Security News
GitHub Removes Malicious Pull Requests Targeting Open Source Repositories
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
The yargs npm package is a command-line argument parser that helps in building interactive command line tools, by parsing arguments and generating an elegant user interface. It provides a simple and efficient way to handle command line arguments for Node.js applications.
Command Parsing
Yargs allows you to define commands and associated options. This feature is useful for CLI applications that perform different actions based on the command provided.
const yargs = require('yargs/yargs')(process.argv.slice(2));
yargs.command('get', 'make a get HTTP request', () => {}, (argv) => {
console.log(`Request made to URL: ${argv.url}`);
}).argv;
Option Parsing
Yargs can parse options (also known as flags or switches) with additional configuration such as aliases, types, and descriptions.
const yargs = require('yargs/yargs')(process.argv.slice(2));
yargs.option('verbose', {
alias: 'v',
type: 'boolean',
description: 'Run with verbose logging'
}).argv;
Default Values
Yargs allows setting default values for options, which will be used if no value is provided by the user.
const yargs = require('yargs/yargs')(process.argv.slice(2));
yargs.default('port', 8080).argv;
Automatic Help and Version Information
Yargs can automatically generate help and version information for the CLI tool, making it easier for users to understand how to use the application.
const yargs = require('yargs/yargs')(process.argv.slice(2));
yargs.help().version().argv;
Custom Validation
Yargs provides a way to define custom validation rules for the provided arguments, ensuring that the input meets certain criteria before the application proceeds.
const yargs = require('yargs/yargs')(process.argv.slice(2));
yargs.option('port', {
describe: 'The port to bind on',
demandOption: true,
number: true
}).check((argv, options) => {
if (argv.port < 1024) {
throw new Error('Port must be at least 1024');
}
return true;
}).argv;
Commander is another popular npm package for parsing command-line options. It provides a high-level API for defining commands and options, similar to yargs. Commander is known for its simplicity and declarative approach to command-line arguments.
Minimist is a minimalistic command-line argument parser. It is more lightweight than yargs and focuses on parsing a list of arguments into an object, without the additional features like command handling, help text generation, or validation.
Meow is a CLI helper for creating Node.js command-line apps. It provides a simpler and more opinionated API compared to yargs, with built-in help text, version output, and flag aliasing. Meow is suitable for smaller projects that require less customization.
Caporal is a full-featured framework for building command-line applications. It offers a rich set of features including argument parsing, validation, autocomplete, and more. Caporal is more framework-like compared to yargs, which might be more suitable for complex CLI tools.
Yargs be a node.js library fer hearties tryin' ter parse optstrings
Yargs helps you build interactive command line tools, by parsing arguments and generating an elegant user interface.
It gives you:
my-program.js serve --port=5000
).Stable version:
npm i yargs
Bleeding edge version with the most recent features:
npm i yargs@next
#!/usr/bin/env node
const {argv} = require('yargs')
if (argv.ships > 3 && argv.distance < 53.5) {
console.log('Plunder more riffiwobbles!')
} else {
console.log('Retreat from the xupptumblers!')
}
$ ./plunder.js --ships=4 --distance=22
Plunder more riffiwobbles!
$ ./plunder.js --ships 12 --distance 98.7
Retreat from the xupptumblers!
#!/usr/bin/env node
require('yargs') // eslint-disable-line
.command('serve [port]', 'start the server', (yargs) => {
yargs
.positional('port', {
describe: 'port to bind on',
default: 5000
})
}, (argv) => {
if (argv.verbose) console.info(`start server on :${argv.port}`)
serve(argv.port)
})
.option('verbose', {
alias: 'v',
type: 'boolean',
description: 'Run with verbose logging'
})
.argv
Run the example above with --help
to see the help for the application.
yargs has type definitions at @types/yargs.
npm i @types/yargs --save-dev
See usage examples in docs.
As of v16
, yargs
supports Deno:
import yargs from 'https://deno.land/x/yargs/deno.ts'
import { Arguments, YargsType } from 'https://deno.land/x/yargs/types.ts'
yargs()
.command('download <files...>', 'download a list of files', (yargs: YargsType) => {
return yargs.positional('files', {
describe: 'a list of files to do something with'
})
}, (argv: Arguments) => {
console.info(argv)
})
.strictCommands()
.demandCommand(1)
.parse(Deno.args)
As of v16
,yargs
supports ESM imports:
import yargs from 'yargs'
import { hideBin } from 'yargs/helpers'
yargs(hideBin(process.argv))
.command('curl <url>', 'fetch the contents of the URL', () => {}, (argv) => {
console.info(argv)
})
.demandCommand(1)
.argv
See examples of using yargs in the browser in docs.
Having problems? want to contribute? join our community slack.
Libraries in this ecosystem make a best effort to track Node.js' release schedule. Here's a post on why we think this is important.
FAQs
yargs the modern, pirate-themed, successor to optimist.
We found that yargs demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub removed 27 malicious pull requests attempting to inject harmful code across multiple open source repositories, in another round of low-effort attacks.
Security News
RubyGems.org has added a new "maintainer" role that allows for publishing new versions of gems. This new permission type is aimed at improving security for gem owners and the service overall.
Security News
Node.js will be enforcing stricter semver-major PR policies a month before major releases to enhance stability and ensure reliable release candidates.