I’d like to give my 2 cents as I see this is a recurrent discussion about Web Core. I didn’t participate in the meeting, so I can’t speak about what was discussed there, specifically.
But when you talk about web applications, usually the discussion is a moot point. It’s inherent of web applications that the “source code” is always available.
That’s also what happens with Web Core. You have to “publish” your source code (HTML+JS) to make it work. That’s what an web application is.
The key point here is that usually a web application (frontend) is tied with a server (backend). It’s the server that you don’t publish. You can see the “source code” of the whole Facebook “web application”, but it’s pointless because all the logic and security and relevant data is in their servers - just like it should be in yours.
In summary, my advice is don’t waste your time trying to obfuscate your web application, but instead, spend time building a solid, correct application architecture, where your sensitive code and data are managed by the server.