Gathering detailed insights and metrics for minimist
As of June 2024, the npm registry hosts over 2 million packages, making it one of the largest open-source software repositories in the world.
Gathering detailed insights and metrics for minimist
As of June 2024, the npm registry hosts over 2 million packages, making it one of the largest open-source software repositories in the world.
npm install minimist
99.8
Supply Chain
100
Quality
79.8
Maintenance
100
Vulnerability
548 Stars
164 Commits
30 Forks
5 Watching
2 Branches
18 Contributors
Updated on 11 Nov 2024
Minified
Minified + Gzipped
JavaScript (100%)
Cumulative downloads
Total Downloads
Last day
30.7%
13,896,873
Compared to previous day
Last week
34.5%
73,903,848
Compared to previous week
Last month
20.5%
272,336,999
Compared to previous month
Last year
-0.4%
2,807,374,209
Compared to previous year
parse argument options
This module is the guts of optimist's argument parser without all the fanciful decoration.
Example files: example/parse.js (CJS) / example/parse.mjs (ESM)
1// for CJS 2const argv = require('minimist')(process.argv.slice(2)); 3 4// for ESM 5// import minimist from 'minimist'; 6// const argv = minimist(process.argv.slice(2)); 7console.log(argv);
$ node example/parse.js -a beep -b boop
{ _: [], a: 'beep', b: 'boop' }
$ node example/parse.js -x 3 -y 4 -n5 -abc --beep=boop --no-ding foo bar baz
{
_: ['foo', 'bar', 'baz'],
x: 3,
y: 4,
n: 5,
a: true,
b: true,
c: true,
beep: 'boop',
ding: false
}
1const parseArgs = require('minimist');
Return an argument object argv
populated with the array arguments from args
.
argv._
contains all the arguments that didn't have an option associated with
them.
Numeric-looking arguments will be returned as numbers unless opts.string
or
opts.boolean
contains that argument name. To disable numeric conversion
for non-option arguments, add '_'
to opts.string
.
A negated argument of the form --no-foo
returns false
for option foo
.
Any arguments after '--'
will not be parsed and will end up in argv._
.
options can be:
opts.string
- a string or array of strings argument names to always treat as
strings
opts.boolean
- a boolean, string or array of strings to always treat as
booleans. if true
will treat all double hyphenated arguments without equal signs
as boolean (e.g. affects --foo
, not -f
or --foo=bar
)
opts.alias
- an object mapping string names to strings or arrays of string
argument names to use as aliases
opts.default
- an object mapping string argument names to default values
opts.stopEarly
- when true, populate argv._
with everything after the
first non-option
opts['--']
- when true, populate argv._
with everything before the --
and argv['--']
with everything after the --
. Here's an example:
> require('./')('one two three -- four five --six'.split(' '), { '--': true })
{
_: ['one', 'two', 'three'],
'--': ['four', 'five', '--six']
}
Note that with opts['--']
set, parsing for arguments still stops after the
--
.
opts.unknown
- a function which is invoked with a command line parameter not
defined in the opts
configuration object. If the function returns false
, the
unknown option is not added to argv
.
With npm do:
npm install minimist
MIT
2
9.8/10
Summary
Prototype Pollution in minimist
Affected Versions
< 0.2.4
Patched Versions
0.2.4
9.8/10
Summary
Prototype Pollution in minimist
Affected Versions
>= 1.0.0, < 1.2.6
Patched Versions
1.2.6
3
5.6/10
Summary
Prototype Pollution in minimist
Affected Versions
>= 1.0.0, < 1.2.3
Patched Versions
1.2.3
5.6/10
Summary
Prototype Pollution in minimist
Affected Versions
< 0.2.1
Patched Versions
0.2.1
0/10
Summary
Withdrawn: ESLint dependencies are vulnerable (ReDoS and Prototype Pollution)
Affected Versions
< 1.2.2
Patched Versions
1.2.2
Reason
license file detected
Details
Reason
no dangerous workflow patterns detected
Reason
no binaries found in the repo
Reason
GitHub workflow tokens follow principle of least privilege
Details
Reason
0 existing vulnerabilities detected
Reason
security policy file detected
Details
Reason
Found 9/24 approved changesets -- score normalized to 3
Reason
0 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 1
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
Reason
project is not fuzzed
Details
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
Score
Last Scanned on 2024-11-04
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More