It may not be at the same level as disassembling binary code w/ IDA or what have you, but un-minifying or un-obfuscating JavaScript is not a trivial exercise by any means.
(If I were in a nitpicking mood I would also point out that the source is what is fed into the minifier or obfuscator, not what comes out.)
un-minifying javascript is very trivial. you just copy and paste it into an online javascript beautifier. you won't get the original un-obfuscated source with original comments, but you'll get readable javasript that you can easily parse visually.
as I said above, de-obfuscating a large javascript app that's been obfuscated/minified by proprietary tools is virtually impossible to decode. Try running some of google's code - gmail, docs, take your pick - through your beautifier ;)
I don't know if anybody uses proprietary tools to minify and obfuscate their javascript. We all use the same minification tools, with different features selected. Seems like most people use YUI compressor, or one of the others listed here http://compressorrater.thruhere.net/. I assume Google is using their closure tools (which I've never played with myself).
It's a lot easier to reverse-engineer the site than to build it from scratch yourself. You won't get all the comments, and some of the names of functions and variables and whatnot may lose their semantic meaning in favor of shorter names. But yes, it is trivial to unminify the source and work through it. If it's 10k+ lines of code, that's never trivial to understand and get it all in your head, but the concern is absolutely valid. If you think minifying/obfuscating is securing your code intellectual property, you're fooling yourself. It's like security through obscurity... it's not really offering you any protection.
That doesn't sound right to me. People will rewrite code that already exists as open source because they don't want to take the time to understand someone else's code. But you're saying that some will reverse engineer a JS app from minified code rather than just rewrite it. Are there any examples of this actually happening?
I'm a curious guy and have deciphered small-ish amounts of minified and/or obfuscated JS before. It is absolutely not trivial. Especially if it's obfuscated.
"un-minifying or un-obfuscating JavaScript is not a trivial exercise by any means."
I think you mean that understanding obfuscated code is not trivial. Un-minifying is certainly trivial. There are tools to do it for you. There's no such thing as un-obfuscating, if you consider that you can't get the original comments or all the semantic naming back. So I'll concede that it's more difficult to read through this obfuscated code than the original. But the original comment in this long thread seems valid to me... that an entirely client side app puts you at much greater risk for cloning than an app with a significant portion of code in back-end, just because your javascript is out there for all to see.
