Original issue by @david-fong at https://github.com/substack/minimist/issues/156

As per default, npm publish is currently including everything. This includes the tests folder, the editorconfig file, etc.

I believe it is safe to add a whitelist to the package.json- something like:

"files": ["readme.markdown"]
LICENSE, index.js, and package.json are always included.

@meszaros-lajos-gyorgy not sure if this is already enabled in this repo. The goal here is to have some bot that will open a PR with security patches

https://docs.github.com/code-security/dependabot/dependabot-security-updates/configuring-dependabot-security-updates

Would be really usefull if options could take a list of values
currently if I need to pass a list of value for a given option I have to repeat the flag :

bin -a fr -a be -a us
# will return { ..... a: ['fr', 'be', 'us'] }

What if we could parse :

bin -a fr,be,us
# and return { ..... a: ['fr', 'be', 'us'] }

of course there will be a debate on the separator, which should be an option.
This behavior could be trigger with the array option, if a separator option is provided.

just check this :

"a,z,e,r,t".split(undefined) // Array [ "a,z,e,r,t" ]
"a,z,e,r,t".split(',') // Array(5) [ "a", "z", "e", "r", "t" ]

Anybody interested in this ?

https://github.com/substack/minimist/pull/113

Hey all!

Thanks for forking minimist, it's nice to see work being done on an abandoned project once more. I pulled this project into my application and noticed TypeScript was complaining saying Could not find a declaration file for module 'minimist-lite'. I saw that you have an index.d.ts in the repo and looked in the package itself to investigate. To my surprise, I saw that the d.ts wasn't included with the packaged module (see the attached screenshot for details)

As a workaround I've created an empty minimist-lite.d.ts with the contents declare module 'minimist-lite';, but I know this isn't a sustainable route to take moving forward

Original issue by @whitlockjc at https://github.com/substack/minimist/issues/36

const argv = require('minimist-lite')(process.argv.slice(2))
console.dir(argv)

If I invoke my command using my-command 2.3, I end up with something like this:

{ _: [ 2.3 ] }

I realize if this was an option I could use opts.string to tell minimist to treat my option as a string but looks like there's no way to achieve the same for argument.

What I expect instead:

{ _: [ '2.3' ] }

Original issue by @RaresGeo at https://github.com/substack/minimist/issues/159

After being parsed, the twitter snowflake is changed

This is the command

@test 647463207857815565

This is the arguments object

{ _: [ 647463207857815600 ] }

Also it's a Discord id not a twitter snowflake but you get the point

Original issue by @getify at https://github.com/substack/minimist/issues/54

I had to read the source code to diagnose why --no-foobar was not working as I expected (it wasn't giving me a "--no-foobar": true entry in my arguments. It was instead setting "foobar": false. Interesting feature, but should be documented.

So I thought if we'd be able to add support for longer names (currently it supports only "one letter" arguments). I have small issue because I'd like to add longer arguments. Like

const argvs = require("minimist")(process.argv.slice(2));

console.log(argvs)

if (argvs.th || argvs.templateHelp) {
    templateHelp();
}

if (argvs.h || argvs.help) {
    help();
}

So when I call node index.js -th  this will call for templateHelp() function, not the help() one (because it divides arguments into argvs: { _: [], t: true, h: true })

Original issue by @julien-f at https://github.com/substack/minimist/issues/71

console.log(require('minimist')(
  process.argv.slice(2),
  { stopEarly: true }
)._)

Expected result (everything after first non option):

> node index.js foo -- bar baz
[ 'foo', '--', 'bar', 'baz' ]

Actual result:

> node index.js foo -- bar baz
[ 'foo', 'bar', 'baz' ]

Original issue by @poppinlp at https://github.com/substack/minimist/issues/154

I've run the code like node index.js -a="aaa=bbb" --a2="aaa=bbb"
And here are the output for process.argv, minimist parsed result and yargs-parser parsed result:

origin argv [
  'blabla/.nvm/versions/node/v14.7.0/bin/node',
  'blabla not important',
  '-a=aaa=bbb',
  '--a2=aaa=bbb'
]
minimist { _: [], a: 'aaa', a2: 'aaa=bbb' }
yargs parser { _: [], a: 'aaa=bbb', a2: 'aaa=bbb' }

You could see, for -a, minimist seems to get the wrong result.

Original issue by @dimabru at https://github.com/substack/minimist/issues/149

Hex parameters get auto-converted to numbers.
This results in a loss of information and change of values since hex values often exceed max int.

example:
input args --a 0xffffffffffffffffffff

code:
console.log(process.argv.slice(2));
let args = minimist(process.argv.slice(2));
console.log(args['a']);
console.log(args['a'].toString(16));

console output:

100000000000000000000 is clearly !== 0xffffffffffffffffffff

@micalevisk whad do you think, is the current master ready to be released or is there anything else we can add? We could start creating version labels and add those to the individual tickets. I'll set up github projects page and we can add ideas there as well.

npm audit report

cached-path-relative  <1.1.0
Severity: high
Prototype Pollution in cached-path-relative - https://github.com/advisories/GHSA-wg6g-ppvx-927h
fix available via `npm audit fix`
node_modules/cached-path-relative

1 high severity vulnerability

[email protected] /tmp/minimist-lite
└─┬ [email protected]
  └─┬ [email protected]
    ├── [email protected]
    └─┬ [email protected]
      └── [email protected] deduped

solution

npm audit fix

will touch the lock file.

Original issue by @johndeighan at https://github.com/substack/minimist/issues/161

when I pass this to parseArgs() (using 'import parseArgs from 'minimist';' in an ES6 module'):

[ 'test/TopMenuShort.starbucks' ]

For example, my command line is node myscript.js test/TopMenuShort.starbucks, my "unknown" function is called, and this is output (though I've realized that this line is printed by my "unknown" function):

Unknown option: -test/TopMenuShort.starbucks

But the return value from parseArgs() is correct:

{
  _: [ 'test/TopMenuShort.starbucks' ],
  c: false,
  j: false,
  s: false,
  h: false,
  d: false
}

My work around is to simply return true from my "unknown" function, but that still has the problem that I can't just print the "unknown option" error message. I'm pretty sure that the function should only be called for unknown options, not for non-options on the command line.

Currently only you (I guess) can release new versions of this package.

We could use GitHub actions to automatically publish new versions to NPM registry after some event on this repo.

My proposal: publish on new releases on this repo.
An example of an workflow that publish the package on new Git Tags (that could be easily adapted): https://github.com/micalevisk/nestjs-swagger-api-http-response-decorators/blob/main/.github/workflows/publish-on-new-tag.yml

You just need to add a secret called NPM_TOKEN with your NPM access token into this repo.

Also, to make thinks more safer, we can add another CI workflow that will be triggered on every PR that change some code. It will ran automated tests & coverage report. So we'll make sure that only good PRs are merged to the main branch.

To implement this, I need to know a bit more about how is the current workflow from changing the code til release a new version.

Heads up that the original package is now maintained at https://github.com/minimistjs/minimist