Gathering detailed insights and metrics for yargs
Gathering detailed insights and metrics for yargs
Installations
npm install yargsDeveloper Guide
BETA
Typescript
No
Module System
ESM
Min. Node Version
^20.19.0 || ^22.12.0 || >=23
Node Version
22.15.0
NPM Version
11.4.1
Score
97.8
Supply Chain
100
Quality
86.3
Maintenance
100
Vulnerability
100
License
Releases
57
Languages
3
JavaScript
TypeScript
HTML
JavaScript (71.05%)
TypeScript (28.71%)
HTML (0.25%)
Developer
Download Statistics
Total Downloads
0
Last Day
0
Last Week
0
Last Month
0
Last Year
0
GitHub Statistics
MIT License
11,307 Stars
1,847 Commits
1,006 Forks
80 Watchers
82 Branches
282 Contributors
Updated on Jul 10, 2025
Maintainers
2
Package Meta Information
Latest Version
18.0.0
Package Id
yargs@18.0.0
Unpacked Size
226.01 kB
Size
46.75 kB
File Count
58
NPM Version
11.4.1
Node Version
22.15.0
Published on
May 27, 2025
Total Downloads
Cumulative downloads
Total Downloads
NaN
Last Day
0%
NaN
Compared to previous day
Last Week
0%
NaN
Compared to previous week
Last Month
0%
NaN
Compared to previous month
Last Year
0%
NaN
Compared to previous year
Weekly Downloads
Monthly Downloads
Yearly Downloads
Yargs
Yargs be a node.js library fer hearties tryin' ter parse optstrings
Description
Yargs helps you build interactive command line tools, by parsing arguments and generating an elegant user interface.
It gives you:
- commands and (grouped) options (
my-program.js serve --port=5000). - a dynamically generated help menu based on your arguments:
mocha [spec..]
Run tests with Mocha
Commands
mocha inspect [spec..] Run tests with Mocha [default]
mocha init <path> create a client-side Mocha setup at <path>
Rules & Behavior
--allow-uncaught Allow uncaught errors to propagate [boolean]
--async-only, -A Require all tests to use a callback (async) or
return a Promise [boolean]
- generate completion scripts for Bash and Zsh for your command
- and tons more.
Installation
Stable version:
1npm i yargs
Bleeding edge version with the most recent features:
1npm i yargs@next
Usage
Simple Example
1#!/usr/bin/env node 2import yargs from 'yargs'; 3import { hideBin } from 'yargs/helpers'; 4const argv = yargs(hideBin(process.argv)).parse() 5 6if (argv.ships > 3 && argv.distance < 53.5) { 7 console.log('Plunder more riffiwobbles!') 8} else { 9 console.log('Retreat from the xupptumblers!') 10}
1$ ./plunder.js --ships=4 --distance=22 2Plunder more riffiwobbles! 3 4$ ./plunder.js --ships 12 --distance 98.7 5Retreat from the xupptumblers!
Note:
hideBinis a shorthand forprocess.argv.slice(2). It has the benefit that it takes into account variations in some environments, e.g., Electron.
Complex Example
1#!/usr/bin/env node 2import yargs from 'yargs'; 3import { hideBin } from 'yargs/helpers'; 4 5yargs(hideBin(process.argv)) 6 .command('serve [port]', 'start the server', (yargs) => { 7 return yargs 8 .positional('port', { 9 describe: 'port to bind on', 10 default: 5000 11 }) 12 }, (argv) => { 13 if (argv.verbose) console.info(`start server on :${argv.port}`) 14 serve(argv.port) 15 }) 16 .option('verbose', { 17 alias: 'v', 18 type: 'boolean', 19 description: 'Run with verbose logging' 20 }) 21 .parse()
Run the example above with --help to see the help for the application.
Supported Platforms
TypeScript
yargs has type definitions at @types/yargs.
npm i @types/yargs --save-dev
See usage examples in docs.
Deno
As of v16, yargs supports Deno:
1import yargs from 'https://deno.land/x/yargs@v17.7.2-deno/deno.ts' 2import { Arguments } from 'https://deno.land/x/yargs@v17.7.2-deno/deno-types.ts' 3 4yargs(Deno.args) 5 .command('download <files...>', 'download a list of files', (yargs: any) => { 6 return yargs.positional('files', { 7 describe: 'a list of files to do something with' 8 }) 9 }, (argv: Arguments) => { 10 console.info(argv) 11 }) 12 .strictCommands() 13 .demandCommand(1) 14 .parse()
Note: If you use version tags in url then you also have to add
-denoflag on the end, like@17.7.2-deno
Usage in Browser
See examples of using yargs in the browser in docs.
Documentation
Table of Contents
Supported Node.js Versions
Libraries in this ecosystem make a best effort to track Node.js' release schedule. Here's a post on why we think this is important.
No vulnerabilities found.
Reason
no dangerous workflow patterns detected
Reason
21 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
Reason
no binaries found in the repo
Reason
GitHub workflow tokens follow principle of least privilege
Details
- Warn: jobLevel 'contents' permission set to 'write': .github/workflows/release-please.yml:10
- Info: topLevel 'contents' permission set to 'read': .github/workflows/ci.yaml:9
- Info: found token with 'none' permissions: .github/workflows/release-please.yml:1
Reason
0 existing vulnerabilities detected
Reason
license file detected
Details
- Info: project has a license file: LICENSE:0
- Info: FSF or OSI recognized license: MIT License: LICENSE:0
Reason
Found 22/27 approved changesets -- score normalized to 8
Reason
no effort to earn an OpenSSF best practices badge detected
Reason
dependency not pinned by hash detected -- score normalized to 0
Details
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:18: update your workflow using https://app.stepsecurity.io/secureworkflow/yargs/yargs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:19: update your workflow using https://app.stepsecurity.io/secureworkflow/yargs/yargs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:29: update your workflow using https://app.stepsecurity.io/secureworkflow/yargs/yargs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:30: update your workflow using https://app.stepsecurity.io/secureworkflow/yargs/yargs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/yargs/yargs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:40: update your workflow using https://app.stepsecurity.io/secureworkflow/yargs/yargs/ci.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/ci.yaml:46: update your workflow using https://app.stepsecurity.io/secureworkflow/yargs/yargs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:55: update your workflow using https://app.stepsecurity.io/secureworkflow/yargs/yargs/ci.yaml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/ci.yaml:56: update your workflow using https://app.stepsecurity.io/secureworkflow/yargs/yargs/ci.yaml/main?enable=pin
- Warn: third-party GitHubAction not pinned by hash: .github/workflows/release-please.yml:15: update your workflow using https://app.stepsecurity.io/secureworkflow/yargs/yargs/release-please.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-please.yml:20: update your workflow using https://app.stepsecurity.io/secureworkflow/yargs/yargs/release-please.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-please.yml:21: update your workflow using https://app.stepsecurity.io/secureworkflow/yargs/yargs/release-please.yml/main?enable=pin
- Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release-please.yml:39: update your workflow using https://app.stepsecurity.io/secureworkflow/yargs/yargs/release-please.yml/main?enable=pin
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yaml:23
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yaml:25
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yaml:44
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yaml:45
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yaml:60
- Warn: npmCommand not pinned by hash: .github/workflows/ci.yaml:61
- Warn: npmCommand not pinned by hash: .github/workflows/release-please.yml:25
- Warn: npmCommand not pinned by hash: .github/workflows/release-please.yml:26
- Warn: npmCommand not pinned by hash: .github/workflows/release-please.yml:45
- Info: 0 out of 11 GitHub-owned GitHubAction dependencies pinned
- Info: 0 out of 2 third-party GitHubAction dependencies pinned
- Info: 0 out of 9 npmCommand dependencies pinned
Reason
security policy file not detected
Details
- Warn: no security policy file detected
- Warn: no security file to analyze
- Warn: no security file to analyze
- Warn: no security file to analyze
Reason
project is not fuzzed
Details
- Warn: no fuzzer integrations found
Reason
SAST tool is not run on all commits -- score normalized to 0
Details
- Warn: 0 commits out of 29 are checked with a SAST tool
Score
6.7
/10
Last Scanned on 2025-06-30
The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.
Learn More