfuscation, Expose Kit also provides a set of **practical utilities** for working with obfuscated JavaScript.
+---
+## Installation
+Just one step:
+```bash
+npm i -g expose-kit
+# or
+bun i -g expose-kit
+```
+```bash
+expose --help
+expose parsable sample.js
+```
+---
+## Usage Notes
+### Default arguments
+- The first argument is the input file
+  (`--file` / `--input` can also be used)
+- If required options are missing, Expose Kit will **prompt you**
+- A timeout is enabled by default to avoid hangs
+  Use `--unlimited` for long-running execution
+---
+## Recommended Workflow
+First, an important premise:
+> It is **impossible** to create a static deobfuscation tool that *never* breaks.
+Reasons include:
+- Unpredictable execution (`eval`, dynamic code)
+- Bugs or edge cases in AST manipulation
+Because of this, you should **verify the code at every step**.
+### 1. Always verify with `parsable`
+After each transformation, run:
+```bash
+expose parsable file.js
+```
+This ensures the syntax is still valid.
+---
+### 2. Make scopes safe first
+One of the most common causes of breakage is **variable name confusion**.
+If you try to write your own deobfuscation logic (e.g. in Python), you’ll quickly realize how painful it is to track scopes correctly.
+That’s why you should **always start with**:
+```bash
+expose safe-scope input.js
+```
+This renames bindings per scope, producing code like:
+```js
+Before: var x = 810;((x) => console.log(x))(114514);
+After:  var x = 810;((_x) => console.log(_x))(114514);
+```
+With this alone:
+- The code becomes far more resistant to breakage
+- Writing custom deobfuscation logic becomes much easier
+- You no longer need to worry about scope collisions
+---
+### 3. Apply transforms step by step
+After `safe-scope`, combine common techniques like:
+- `expand-array`, `expand-object` and more
+After **each step**, run `parsable` and `remove-unused` again.
+    (even if it's not frequent, we might overlook something broken)
+Expose Kit will also clearly indicate whether a **diff** exists, making inspection easy.
+Repeat this process, and the original code will gradually reveal itself.
+---
+## Commands
+### `expose parsable`
+Check whether a file is syntactically valid.
+```js
+parsable:     const x = 810;
+not parsable: const ;x; == 810;
+```
+```bash
+expose parsable path/to/file.js
+```
+Args:
+- Default args only
+---
+### `expose safe-scope`
+Rename bindings per scope for safer transformations.
+```bash
+expose safe-scope path/to/file.js --output path/to/file.safe-scope.js
+```
+Example is [here](https://github.com/evex-dev/expose-kit/tree/main/commands/safe-scope/mocks).
+Args:
+- `--o, --output <file>`
+  Output file path
+  - No extension → `file.safe-scope.js`
+  - With extension → `file.safe-scope.<ext>`
+---
+### `expose pre-evaluate`
+Pre-evaluate const numeric/string expressions. (Safe evaluate)
+```js
+const a = 1 + 2 * 3; // => 7
+const c = "aaaa";
+const b = "a" + c; // => "aaaaa"
+```
+```bash
+expose pre-evaluate path/to/file.js --output path/to/file.pre-evaluate.js
+```
+Args:
+- `--o, --output <file>`
+  Output file path
+  - No extension → `file.pre-evaluate.js`
+  - With extension → `file.pre-evaluate.<ext>`
+Notes:
+- Inlines zero-arg functions that return safe array literals by hoisting them to a var.
+---
+### `expose expand-array`
+Expand array index access for primitive values.
+```js
+var a = [1, 1, 4, 5, 1, 4];
+// before
+console.log(a[0], a[2], a[3]);
+// after
+console.log(1, 4, 5);
+```
+Example is [here](https://github.com/evex-dev/expose-kit/tree/main/commands/expand-array/mocks).
+```bash
+expose expand-array path/to/file.js --target arrayName --output path/to/file.expand-array.js
+```
+Args:
+- `--target <name>`
+  Target array variable name
+- `--o, --output <file>`
+  Output file path
+Notes:
+- Each replacement is validated by reparsing; unsafe replacements are skipped.
+    (This array is intended to be immutable, so caution is required)
+---
 ### `expose expand-object`
-Expand object property access for primitive values.
-```js
-const obj = { a: 1, b: 2 };
-// before
-console.log(obj.a, obj["b"]);
-// after
-console.log(1, 2);
-```
-Example is [here](https://github.com/evex-dev/expose-kit/tree/main/commands/expand-object/mocks).
-```bash
-expose expand-object path/to/file.js --target objectName --output path/to/file.expand-object.js
-```
-Args:
-- `--target <name>`
-  Target object variable name
-- `--o, --output <file>`
-  Output file path
+Expand object property access for primitive values.
+```js
+const obj = { a: 1, b: 2 };
+// before
+console.log(obj.a, obj["b"]);
+// after
+console.log(1, 2);
+```
+Example is [here](https://github.com/evex-dev/expose-kit/tree/main/commands/expand-object/mocks).
+```bash
+expose expand-object path/to/file.js --target objectName --output path/to/file.expand-object.js
+```
+Args:
+- `--target <name>`
+  Target object variable name
+- `--o, --output <file>`
+  Output file path
 Notes:
 - Each replacement is validated by reparsing; unsafe replacements are skipped.
     (This object is intended to be immutable, so caution is required)
@@ -376,35 +379,35 @@ Notes:
 ### `expose remove-unused`
 Remove unused variabless.
-```js
-// before
-var a = 0, b = 1;
-console.log(a);
-// after
-var a = 0;
-console.log(a);
-```
-Example is [here](https://github.com/evex-dev/expose-kit/tree/main/commands/remove-unused/mocks).
-```bash
-expose remove-unused path/to/file.js --output path/to/file.remove-unused.js
-```
-Args:
-- `--o, --output <file>`
-  Output file path
-## Community & Support
-- Missing a feature? → [Create an issue](https://github.com/EdamAme-x/expose-kit/issues)
-- Not sure which command to use? → Join our [Discord](https://evex.land)
----
-## Author
-- [EdamAme-x](https://github.com/EdamAme-x)
-Built for research, not abuse.
-Want stronger obfuscation? Then build something this tool can’t reverse.
+```js
+// before
+var a = 0, b = 1;
+console.log(a);
+// after
+var a = 0;
+console.log(a);
+```
+Example is [here](https://github.com/evex-dev/expose-kit/tree/main/commands/remove-unused/mocks).
+```bash
+expose remove-unused path/to/file.js --output path/to/file.remove-unused.js
+```
+Args:
+- `--o, --output <file>`
+  Output file path
+## Community & Support
+- Missing a feature? → [Create an issue](https://github.com/EdamAme-x/expose-kit/issues)
+- Not sure which command to use? → Join our [Discord](https://evex.land)
+---
+## Author
+- [EdamAme-x](https://github.com/EdamAme-x)
+Built for research, not abuse.
+Want stronger obfuscation? Then build something this tool can’t reverse.

package/dist/index.js CHANGED Viewed

@@ -8,8 +8,8 @@ import chalk4 from "chalk";
 // utils/cli/createCommand.ts
 var createCommand = (creator) => {
-  return (program2) => {
-    creator(program2);
+  return (program3) => {
+    creator(program3);
   };
 };
@@ -85,8 +85,8 @@ var showError = (message) => {
 };
 // commands/parsable/index.ts
-var parsable_default = createCommand((program2) => {
-  program2.command("parsable").description("Check if the file is parsable").argument("[file]", "The file to check").option("--input, --file <file>", "The file to check").option("--unlimited", "Unlimited timeout").action(
+var parsable_default = createCommand((program3) => {
+  program3.command("parsable").description("Check if the file is parsable").argument("[file]", "The file to check").option("--input, --file <file>", "The file to check").option("--unlimited", "Unlimited timeout").action(
     async (fileArgument, options) => {
       await timeout(
         async ({ finish }) => {
@@ -215,8 +215,8 @@ var renameBindingsByScope = (code, filename) => {
   });
   return patchDefault(generate)(ast).code;
 };
-var safe_scope_default = createCommand((program2) => {
-  program2.command("safe-scope").description("Rename bindings per scope for safer transforms").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
+var safe_scope_default = createCommand((program3) => {
+  program3.command("safe-scope").description("Rename bindings per scope for safer transforms").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
     async (fileArgument, options) => {
       await timeout(
         async ({ finish }) => {
@@ -450,8 +450,8 @@ var expandArrayAccess = async (code, filename, targetName) => {
     replacedCount
   };
 };
-var expand_array_default = createCommand((program2) => {
-  program2.command("expand-array").description("Expand array index access for primitive values").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--target <name>", "Target array variable name").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
+var expand_array_default = createCommand((program3) => {
+  program3.command("expand-array").description("Expand array index access for primitive values").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--target <name>", "Target array variable name").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
     async (fileArgument, options) => {
       await timeout(
         async ({ finish }) => {
@@ -721,8 +721,8 @@ var expandObjectAccess = async (code, filename, targetName) => {
     replacedCount
   };
 };
-var expand_object_default = createCommand((program2) => {
-  program2.command("expand-object").description("Expand object property access for primitive values").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--target <name>", "Target object variable name").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
+var expand_object_default = createCommand((program3) => {
+  program3.command("expand-object").description("Expand object property access for primitive values").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--target <name>", "Target object variable name").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
     async (fileArgument, options) => {
       await timeout(
         async ({ finish }) => {
@@ -908,8 +908,8 @@ var packObjectProperties = (code, filename) => {
     removedStatements
   };
 };
-var object_packer_default = createCommand((program2) => {
-  program2.command("object-packer").description("Pack consecutive object property assignments into literals").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
+var object_packer_default = createCommand((program3) => {
+  program3.command("object-packer").description("Pack consecutive object property assignments into literals").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
     async (fileArgument, options) => {
       await timeout(
         async ({ finish }) => {
@@ -1105,6 +1105,108 @@ var shouldSkipReferencedIdentifier = (path) => {
   }
   return false;
 };
+var getArrayReturnExpression = (node) => {
+  if (node.params.length !== 0) return null;
+  if (t4.isBlockStatement(node.body)) {
+    if (node.body.body.length !== 1) return null;
+    const statement = node.body.body[0];
+    if (!t4.isReturnStatement(statement) || !statement.argument) return null;
+    return t4.isArrayExpression(statement.argument) ? statement.argument : null;
+  }
+  return t4.isArrayExpression(node.body) ? node.body : null;
+};
+var isSafeArrayElement = (node) => {
+  if (!node) return true;
+  if (t4.isNumericLiteral(node) || t4.isStringLiteral(node) || t4.isBooleanLiteral(node) || t4.isNullLiteral(node)) {
+    return true;
+  }
+  if (t4.isUnaryExpression(node) && (node.operator === "-" || node.operator === "+") && t4.isNumericLiteral(node.argument)) {
+    return true;
+  }
+  if (t4.isArrayExpression(node)) {
+    return node.elements.every((element) => {
+      if (element === null) return true;
+      if (t4.isSpreadElement(element)) return false;
+      return isSafeArrayElement(element);
+    });
+  }
+  return false;
+};
+var isSafeArrayExpression = (node) => {
+  return node.elements.every((element) => {
+    if (element === null) return true;
+    if (t4.isSpreadElement(element)) return false;
+    return isSafeArrayElement(element);
+  });
+};
+var collectArrayReturnFunctions = (ast) => {
+  const results = [];
+  let counter = 0;
+  patchDefault(traverse5)(ast, {
+    FunctionDeclaration(path) {
+      if (!path.node.id) return;
+      const arrayExpression = getArrayReturnExpression(path.node);
+      if (!arrayExpression || !isSafeArrayExpression(arrayExpression)) return;
+      const binding = path.scope.getBinding(path.node.id.name);
+      if (!binding) return;
+      const programScope = path.scope.getProgramParent();
+      let replacementName = `${path.node.id.name}_${counter}`;
+      counter += 1;
+      while (programScope.hasBinding(replacementName)) {
+        replacementName = `${path.node.id.name}_${counter}`;
+        counter += 1;
+      }
+      results.push({
+        binding,
+        arrayNode: arrayExpression,
+        replacementName,
+        used: false
+      });
+    },
+    VariableDeclarator(path) {
+      if (!t4.isIdentifier(path.node.id)) return;
+      const init = path.node.init;
+      if (!init || !t4.isFunctionExpression(init) && !t4.isArrowFunctionExpression(init)) {
+        return;
+      }
+      const arrayExpression = getArrayReturnExpression(init);
+      if (!arrayExpression || !isSafeArrayExpression(arrayExpression)) return;
+      const binding = path.scope.getBinding(path.node.id.name);
+      if (!binding || !binding.constant || binding.kind !== "const") return;
+      const programScope = path.scope.getProgramParent();
+      let replacementName = `${path.node.id.name}_${counter}`;
+      counter += 1;
+      while (programScope.hasBinding(replacementName)) {
+        replacementName = `${path.node.id.name}_${counter}`;
+        counter += 1;
+      }
+      results.push({
+        binding,
+        arrayNode: arrayExpression,
+        replacementName,
+        used: false
+      });
+    }
+  });
+  return results;
+};
+var insertArrayReturnDeclarations = (ast, functions) => {
+  const declarations = functions.filter((info) => info.used).map(
+    (info) => t4.variableDeclaration("var", [
+      t4.variableDeclarator(
+        t4.identifier(info.replacementName),
+        t4.cloneNode(info.arrayNode, true)
+      )
+    ])
+  );
+  if (declarations.length === 0) return;
+  const body = ast.program.body;
+  let insertIndex = 0;
+  while (insertIndex < body.length && t4.isExpressionStatement(body[insertIndex]) && "directive" in (body[insertIndex] || {})) {
+    insertIndex += 1;
+  }
+  body.splice(insertIndex, 0, ...declarations);
+};
 var preEvaluate = (code, filename) => {
   const ast = parse6(code, createParseOptions(filename));
   const state = {
@@ -1112,7 +1214,23 @@ var preEvaluate = (code, filename) => {
     bindingStack: /* @__PURE__ */ new Set()
   };
   let replacedCount = 0;
+  const arrayReturnFunctions = collectArrayReturnFunctions(ast);
+  const arrayReturnMap = /* @__PURE__ */ new Map();
+  for (const info of arrayReturnFunctions) {
+    arrayReturnMap.set(info.binding, info);
+  }
   patchDefault(traverse5)(ast, {
+    CallExpression(path) {
+      if (!t4.isIdentifier(path.node.callee)) return;
+      if (path.node.arguments.length !== 0) return;
+      const binding = path.scope.getBinding(path.node.callee.name);
+      if (!binding) return;
+      const info = arrayReturnMap.get(binding);
+      if (!info) return;
+      path.replaceWith(t4.identifier(info.replacementName));
+      info.used = true;
+      replacedCount += 1;
+    },
     ReferencedIdentifier(path) {
       if (shouldSkipReferencedIdentifier(path)) {
         return;
@@ -1163,13 +1281,14 @@ var preEvaluate = (code, filename) => {
       }
     }
   });
+  insertArrayReturnDeclarations(ast, arrayReturnFunctions);
   return {
     code: patchDefault(generate5)(ast).code,
     replacedCount
   };
 };
-var pre_evaluate_default = createCommand((program2) => {
-  program2.command("pre-evaluate").description("Pre-evaluate const numeric/string expressions").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
+var pre_evaluate_default = createCommand((program3) => {
+  program3.command("pre-evaluate").description("Pre-evaluate const numeric/string expressions").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
     async (fileArgument, options) => {
       await timeout(
         async ({ finish }) => {
@@ -1262,8 +1381,8 @@ var removeUpdaters = (code, filename) => {
     replacedCount
   };
 };
-var remove_updater_default = createCommand((program2) => {
-  program2.command("remove-updater").description("Replace safe update expressions with += or -=").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
+var remove_updater_default = createCommand((program3) => {
+  program3.command("remove-updater").description("Replace safe update expressions with += or -=").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
     async (fileArgument, options) => {
       await timeout(
         async ({ finish }) => {
@@ -1505,8 +1624,8 @@ var removeReassign = (code, filename) => {
     wrapperReplacedCount
   };
 };
-var remove_reassign_default = createCommand((program2) => {
-  program2.command("remove-reassign").description("Inline safe alias assignments and wrapper calls").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
+var remove_reassign_default = createCommand((program3) => {
+  program3.command("remove-reassign").description("Inline safe alias assignments and wrapper calls").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
     async (fileArgument, options) => {
       await timeout(
         async ({ finish }) => {
@@ -1611,8 +1730,8 @@ var removeUnusedVariables = (code, filename) => {
     changed
   };
 };
-var remove_unused_default = createCommand((program2) => {
-  program2.command("remove-unused").description("Remove unused variables and declarations").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
+var remove_unused_default = createCommand((program3) => {
+  program3.command("remove-unused").description("Remove unused variables and declarations").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
     async (fileArgument, options) => {
       await timeout(
         async ({ finish }) => {
@@ -1682,11 +1801,15 @@ var isProxyFunctionExpression = (node) => {
   return t8.isFunction(node) && node.params.every((param) => t8.isIdentifier(param)) && (t8.isBlockStatement(node.body) && node.body.body.length === 1 && t8.isReturnStatement(node.body.body[0]) && (node.body.body[0].argument === void 0 || t8.isExpression(node.body.body[0].argument) && isProxyValue(node.body.body[0].argument)) || t8.isArrowFunctionExpression(node) && t8.isExpression(node.body) && isProxyValue(node.body));
 };
 var isProxyValue = (node) => {
-  if (t8.isFunction(node) || t8.isBlockStatement(node) || t8.isSequenceExpression(node)) {
+  if (t8.isFunction(node) || t8.isBlockStatement(node) || t8.isSequenceExpression(node) || t8.isAssignmentExpression(node)) {
     return false;
   }
   let isValid = true;
-  walk(node, {
+  if (!t8.isExpression(node)) {
+    return false;
+  }
+  const wrapper = t8.file(t8.program([t8.expressionStatement(node)]));
+  walk(wrapper, {
     "SequenceExpression|BlockStatement|Function|AssignmentExpression"(path) {
       isValid = false;
       path.stop();
@@ -1716,9 +1839,31 @@ var ProxyFunction = class {
       ])
     );
     const pathsToReplace = [];
-    walk(expression, {
+    const shouldSkipIdentifier = (path) => {
+      const parent = path.parentPath;
+      if (!parent) return false;
+      if (parent.isMemberExpression() || parent.isOptionalMemberExpression()) {
+        if (path.key === "property" && !parent.node.computed) {
+          return true;
+        }
+      }
+      if (parent.isObjectProperty()) {
+        if (parent.node.shorthand) return true;
+        if (parent.get("key") === path && !parent.node.computed) {
+          return true;
+        }
+      }
+      if (parent.isObjectMethod()) {
+        if (parent.get("key") === path && !parent.node.computed) {
+          return true;
+        }
+      }
+      return false;
+    };
+    const wrapper = t8.file(t8.program([t8.expressionStatement(expression)]));
+    walk(wrapper, {
       enter(path) {
-        if (t8.isIdentifier(path.node) && !(path.parentPath?.isMemberExpression() && path.key === "property") && paramMap.has(path.node.name)) {
+        if (t8.isIdentifier(path.node) && !shouldSkipIdentifier(path) && paramMap.has(path.node.name)) {
           const replacement = paramMap.get(path.node.name);
           pathsToReplace.push([path, replacement]);
         }
@@ -1794,8 +1939,8 @@ var inlineProxyFunctions = (code, filename) => {
     replacedCount
   };
 };
-var fn_inliner_default = createCommand((program2) => {
-  program2.command("fn-inliner").description("Inline proxy function calls into expressions").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
+var fn_inliner_default = createCommand((program3) => {
+  program3.command("fn-inliner").description("Inline proxy function calls into expressions").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
     async (fileArgument, options) => {
       await timeout(
         async ({ finish }) => {
@@ -1977,8 +2122,8 @@ var sequenceSplit = (code, filename) => {
     changedCount
   };
 };
-var sequence_split_default = createCommand((program2) => {
-  program2.command("sequence-split").description("Split sequence expressions into statements").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
+var sequence_split_default = createCommand((program3) => {
+  program3.command("sequence-split").description("Split sequence expressions into statements").argument("[file]", "The file to transform").option("--input, --file <file>", "The file to transform").option("--o, --output <file>", "Output file path").option("--unlimited", "Unlimited timeout").action(
     async (fileArgument, options) => {
       await timeout(
         async ({ finish }) => {
@@ -2078,13 +2223,21 @@ ${calmGradienrain(`Expose Kit v${VERSION}`)}
 // index.ts
 import { readFileSync as readFileSync12 } from "fs";
+import updateNotifier from "update-notifier";
 var __filename = fileURLToPath(import.meta.url);
 var __dirname = dirname11(__filename);
 var pkg = JSON.parse(readFileSync12(join11(__dirname, "package.json"), "utf8"));
+var notifier = updateNotifier({
+  pkg,
+  updateCheckInterval: 0
+});
+if (notifier.update) {
+  console.log(`${chalk4.yellow("Update available:")} ${notifier.update.latest}`);
+}
 console.log(showCredit(pkg.version));
 console.log();
-var program = new Command();
-program.name("expose").description("CLI for Deobfuscating").version(
+var program2 = new Command();
+program2.name("expose").description("CLI for Deobfuscating").version(
   chalk4.bold("It's written above, lol"),
   "-v, --version",
   "display version number"
@@ -2103,6 +2256,6 @@ var commands = [
   sequence_split_default
 ];
 for (const command of commands) {
-  command(program);
+  command(program2);
 }
-program.parse();
+program2.parse();

package/dist/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "expose-kit",
-	"version": "0.10.0",
+	"version": "0.10.2",
 	"type": "module",
 	"private": false,
 	"author": "EdamAmex <edame8080@gmail.com> (https://github.com/EdamAme-x)",
@@ -42,9 +42,11 @@
 		"@babel/types": "^7.28.5",
 		"@types/babel__generator": "^7.27.0",
 		"@types/babel__traverse": "^7.28.0",
+		"@types/update-notifier": "^6.0.8",
 		"chalk": "^5.6.2",
 		"commander": "^14.0.2",
-		"loading-cli": "^1.1.2"
+		"loading-cli": "^1.1.2",
+		"update-notifier": "^7.3.1"
 	},
 	"bin": {
 		"expose": "dist/index.js",

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
 	"name": "expose-kit",
-	"version": "0.10.0",
+	"version": "0.10.2",
 	"type": "module",
 	"private": false,
 	"author": "EdamAmex <edame8080@gmail.com> (https://github.com/EdamAme-x)",
@@ -42,9 +42,11 @@
 		"@babel/types": "^7.28.5",
 		"@types/babel__generator": "^7.27.0",
 		"@types/babel__traverse": "^7.28.0",
+		"@types/update-notifier": "^6.0.8",
 		"chalk": "^5.6.2",
 		"commander": "^14.0.2",
-		"loading-cli": "^1.1.2"
+		"loading-cli": "^1.1.2",
+		"update-notifier": "^7.3.1"
 	},
 	"bin": {
 		"expose": "dist/index.js",