Back to Explore

minimistjs/minimist

GitHub
2 watchersOpen source

Last release:

Minimist is a small Node.js module that parses command line argument options into an object. It’s useful for turning an argv-style array into named options, including handling aliases, default values, boolean and string conversions, and stopping or splitting parsing around `--`.

Project status

  • Maintenance status: The repository shows an upstream push as of 2025-12-30, which suggests it is not completely abandoned, but the most recent detailed published updates in the provided history are from 2023-02-25 (v0.2.4), so day-to-day maintenance looks slow.
  • Apparent update cadence (relative to 2026-06-09): There is a large gap between the latest documented updates (early 2023) and today, with only a single upstream activity timestamp in late 2025. Based on the evidence provided, the project’s cadence appears infrequent.

AI summary generated

AI-generated from public sources. May be inaccurate. Report

Recent updates

  • v0.2.4

    Release v0.2.4 (release notes not provided) includes internal changes to minimist's dotted option handling with stronger prototype pollution protections, plus new tests covering edge cases. It also bumps the devDependency tape version used for tests.

    Security
  • v1.2.8

    v1.2.8 updates minimist with several argument parsing edge case fixes, plus a large amount of formatting-only churn across tests, examples, and eslint config. The publisher release notes were not provided, so the behavioral changes below are not explicitly documented there.

  • v0.2.3

    No publisher release notes were provided for v0.2.3. The diff indicates this version primarily contains parser bug fixes plus test/lint/packaging cleanup.

  • v0.2.2

    Release v0.2.2 has no publisher-provided release notes. The diff primarily adds prototype pollution hardening in the argument assignment logic (index.js), and also introduces new developer tooling and CI configuration (ESLint, GitHub Actions workflows, changelog automation).

    BreakingSecurityFeatures
  • v1.2.7

    Release v1.2.7 contains no release-note content from the publisher. The provided diff shows only repository and publishing/CI/test tooling updates plus devDependency changes, with no runtime source changes shown.

    Security
  • v1.2.6

    Release v1.2.6 was published on 2022-03-22, but no release notes were provided by the publisher. As a result, there is no documented information here about new features, bug fixes, breaking changes, security updates, or migration steps.

  • v1.2.5

    This release (v1.2.5) contains no functional code changes in the provided diff. The only modification is a version bump in package.json from 1.2.4 to 1.2.5.

  • v0.2.1

    Release v0.2.1 contains no publisher release notes. The code change focuses on hardening argument parsing against prototype pollution by modifying how nested keys are written, and it adds tests that specifically cover malicious keys like __proto__ and constructor.prototype.

    BreakingSecurity
  • v1.2.4

    Release v1.2.4 updates minimist version metadata and adds documentation about a previously fixed prototype pollution issue. It also introduces an additional regression test covering constructor prototype pollution vectors. No functional code changes to the argument parsing implementation are present in the provided diff.

    Security
  • v1.2.3

    Release v1.2.3 (minimist) modifies the core key-setting logic to prevent prototype pollution when parsing arguments. It also adds new test coverage around prototype pollution scenarios for object, array, number, and string values.

    Security
  • v1.2.2

    v1.2.2 contains a small change in the core minimist parsing logic, plus a new regression test for prototype pollution. The published release notes for this version are not provided, so no documented behavior changes can be confirmed.

    Security
  • v1.2.1

    Release v1.2.1 has no published release notes. The code diff shows a behavioral change to minimist's boolean argument parsing, plus corresponding test and README formatting updates.

    Breaking
  • v1.2.0

    This release (v1.2.0) includes a small change in the argument parser to recognize short options written in the form -k=v. The only functional code change is in index.js, plus a new test file that asserts the new behavior.

    Features
  • v1.1.3

    Release v1.1.3 was published, but no release notes or change log details were provided by the publisher. As a result, there is no documented information about new features, breaking changes, bug fixes, security, performance, or dependency updates in this release.