Research
PyPI Package Impersonates SymPy to Deliver Cryptomining Malware
Malicious PyPI package sympy-dev targets SymPy users, a Python symbolic math library with 85 million monthly downloads.
By Kirill Boychenko -  Jan 21, 2026
🚀 Launch Week Day 2:Introducing Custom Tabs for Org Alerts.Learn More →
commandments
Advanced tools
commandments 
Parse argument commands/options from code comments using esprima and minimist.
Install
Install with npm
$ npm i commandments --save
Run tests
npm test
Usage
var commandments = require('commandments');
Example
Given you have a file named app.js with some code comments (both block and line comments will work):
// abc: apple kiwi grapefruit */
function foo(str) {
return str;
}
function bar(str) {
/* xyz: --exclude=cranberry */
return str;
}
Pass keyword(s) to identify comments to parse, and the string with comments to parse.
var fs = require('fs');
var str = fs.readFileSync('lib/app.js', 'utf8');
// commandments([keywords], str);
var args = commandments(['abc', 'xyz'], str);
Results in:
{ abc: { _: [ 'apple', 'kiwi', 'grapefruit' ] },
xyz: { _: [], exclude: 'cranberry' } }
API
Contributing
Pull requests and stars are always welcome. For bugs and feature requests, please create an issue
Author
Jon Schlinkert
License
Copyright © 2014-2015 Jon Schlinkert Released under the MIT license.
This file was generated by verb-cli on August 19, 2015.
FAQs
Parse argument commands/options from code comments using esprima and minimist.
The npm package commandments receives a total of 0 weekly downloads. As such, commandments popularity was classified as not popular.
We found that commandments demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 19 Aug 2015
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Custom Tabs for Org Alerts
Create and share saved alert views with custom tabs on the org alerts page, making it easier for teams to return to consistent, named filter sets.
By André Staltz -  Jan 20, 2026
Product
Rust Support in Socket Is Now Generally Available
Socket’s Rust and Cargo support is now generally available, providing dependency analysis and supply chain visibility for Rust projects.
By Trevor Norris -  Jan 19, 2026