I understand that the code is shipped to the client and the client has the code anyway.

I don’t think that there is a software that is 100% secure. I think our responsibility is to reduce the probability of an attack/hack as much as we can, but we will never reach a fully secure architecture.

By accepting this idea, we should make everything that makes it harder for an attacker to hack our systems. When you send your source files (even if it is just a front-end) you are making it easier for someone else to understand your software, which gives them the ability to test your server against vulnerabilities faster.