Node.js comes with a variety of CLI options. These options expose built-in\ndebugging, multiple ways to execute scripts, and other helpful runtime options.

To view this documentation as a manual page in a terminal, run man node.

node [options] [V8 options] [<program-entry-point> | -e \"script\" | -] [--] [arguments]

node inspect [<program-entry-point> | -e \"script\" | <host>:<port>] …

node --v8-options

Execute without arguments to start the REPL.

For more info about node inspect, see the debugger documentation.

The program entry point is a specifier-like string. If the string is not an\nabsolute path, it's resolved as a relative path from the current working\ndirectory. That entry point string is then resolved as if it's been requested\nby require() from the current working directory. If no corresponding file\nis found, an error is thrown.

By default, the resolved path is also loaded as if it's been requested by require(),\nunless one of the conditions below apply—then it's loaded as if it's been requested\nby import():

\n
• The program was started with a command-line flag that forces the entry\npoint to be loaded with ECMAScript module loader, such as --import.
\n
• The file has an .mjs, .mts or .wasm extension.
\n
• The file does not have a .cjs extension, and the nearest parent\npackage.json file contains a top-level \"type\" field with a value of\n\"module\".
\n

See module resolution and loading for more details.

All options, including V8 options, allow words to be separated by both\ndashes (-) or underscores (_). For example, --pending-deprecation is\nequivalent to --pending_deprecation.

If an option that takes a single value (such as --max-http-header-size) is\npassed more than once, then the last passed value is used. Options from the\ncommand line take precedence over options passed through the NODE_OPTIONS\nenvironment variable.

Alias for stdin. Analogous to the use of - in other command-line utilities,\nmeaning that the script is read from stdin, and the rest of the options\nare passed to that script.

Indicate the end of node options. Pass the rest of the arguments to the script.\nIf no script filename or eval/print script is supplied prior to this, then\nthe next argument is used as a script filename.

Aborting instead of exiting causes a core file to be generated for post-mortem\nanalysis using a debugger (such as lldb, gdb, and mdb).

If this flag is passed, the behavior can still be set to not abort through\nprocess.setUncaughtExceptionCaptureCallback() (and through usage of the\nnode:domain module that uses it).

When using the Permission Model, the process will not be able to use\nnative addons by default.\nAttempts to do so will throw an ERR_DLOPEN_DISABLED unless the\nuser explicitly passes the --allow-addons flag when starting Node.js.

Example:

// Attempt to require an native addon\nrequire('nodejs-addon-example');\n

$ node --permission --allow-fs-read=* index.js\nnode:internal/modules/cjs/loader:1319\n  return process.dlopen(module, path.toNamespacedPath(filename));\n                 ^\n\nError: Cannot load native addon because loading addons is disabled.\n    at Module._extensions..node (node:internal/modules/cjs/loader:1319:18)\n    at Module.load (node:internal/modules/cjs/loader:1091:32)\n    at Module._load (node:internal/modules/cjs/loader:938:12)\n    at Module.require (node:internal/modules/cjs/loader:1115:19)\n    at require (node:internal/modules/helpers:130:18)\n    at Object.<anonymous> (/home/index.js:1:15)\n    at Module._compile (node:internal/modules/cjs/loader:1233:14)\n    at Module._extensions..js (node:internal/modules/cjs/loader:1287:10)\n    at Module.load (node:internal/modules/cjs/loader:1091:32)\n    at Module._load (node:internal/modules/cjs/loader:938:12) {\n  code: 'ERR_DLOPEN_DISABLED'\n}\n

When using the Permission Model, the process will not be able to spawn any\nchild process by default.\nAttempts to do so will throw an ERR_ACCESS_DENIED unless the\nuser explicitly passes the --allow-child-process flag when starting Node.js.

Example:

const childProcess = require('node:child_process');\n// Attempt to bypass the permission\nchildProcess.spawn('node', ['-e', 'require(\"fs\").writeFileSync(\"/new-file\", \"example\")']);\n

$ node --permission --allow-fs-read=* index.js\nnode:internal/child_process:388\n  const err = this._handle.spawn(options);\n                           ^\nError: Access to this API has been restricted\n    at ChildProcess.spawn (node:internal/child_process:388:28)\n    at node:internal/main/run_main_module:17:47 {\n  code: 'ERR_ACCESS_DENIED',\n  permission: 'ChildProcess'\n}\n

The child_process.fork() API inherits the execution arguments from the\nparent process. This means that if Node.js is started with the Permission\nModel enabled and the --allow-child-process flag is set, any child process\ncreated using child_process.fork() will automatically receive all relevant\nPermission Model flags.

This behavior also applies to child_process.spawn(), but in that case, the\nflags are propagated via the NODE_OPTIONS environment variable rather than\ndirectly through the process arguments.

This flag configures file system read permissions using\nthe Permission Model.

The valid arguments for the --allow-fs-read flag are:

\n
• * - To allow all FileSystemRead operations.
\n
• Multiple paths can be allowed using multiple --allow-fs-read flags.\nExample --allow-fs-read=/folder1/ --allow-fs-read=/folder1/
\n

Examples can be found in the File System Permissions documentation.

The initializer module and custom --require modules has a implicit\nread permission.

$ node --permission -r custom-require.js -r custom-require-2.js index.js\n

\n
• The custom-require.js, custom-require-2.js, and index.js will be\nby default in the allowed read list.
\n

process.has('fs.read', 'index.js'); // true\nprocess.has('fs.read', 'custom-require.js'); // true\nprocess.has('fs.read', 'custom-require-2.js'); // true\n

This flag configures file system write permissions using\nthe Permission Model.

The valid arguments for the --allow-fs-write flag are:

\n
• * - To allow all FileSystemWrite operations.
\n
• Multiple paths can be allowed using multiple --allow-fs-write flags.\nExample --allow-fs-write=/folder1/ --allow-fs-write=/folder1/
\n

Paths delimited by comma (,) are no longer allowed.\nWhen passing a single flag with a comma a warning will be displayed.

Examples can be found in the File System Permissions documentation.

When using the Permission Model, the process will not be able to connect\nthrough inspector protocol.

Attempts to do so will throw an ERR_ACCESS_DENIED unless the\nuser explicitly passes the --allow-inspector flag when starting Node.js.

Example:

const { Session } = require('node:inspector/promises');\n\nconst session = new Session();\nsession.connect();\n

$ node --permission index.js\nError: connect ERR_ACCESS_DENIED Access to this API has been restricted. Use --allow-inspector to manage permissions.\n  code: 'ERR_ACCESS_DENIED',\n}\n

When using the Permission Model, the process will not be able to access\nnetwork by default.\nAttempts to do so will throw an ERR_ACCESS_DENIED unless the\nuser explicitly passes the --allow-net flag when starting Node.js.

Example:

const http = require('node:http');\n// Attempt to bypass the permission\nconst req = http.get('http://example.com', () => {});\n\nreq.on('error', (err) => {\n  console.log('err', err);\n});\n

$ node --permission index.js\nError: connect ERR_ACCESS_DENIED Access to this API has been restricted. Use --allow-net to manage permissions.\n  code: 'ERR_ACCESS_DENIED',\n}\n

When using the Permission Model, the process will not be capable of creating\nany WASI instances by default.\nFor security reasons, the call will throw an ERR_ACCESS_DENIED unless the\nuser explicitly passes the flag --allow-wasi in the main Node.js process.

Example:

const { WASI } = require('node:wasi');\n// Attempt to bypass the permission\nnew WASI({\n  version: 'preview1',\n  // Attempt to mount the whole filesystem\n  preopens: {\n    '/': '/',\n  },\n});\n

$ node --permission --allow-fs-read=* index.js\n\nError: Access to this API has been restricted\n    at node:internal/main/run_main_module:30:49 {\n  code: 'ERR_ACCESS_DENIED',\n  permission: 'WASI',\n}\n

When using the Permission Model, the process will not be able to create any\nworker threads by default.\nFor security reasons, the call will throw an ERR_ACCESS_DENIED unless the\nuser explicitly pass the flag --allow-worker in the main Node.js process.

Example:

const { Worker } = require('node:worker_threads');\n// Attempt to bypass the permission\nnew Worker(__filename);\n

$ node --permission --allow-fs-read=* index.js\n\nError: Access to this API has been restricted\n    at node:internal/main/run_main_module:17:47 {\n  code: 'ERR_ACCESS_DENIED',\n  permission: 'WorkerThreads'\n}\n

Generates a single executable application from a JSON\nconfiguration file. The argument must be a path to the configuration file. If\nthe path is not absolute, it is resolved relative to the current working\ndirectory.

For configuration fields, cross-platform notes, and asset APIs, see\nthe single executable application documentation.

Generates a snapshot blob when the process exits and writes it to\ndisk, which can be loaded later with --snapshot-blob.

When building the snapshot, if --snapshot-blob is not specified,\nthe generated blob will be written, by default, to snapshot.blob\nin the current working directory. Otherwise it will be written to\nthe path specified by --snapshot-blob.

$ echo \"globalThis.foo = 'I am from the snapshot'\" > snapshot.js\n\n# Run snapshot.js to initialize the application and snapshot the\n# state of it into snapshot.blob.\n$ node --snapshot-blob snapshot.blob --build-snapshot snapshot.js\n\n$ echo \"console.log(globalThis.foo)\" > index.js\n\n# Load the generated snapshot and start the application from index.js.\n$ node --snapshot-blob snapshot.blob index.js\nI am from the snapshot\n

The v8.startupSnapshot API can be used to specify an entry point at\nsnapshot building time, thus avoiding the need of an additional entry\nscript at deserialization time:

$ echo \"require('v8').startupSnapshot.setDeserializeMainFunction(() => console.log('I am from the snapshot'))\" > snapshot.js\n$ node --snapshot-blob snapshot.blob --build-snapshot snapshot.js\n$ node --snapshot-blob snapshot.blob\nI am from the snapshot\n

For more information, check out the v8.startupSnapshot API documentation.

The snapshot currently only supports loding a single entrypoint during the\nsnapshot building process, which can load built-in modules, but not additional user-land modules.\nUsers can bundle their applications into a single script with their bundler\nof choice before building a snapshot.

As it's complicated to ensure the serializablility of all built-in modules,\nwhich are also growing over time, only a subset of the built-in modules are\nwell tested to be serializable during the snapshot building process.\nThe Node.js core test suite checks that a few fairly complex applications\ncan be snapshotted. The list of built-in modules being\ncaptured by the built-in snapshot of Node.js is considered supported.\nWhen the snapshot builder encounters a built-in module that cannot be\nserialized, it may crash the snapshot building process. In that case a typical\nworkaround would be to delay loading that module until\nruntime, using either v8.startupSnapshot.setDeserializeMainFunction() or\nv8.startupSnapshot.addDeserializeCallback(). If serialization for\nan additional module during the snapshot building process is needed,\nplease file a request in the Node.js issue tracker and link to it in the\ntracking issue for user-land snapshots.

Specifies the path to a JSON configuration file which configures snapshot\ncreation behavior.

The following options are currently supported:

\n
• builder <string> Required. Provides the name to the script that is executed\nbefore building the snapshot, as if --build-snapshot had been passed\nwith builder as the main script name.
\n
• withoutCodeCache <boolean> Optional. Including the code cache reduces the\ntime spent on compiling functions included in the snapshot at the expense\nof a bigger snapshot size and potentially breaking portability of the\nsnapshot.
\n

When using this flag, additional script files provided on the command line will\nnot be executed and instead be interpreted as regular command line arguments.

Syntax check the script without executing.

Print source-able bash completion script for Node.js.

node --completion-bash > node_bash_completion\nsource node_bash_completion\n

Provide custom conditional exports resolution conditions.

Any number of custom string condition names are permitted.

The default Node.js conditions of \"node\", \"default\", \"import\", and\n\"require\" will always apply as defined.

For example, to run a module with \"development\" resolutions:

node -C development app.js\n

Starts the V8 CPU profiler on start up, and writes the CPU profile to disk\nbefore exit.

If --cpu-prof-dir is not specified, the generated profile is placed\nin the current working directory.

If --cpu-prof-name is not specified, the generated profile is\nnamed CPU.${yyyymmdd}.${hhmmss}.${pid}.${tid}.${seq}.cpuprofile.

$ node --cpu-prof index.js\n$ ls *.cpuprofile\nCPU.20190409.202950.15293.0.0.cpuprofile\n

If --cpu-prof-name is specified, the provided value is used as a template\nfor the file name. The following placeholder is supported and will be\nsubstituted at runtime:

\n
• ${pid} — the current process ID
\n

$ node --cpu-prof --cpu-prof-name 'CPU.${pid}.cpuprofile' index.js\n$ ls *.cpuprofile\nCPU.15293.cpuprofile\n

Specify the directory where the CPU profiles generated by --cpu-prof will\nbe placed.

The default value is controlled by the\n--diagnostic-dir command-line option.

Specify the sampling interval in microseconds for the CPU profiles generated\nby --cpu-prof. The default is 1000 microseconds.

Specify the file name of the CPU profile generated by --cpu-prof.

Set the directory to which all diagnostic output files are written.\nDefaults to current working directory.

Affects the default output directory of:

\n
• --cpu-prof-dir
\n
• --heap-prof-dir
\n
• --redirect-warnings
\n

Disable the Object.prototype.__proto__ property. If mode is delete, the\nproperty is removed entirely. If mode is throw, accesses to the\nproperty throw an exception with the code ERR_PROTO_ACCESS.

Disable the ability of starting a debugging session by sending a\nSIGUSR1 signal to the process.

Disable specific process warnings by code or type.

Warnings emitted from process.emitWarning() may contain a\ncode and a type. This option will not-emit warnings that have a matching\ncode or type.

List of deprecation warnings.

The Node.js core warning types are: DeprecationWarning and\nExperimentalWarning

For example, the following script will not emit\nDEP0025 require('node:sys') when executed with\nnode --disable-warning=DEP0025:

import sys from 'node:sys';\n

const sys = require('node:sys');\n

For example, the following script will emit the\nDEP0025 require('node:sys'), but not any Experimental\nWarnings (such as\nExperimentalWarning: vm.measureMemory is an experimental feature\nin <=v21) when executed with node --disable-warning=ExperimentalWarning:

import sys from 'node:sys';\nimport vm from 'node:vm';\n\nvm.measureMemory();\n

const sys = require('node:sys');\nconst vm = require('node:vm');\n\nvm.measureMemory();\n

By default, Node.js enables trap-handler-based WebAssembly bound\nchecks. As a result, V8 does not need to insert inline bound checks\nin the code compiled from WebAssembly which may speed up WebAssembly\nexecution significantly, but this optimization requires allocating\na big virtual memory cage (currently 10GB). If the Node.js process\ndoes not have access to a large enough virtual memory address space\ndue to system configurations or hardware limitations, users won't\nbe able to run any WebAssembly that involves allocation in this\nvirtual memory cage and will see an out-of-memory error.

$ ulimit -v 5000000\n$ node -p \"new WebAssembly.Memory({ initial: 10, maximum: 100 });\"\n[eval]:1\nnew WebAssembly.Memory({ initial: 10, maximum: 100 });\n^\n\nRangeError: WebAssembly.Memory(): could not allocate memory\n    at [eval]:1:1\n    at runScriptInThisContext (node:internal/vm:209:10)\n    at node:internal/process/execution:118:14\n    at [eval]-wrapper:6:24\n    at runScript (node:internal/process/execution:101:62)\n    at evalScript (node:internal/process/execution:136:3)\n    at node:internal/main/eval_string:49:3\n\n

--disable-wasm-trap-handler disables this optimization so that\nusers can at least run WebAssembly (with less optimal performance)\nwhen the virtual memory address space available to their Node.js\nprocess is lower than what the V8 WebAssembly memory cage needs.

Make built-in language features like eval and new Function that generate\ncode from strings throw an exception instead. This does not affect the Node.js\nnode:vm module.

Set the default value of order in dns.lookup() and\ndnsPromises.lookup(). The value could be:

\n
• ipv4first: sets default order to ipv4first.
\n
• ipv6first: sets default order to ipv6first.
\n
• verbatim: sets default order to verbatim.
\n

The default is verbatim and dns.setDefaultResultOrder() have higher\npriority than --dns-result-order.

Enable FIPS-compliant crypto at startup. (Requires Node.js to be built\nagainst FIPS-compatible OpenSSL.)

Enable Source Map support for stack traces.

When using a transpiler, such as TypeScript, stack traces thrown by an\napplication reference the transpiled code, not the original source position.\n--enable-source-maps enables caching of Source Maps and makes a best\neffort to report stack traces relative to the original source file.

Overriding Error.prepareStackTrace may prevent --enable-source-maps from\nmodifying the stack trace. Call and return the results of the original\nError.prepareStackTrace in the overriding function to modify the stack trace\nwith source maps.

const originalPrepareStackTrace = Error.prepareStackTrace;\nError.prepareStackTrace = (error, trace) => {\n  // Modify error and trace and format stack trace with\n  // original Error.prepareStackTrace.\n  return originalPrepareStackTrace(error, trace);\n};\n

Note, enabling source maps can introduce latency to your application\nwhen Error.stack is accessed. If you access Error.stack frequently\nin your application, take into account the performance implications\nof --enable-source-maps.

When present, Node.js will interpret the entry point as a URL, rather than a\npath.

Follows ECMAScript module resolution rules.

Any query parameter or hash in the URL will be accessible via import.meta.url.

node --entry-url 'file:///path/to/file.js?queryparams=work#and-hashes-too'\nnode --entry-url 'file.ts?query#hash'\nnode --entry-url 'data:text/javascript,console.log(\"Hello\")'\n

Behavior is the same as --env-file, but an error is not thrown if the file\ndoes not exist.

Loads environment variables from a file relative to the current directory,\nmaking them available to applications on process.env. The environment\nvariables which configure Node.js, such as NODE_OPTIONS,\nare parsed and applied. If the same variable is defined in the environment and\nin the file, the value from the environment takes precedence.

You can pass multiple --env-file arguments. Subsequent files override\npre-existing variables defined in previous files.

An error is thrown if the file does not exist.

node --env-file=.env --env-file=.development.env index.js\n

The format of the file should be one line per key-value pair of environment\nvariable name and value separated by =:

PORT=3000\n

Any text after a # is treated as a comment:

# This is a comment\nPORT=3000 # This is also a comment\n

Values can start and end with the following quotes: `, \" or '.\nThey are omitted from the values.

USERNAME=\"nodejs\" # will result in `nodejs` as the value.\n

Multi-line values are supported:

MULTI_LINE=\"THIS IS\nA MULTILINE\"\n# will result in `THIS IS\\nA MULTILINE` as the value.\n

Export keyword before a key is ignored:

export USERNAME=\"nodejs\" # will result in `nodejs` as the value.\n

If you want to load environment variables from a file that may not exist, you\ncan use the --env-file-if-exists flag instead.

Evaluate the following argument as JavaScript. The modules which are\npredefined in the REPL can also be used in script.

On Windows, using cmd.exe a single quote will not work correctly because it\nonly recognizes double \" for quoting. In Powershell or Git bash, both '\nand \" are usable.

It is possible to run code containing inline types unless the\n--no-strip-types flag is provided.

Enable experimental import support for .node addons.

If present, Node.js will look for a configuration file at the specified path.\nNode.js will read the configuration file and apply the settings. The\nconfiguration file should be a JSON file with the following structure. vX.Y.Z\nin the $schema must be replaced with the version of Node.js you are using.

{\n  \"$schema\": \"https://nodejs.org/dist/vX.Y.Z/docs/node-config-schema.json\",\n  \"nodeOptions\": {\n    \"import\": [\n      \"amaro/strip\"\n    ],\n    \"watch-path\": \"src\",\n    \"watch-preserve-output\": true\n  },\n  \"test\": {\n    \"test-isolation\": \"process\"\n  },\n  \"watch\": {\n    \"watch-preserve-output\": true\n  }\n}\n

The configuration file supports namespace-specific options:

\n
• \n

  The nodeOptions field contains CLI flags that are allowed in NODE_OPTIONS.

  \n
\n
• \n

  Namespace fields like test, watch, and permission contain configuration specific to that subsystem.

  \n
\n

When a namespace is present in the\nconfiguration file, Node.js automatically enables the corresponding flag\n(e.g., --test, --watch, --permission). This allows you to configure\nsubsystem-specific options without explicitly passing the flag on the command line.

For example:

{\n  \"test\": {\n    \"test-isolation\": \"process\"\n  }\n}\n

is equivalent to:

node --test --test-isolation=process\n

To disable the automatic flag while still using namespace options, you can\nexplicitly set the flag to false within the namespace:

{\n  \"test\": {\n    \"test\": false,\n    \"test-isolation\": \"process\"\n  }\n}\n

No-op flags are not supported.\nNot all V8 flags are currently supported.

It is possible to use the official JSON schema\nto validate the configuration file, which may vary depending on the Node.js version.\nEach key in the configuration file corresponds to a flag that can be passed\nas a command-line argument. The value of the key is the value that would be\npassed to the flag.

For example, the configuration file above is equivalent to\nthe following command-line arguments:

node --import amaro/strip --watch-path=src --watch-preserve-output --test-isolation=process\n

The priority in configuration is as follows:

\n
1. NODE_OPTIONS and command-line options
\n
2. Configuration file
\n
3. Dotenv NODE_OPTIONS
\n

Values in the configuration file will not override the values in the environment\nvariables and command-line options, but will override the values in the NODE_OPTIONS\nenv file parsed by the --env-file flag.

Keys cannot be duplicated within the same or different namespaces.

The configuration parser will throw an error if the configuration file contains\nunknown keys or keys that cannot be used in a namespace.

Node.js will not sanitize or perform validation on the user-provided configuration,\nso NEVER use untrusted configuration files.

If the --experimental-default-config-file flag is present, Node.js will look for a\nnode.config.json file in the current working directory and load it as a\nas configuration file.

Enable exposition of EventSource Web API on the global scope.

Enable experimental import.meta.resolve() parent URL support, which allows\npassing a second parentURL argument for contextual resolution.

Previously gated the entire import.meta.resolve feature.

Enable experimental support for inspector network resources.

\n

This flag is discouraged and may be removed in a future version of Node.js.\nPlease use\n--import with register() instead.

\n

Specify the module containing exported asynchronous module customization hooks.\nmodule may be any string accepted as an import specifier.

This feature requires --allow-worker if used with the Permission Model.

Enable experimental support for the network inspection with Chrome DevTools.

If the ES module being require()'d contains top-level await, this flag\nallows Node.js to evaluate the module, try to locate the\ntop-level awaits, and print their location to help users find them.

Enable experimental support for the QUIC protocol.

Use this flag to generate a blob that can be injected into the Node.js\nbinary to produce a single executable application. See the documentation\nabout this configuration for details.

Use this flag to enable ShadowRealm support.

Enable experimental support for storage inspection

When used in conjunction with the node:test module, a code coverage report is\ngenerated as part of the test runner output. If no tests are run, a coverage\nreport is not generated. See the documentation on\ncollecting code coverage from tests for more details.

Enable module mocking in the test runner.

This feature requires --allow-worker if used with the Permission Model.

Enables the transformation of TypeScript-only syntax into JavaScript code.\nImplies --enable-source-maps.

Enable experimental ES Module support in the node:vm module.

Enable experimental WebAssembly System Interface (WASI) support.

Enable experimental support for the worker inspection with Chrome DevTools.

This flag will expose the gc extension from V8.

if (globalThis.gc) {\n  globalThis.gc();\n}\n

Disable loading native addons that are not context-aware.

Force FIPS-compliant crypto on startup. (Cannot be disabled from script code.)\n(Same requirements as --enable-fips.)

Enforces uncaughtException event on Node-API asynchronous callbacks.

To prevent from an existing add-on from crashing the process, this flag is not\nenabled by default. In the future, this flag will be enabled by default to\nenforce the correct behavior.

Enable experimental frozen intrinsics like Array and Object.

Only the root context is supported. There is no guarantee that\nglobalThis.Array is indeed the default intrinsic reference. Code may break\nunder this flag.

To allow polyfills to be added,\n--require and --import both run before freezing intrinsics.

Starts the V8 heap profiler on start up, and writes the heap profile to disk\nbefore exit.

If --heap-prof-dir is not specified, the generated profile is placed\nin the current working directory.

If --heap-prof-name is not specified, the generated profile is\nnamed Heap.${yyyymmdd}.${hhmmss}.${pid}.${tid}.${seq}.heapprofile.

$ node --heap-prof index.js\n$ ls *.heapprofile\nHeap.20190409.202950.15293.0.001.heapprofile\n

Specify the directory where the heap profiles generated by --heap-prof will\nbe placed.

The default value is controlled by the\n--diagnostic-dir command-line option.

Specify the average sampling interval in bytes for the heap profiles generated\nby --heap-prof. The default is 512 * 1024 bytes.

Specify the file name of the heap profile generated by --heap-prof.

Writes a V8 heap snapshot to disk when the V8 heap usage is approaching the\nheap limit. count should be a non-negative integer (in which case\nNode.js will write no more than max_count snapshots to disk).

When generating snapshots, garbage collection may be triggered and bring\nthe heap usage down. Therefore multiple snapshots may be written to disk\nbefore the Node.js instance finally runs out of memory. These heap snapshots\ncan be compared to determine what objects are being allocated during the\ntime consecutive snapshots are taken. It's not guaranteed that Node.js will\nwrite exactly max_count snapshots to disk, but it will try\nits best to generate at least one and up to max_count snapshots before the\nNode.js instance runs out of memory when max_count is greater than 0.

Generating V8 snapshots takes time and memory (both memory managed by the\nV8 heap and native memory outside the V8 heap). The bigger the heap is,\nthe more resources it needs. Node.js will adjust the V8 heap to accommodate\nthe additional V8 heap memory overhead, and try its best to avoid using up\nall the memory available to the process. When the process uses\nmore memory than the system deems appropriate, the process may be terminated\nabruptly by the system, depending on the system configuration.

$ node --max-old-space-size=100 --heapsnapshot-near-heap-limit=3 index.js\nWrote snapshot to Heap.20200430.100036.49580.0.001.heapsnapshot\nWrote snapshot to Heap.20200430.100037.49580.0.002.heapsnapshot\nWrote snapshot to Heap.20200430.100038.49580.0.003.heapsnapshot\n\n<--- Last few GCs --->\n\n[49580:0x110000000]     4826 ms: Mark-sweep 130.6 (147.8) -> 130.5 (147.8) MB, 27.4 / 0.0 ms  (average mu = 0.126, current mu = 0.034) allocation failure scavenge might not succeed\n[49580:0x110000000]     4845 ms: Mark-sweep 130.6 (147.8) -> 130.6 (147.8) MB, 18.8 / 0.0 ms  (average mu = 0.088, current mu = 0.031) allocation failure scavenge might not succeed\n\n\n<--- JS stacktrace --->\n\nFATAL ERROR: Ineffective mark-compacts near heap limit Allocation failed - JavaScript heap out of memory\n....\n

Enables a signal handler that causes the Node.js process to write a heap dump\nwhen the specified signal is received. signal must be a valid signal name.\nDisabled by default.

$ node --heapsnapshot-signal=SIGUSR2 index.js &\n$ ps aux\nUSER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND\nnode         1  5.5  6.1 787252 247004 ?       Ssl  16:43   0:02 node --heapsnapshot-signal=SIGUSR2 index.js\n$ kill -USR2 1\n$ ls\nHeap.20190718.133405.15554.0.001.heapsnapshot\n

Print node command-line options.\nThe output of this option is less detailed than this document.

Specify ICU data load path. (Overrides NODE_ICU_DATA.)

Preload the specified module at startup. If the flag is provided several times,\neach module will be executed sequentially in the order they appear, starting\nwith the ones provided in NODE_OPTIONS.

Follows ECMAScript module resolution rules.\nUse --require to load a CommonJS module.\nModules preloaded with --require will run before modules preloaded with --import.

Modules are preloaded into the main thread as well as any worker threads,\nforked processes, or clustered processes.

This configures Node.js to interpret --eval or STDIN input as CommonJS or\nas an ES module. Valid values are \"commonjs\", \"module\", \"module-typescript\" and \"commonjs-typescript\".\nThe \"-typescript\" values are not available with the flag --no-strip-types.\nThe default is no value, or \"commonjs\" if --no-experimental-detect-module is passed.

If --input-type is not provided,\nNode.js will try to detect the syntax with the following steps:

\n
1. Run the input as CommonJS.
\n
2. If step 1 fails, run the input as an ES module.
\n
3. If step 2 fails with a SyntaxError, strip the types.
\n
4. If step 3 fails with an error code ERR_UNSUPPORTED_TYPESCRIPT_SYNTAX\nor ERR_INVALID_TYPESCRIPT_SYNTAX,\nthrow the error from step 2, including the TypeScript error in the message,\nelse run as CommonJS.
\n
5. If step 4 fails, run the input as an ES module.
\n

To avoid the delay of multiple syntax detection passes, the --input-type=type flag can be used to specify\nhow the --eval input should be interpreted.

The REPL does not support this option. Usage of --input-type=module with\n--print will throw an error, as --print does not support ES module\nsyntax.

Enable leniency flags on the HTTP parser. This may allow\ninteroperability with non-conformant HTTP implementations.

When enabled, the parser will accept the following:

\n
• Invalid HTTP headers values.
\n
• Invalid HTTP versions.
\n
• Allow message containing both Transfer-Encoding\nand Content-Length headers.
\n
• Allow extra data after message when Connection: close is present.
\n
• Allow extra transfer encodings after chunked has been provided.
\n
• Allow \\n to be used as token separator instead of \\r\\n.
\n
• Allow \\r\\n not to be provided after a chunk.
\n
• Allow spaces to be present after a chunk size and before \\r\\n.
\n

All the above will expose your application to request smuggling\nor poisoning attack. Avoid using this option.

Activate inspector on host:port and break at start of user script.\nDefault host:port is 127.0.0.1:9229. If port 0 is specified,\na random available port will be used.

See V8 Inspector integration for Node.js for further explanation on Node.js debugger.

See the security warning below regarding the host\nparameter usage.

Set the host:port to be used when the inspector is activated.\nUseful when activating the inspector by sending the SIGUSR1 signal.\nExcept when --disable-sigusr1 is passed.

Default host is 127.0.0.1. If port 0 is specified,\na random available port will be used.

See the security warning below regarding the host\nparameter usage.

Specify ways of the inspector web socket url exposure.

By default inspector websocket url is available in stderr and under /json/list\nendpoint on http://host:port/json/list.

Activate inspector on host:port and wait for debugger to be attached.\nDefault host:port is 127.0.0.1:9229. If port 0 is specified,\na random available port will be used.

See V8 Inspector integration for Node.js for further explanation on Node.js debugger.

See the security warning below regarding the host\nparameter usage.

Activate inspector on host:port. Default is 127.0.0.1:9229. If port 0 is\nspecified, a random available port will be used.

V8 inspector integration allows tools such as Chrome DevTools and IDEs to debug\nand profile Node.js instances. The tools attach to Node.js instances via a\ntcp port and communicate using the Chrome DevTools Protocol.\nSee V8 Inspector integration for Node.js for further explanation on Node.js debugger.

Binding the inspector to a public IP (including 0.0.0.0) with an open port is\ninsecure, as it allows external hosts to connect to the inspector and perform\na remote code execution attack.

If specifying a host, make sure that either:

\n
• The host is not accessible from public networks.
\n
• A firewall disallows unwanted connections on the port.
\n

More specifically, --inspect=0.0.0.0 is insecure if the port (9229 by\ndefault) is not firewall-protected.

See the debugging security implications section for more information.

Opens the REPL even if stdin does not appear to be a terminal.

Disable runtime allocation of executable memory. This may be\nrequired on some platforms for security reasons. It can also reduce attack\nsurface on other platforms, but the performance impact may be severe.

The file used to store localStorage data. If the file does not exist, it is\ncreated the first time localStorage is accessed. The same file may be shared\nbetween multiple Node.js processes concurrently.

Specify the maximum size, in bytes, of HTTP headers. Defaults to 16 KiB.

Sets the maximum memory size of V8's old memory section as a percentage of available system memory.\nThis flag takes precedence over --max-old-space-size when both are specified.

The percentage parameter must be a number greater than 0 and up to 100, representing the percentage\nof available system memory to allocate to the V8 heap.

Note: This flag utilizes --max-old-space-size, which may be unreliable on 32-bit platforms due to\ninteger overflow issues.

# Using 50% of available system memory\nnode --max-old-space-size-percentage=50 index.js\n\n# Using 75% of available system memory\nnode --max-old-space-size-percentage=75 index.js\n

This option is a no-op. It is kept for compatibility.

Sets the default value for the network family autoselection attempt timeout.\nFor more information, see net.getDefaultAutoSelectFamilyAttemptTimeout().

Disable the node-addons exports condition as well as disable loading\nnative addons. When --no-addons is specified, calling process.dlopen or\nrequiring a native C++ addon will fail and throw an exception.

Disables the use of AsyncLocalStorage backed by AsyncContextFrame and\nuses the prior implementation which relied on async_hooks. The previous model\nis retained for compatibility with Electron and for cases where the context\nflow may differ. However, if a difference in flow is found please report it.

Silence deprecation warnings.

Disable using syntax detection to determine module type.

Disable exposition of Navigator API on the global scope.

Use this flag to disable top-level await in REPL.

Legacy alias for --no-require-module.

Disable the experimental node:sqlite module.

Disable exposition of <WebSocket> on the global scope.

Disable Web Storage support.

Hide extra information on fatal exception that causes exit.

Disables runtime checks for async_hooks. These will still be enabled\ndynamically when async_hooks is enabled.

Do not search modules from global paths like $HOME/.node_modules and\n$NODE_PATH.

Disables the family autoselection algorithm unless connection options explicitly\nenables it.

Disable support for loading a synchronous ES module graph in require().

See Loading ECMAScript modules using require().

Disable type-stripping for TypeScript files.\nFor more information, see the TypeScript type-stripping documentation.

Silence all process warnings (including deprecations).

Enable extra debug checks for memory leaks in Node.js internals. This is\nusually only useful for developers debugging Node.js itself.

Load an OpenSSL configuration file on startup. Among other uses, this can be\nused to enable FIPS-compliant crypto if Node.js is built\nagainst FIPS-enabled OpenSSL.

Enable OpenSSL 3.0 legacy provider. For more information please see\nOSSL_PROVIDER-legacy.

Enable OpenSSL default configuration section, openssl_conf to be read from\nthe OpenSSL configuration file. The default configuration file is named\nopenssl.cnf but this can be changed using the environment variable\nOPENSSL_CONF, or by using the command line option --openssl-config.\nThe location of the default OpenSSL configuration file depends on how OpenSSL\nis being linked to Node.js. Sharing the OpenSSL configuration may have unwanted\nimplications and it is recommended to use a configuration section specific to\nNode.js which is nodejs_conf and is default when this option is not used.

Emit pending deprecation warnings.

Pending deprecations are generally identical to a runtime deprecation with the\nnotable exception that they are turned off by default and will not be emitted\nunless either the --pending-deprecation command-line flag, or the\nNODE_PENDING_DEPRECATION=1 environment variable, is set. Pending deprecations\nare used to provide a kind of selective \"early warning\" mechanism that\ndevelopers may leverage to detect deprecated API usage.

Enable the Permission Model for current process. When enabled, the\nfollowing permissions are restricted:

\n
• File System - manageable through\n--allow-fs-read, --allow-fs-write flags
\n
• Network - manageable through --allow-net flag
\n
• Child Process - manageable through --allow-child-process flag
\n
• Worker Threads - manageable through --allow-worker flag
\n
• WASI - manageable through --allow-wasi flag
\n
• Addons - manageable through --allow-addons flag
\n

Enable audit only for the permission model. When enabled, permission checks\nare performed but access is not denied. Instead, a warning is emitted for\neach permission violation via diagnostics channel.

Instructs the module loader to preserve symbolic links when resolving and\ncaching modules.

By default, when Node.js loads a module from a path that is symbolically linked\nto a different on-disk location, Node.js will dereference the link and use the\nactual on-disk \"real path\" of the module as both an identifier and as a root\npath to locate other dependency modules. In most cases, this default behavior\nis acceptable. However, when using symbolically linked peer dependencies, as\nillustrated in the example below, the default behavior causes an exception to\nbe thrown if moduleA attempts to require moduleB as a peer dependency:

{appDir}\n ├── app\n │   ├── index.js\n │   └── node_modules\n │       ├── moduleA -> {appDir}/moduleA\n │       └── moduleB\n │           ├── index.js\n │           └── package.json\n └── moduleA\n     ├── index.js\n     └── package.json\n

The --preserve-symlinks command-line flag instructs Node.js to use the\nsymlink path for modules as opposed to the real path, allowing symbolically\nlinked peer dependencies to be found.

Note, however, that using --preserve-symlinks can have other side effects.\nSpecifically, symbolically linked native modules can fail to load if those\nare linked from more than one location in the dependency tree (Node.js would\nsee those as two separate modules and would attempt to load the module multiple\ntimes, causing an exception to be thrown).

The --preserve-symlinks flag does not apply to the main module, which allows\nnode --preserve-symlinks node_module/.bin/<foo> to work. To apply the same\nbehavior for the main module, also use --preserve-symlinks-main.

Instructs the module loader to preserve symbolic links when resolving and\ncaching the main module (require.main).

This flag exists so that the main module can be opted-in to the same behavior\nthat --preserve-symlinks gives to all other imports; they are separate flags,\nhowever, for backward compatibility with older Node.js versions.

--preserve-symlinks-main does not imply --preserve-symlinks; use\n--preserve-symlinks-main in addition to\n--preserve-symlinks when it is not desirable to follow symlinks before\nresolving relative paths.

See --preserve-symlinks for more information.

Identical to -e but prints the result.

Generate V8 profiler output.

Process V8 profiler output generated using the V8 option --prof.

Write process warnings to the given file instead of printing to stderr. The\nfile will be created if it does not exist, and will be appended to if it does.\nIf an error occurs while attempting to write the warning to the file, the\nwarning will be written to stderr instead.

The file name may be an absolute path. If it is not, the default directory it\nwill be written to is controlled by the\n--diagnostic-dir command-line option.

Write reports in a compact format, single-line JSON, more easily consumable\nby log processing systems than the default multi-line format designed for\nhuman consumption.

Location at which the report will be generated.

When --report-exclude-env is passed the diagnostic report generated will not\ncontain the environmentVariables data.

Exclude header.networkInterfaces from the diagnostic report. By default\nthis is not set and the network interfaces are included.

Name of the file to which the report will be written.

If the filename is set to 'stdout' or 'stderr', the report is written to\nthe stdout or stderr of the process respectively.

Enables the report to be triggered on fatal errors (internal errors within\nthe Node.js runtime such as out of memory) that lead to termination of the\napplication. Useful to inspect various diagnostic data elements such as heap,\nstack, event loop state, resource consumption etc. to reason about the fatal\nerror.

Enables report to be generated upon receiving the specified (or predefined)\nsignal to the running Node.js process. The signal to trigger the report is\nspecified through --report-signal.

Sets or resets the signal for report generation (not supported on Windows).\nDefault signal is SIGUSR2.

Enables report to be generated when the process exits due to an uncaught\nexception. Useful when inspecting the JavaScript stack in conjunction with\nnative stack and other runtime environment data.

Preload the specified module at startup.

Follows require()'s module resolution\nrules. module may be either a path to a file, or a node module name.

Modules preloaded with --require will run before modules preloaded with --import.

Modules are preloaded into the main thread as well as any worker threads,\nforked processes, or clustered processes.

This runs a specified command from a package.json's \"scripts\" object.\nIf a missing \"command\" is provided, it will list the available scripts.

--run will traverse up to the root directory and finds a package.json\nfile to run the command from.

--run prepends ./node_modules/.bin for each ancestor of\nthe current directory, to the PATH in order to execute the binaries from\ndifferent folders where multiple node_modules directories are present, if\nancestor-folder/node_modules/.bin is a directory.

--run executes the command in the directory containing the related package.json.

For example, the following command will run the test script of\nthe package.json in the current folder:

$ node --run test\n

You can also pass arguments to the command. Any argument after -- will\nbe appended to the script:

$ node --run test -- --verbose\n

node --run is not meant to match the behaviors of npm run or of the run\ncommands of other package managers. The Node.js implementation is intentionally\nmore limited, in order to focus on top performance for the most common use\ncases.\nSome features of other run implementations that are intentionally excluded\nare:

\n
• Running pre or post scripts in addition to the specified script.
\n
• Defining package manager-specific environment variables.
\n

The following environment variables are set when running a script with --run:

\n
• NODE_RUN_SCRIPT_NAME: The name of the script being run. For example, if\n--run is used to run test, the value of this variable will be test.
\n
• NODE_RUN_PACKAGE_JSON_PATH: The path to the package.json that is being\nprocessed.
\n

When using --secure-heap, the --secure-heap-min flag specifies the\nminimum allocation from the secure heap. The minimum value is 2.\nThe maximum value is the lesser of --secure-heap or 2147483647.\nThe value given must be a power of two.

Initializes an OpenSSL secure heap of n bytes. When initialized, the\nsecure heap is used for selected types of allocations within OpenSSL\nduring key generation and other operations. This is useful, for instance,\nto prevent sensitive information from leaking due to pointer overruns\nor underruns.

The secure heap is a fixed size and cannot be resized at runtime so,\nif used, it is important to select a large enough heap to cover all\napplication uses.

The heap size given must be a power of two. Any value less than 2\nwill disable the secure heap.

The secure heap is disabled by default.

The secure heap is not available on Windows.

See CRYPTO_secure_malloc_init for more details.

When used with --build-snapshot, --snapshot-blob specifies the path\nwhere the generated snapshot blob is written to. If not specified, the\ngenerated blob is written to snapshot.blob in the current working directory.

When used without --build-snapshot, --snapshot-blob specifies the\npath to the blob that is used to restore the application state.

When loading a snapshot, Node.js checks that:

\n
1. The version, architecture, and platform of the running Node.js binary\nare exactly the same as that of the binary that generates the snapshot.
\n
2. The V8 flags and CPU features are compatible with that of the binary\nthat generates the snapshot.
\n

If they don't match, Node.js refuses to load the snapshot and exits with\nstatus code 1.

Starts the Node.js command line test runner. This flag cannot be combined with\n--watch-path, --check, --eval, --interactive, or the inspector.\nSee the documentation on running tests from the command line\nfor more details.

The maximum number of test files that the test runner CLI will execute\nconcurrently. If --test-isolation is set to 'none', this flag is ignored and\nconcurrency is one. Otherwise, concurrency defaults to\nos.availableParallelism() - 1.

Require a minimum percent of covered branches. If code coverage does not reach\nthe threshold specified, the process will exit with code 1.

Excludes specific files from code coverage using a glob pattern, which can match\nboth absolute and relative file paths.

This option may be specified multiple times to exclude multiple glob patterns.

If both --test-coverage-exclude and --test-coverage-include are provided,\nfiles must meet both criteria to be included in the coverage report.

By default all the matching test files are excluded from the coverage report.\nSpecifying this option will override the default behavior.

Require a minimum percent of covered functions. If code coverage does not reach\nthe threshold specified, the process will exit with code 1.

Includes specific files in code coverage using a glob pattern, which can match\nboth absolute and relative file paths.

This option may be specified multiple times to include multiple glob patterns.

If both --test-coverage-exclude and --test-coverage-include are provided,\nfiles must meet both criteria to be included in the coverage report.

Require a minimum percent of covered lines. If code coverage does not reach\nthe threshold specified, the process will exit with code 1.

Configures the test runner to exit the process once all known tests have\nfinished executing even if the event loop would otherwise remain active.

Specify a module that will be evaluated before all tests are executed and\ncan be used to setup global state or fixtures for tests.

See the documentation on global setup and teardown for more details.

Configures the type of test isolation used in the test runner. When mode is\n'process', each test file is run in a separate child process. When mode is\n'none', all test files run in the same process as the test runner. The default\nisolation mode is 'process'. This flag is ignored if the --test flag is not\npresent. See the test runner execution model section for more information.

A regular expression that configures the test runner to only execute tests\nwhose name matches the provided pattern. See the documentation on\nfiltering tests by name for more details.

If both --test-name-pattern and --test-skip-pattern are supplied,\ntests must satisfy both requirements in order to be executed.

Configures the test runner to only execute top level tests that have the only\noption set. This flag is not necessary when test isolation is disabled.

A test reporter to use when running tests. See the documentation on\ntest reporters for more details.

The destination for the corresponding test reporter. See the documentation on\ntest reporters for more details.

A path to a file allowing the test runner to persist the state of the test\nsuite between runs. The test runner will use this file to determine which tests\nhave already succeeded or failed, allowing for re-running of failed tests\nwithout having to re-run the entire test suite. The test runner will create this\nfile if it does not exist.\nSee the documentation on test reruns for more details.

Test suite shard to execute in a format of <index>/<total>, where

\n
• index is a positive integer, index of divided parts.
\n
• total is a positive integer, total of divided part.
\n

This command will divide all tests files into total equal parts,\nand will run only those that happen to be in an index part.

For example, to split your tests suite into three parts, use this:

node --test --test-shard=1/3\nnode --test --test-shard=2/3\nnode --test --test-shard=3/3\n

A regular expression that configures the test runner to skip tests\nwhose name matches the provided pattern. See the documentation on\nfiltering tests by name for more details.

If both --test-name-pattern and --test-skip-pattern are supplied,\ntests must satisfy both requirements in order to be executed.

A number of milliseconds the test execution will fail after. If unspecified,\nsubtests inherit this value from their parent. The default value is Infinity.

Regenerates the snapshot files used by the test runner for snapshot testing.

Throw errors for deprecations.

Set process.title on startup.

Specify an alternative default TLS cipher list. Requires Node.js to be built\nwith crypto support (default).

Log TLS key material to a file. The key material is in NSS SSLKEYLOGFILE\nformat and can be used by software (such as Wireshark) to decrypt the TLS\ntraffic.

Set tls.DEFAULT_MAX_VERSION to 'TLSv1.2'. Use to disable support for\nTLSv1.3.

Set default tls.DEFAULT_MAX_VERSION to 'TLSv1.3'. Use to enable support\nfor TLSv1.3.

Set default tls.DEFAULT_MIN_VERSION to 'TLSv1'. Use for compatibility with\nold TLS clients or servers.

Set default tls.DEFAULT_MIN_VERSION to 'TLSv1.1'. Use for compatibility\nwith old TLS clients or servers.

Set default tls.DEFAULT_MIN_VERSION to 'TLSv1.2'. This is the default for\n12.x and later, but the option is supported for compatibility with older Node.js\nversions.

Set default tls.DEFAULT_MIN_VERSION to 'TLSv1.3'. Use to disable support\nfor TLSv1.2, which is not as secure as TLSv1.3.

Print stack traces for deprecations.

Print information about any access to environment variables done in the current Node.js\ninstance to stderr, including:

\n
• The environment variable reads that Node.js does internally.
\n
• Writes in the form of process.env.KEY = \"SOME VALUE\".
\n
• Reads in the form of process.env.KEY.
\n
• Definitions in the form of Object.defineProperty(process.env, 'KEY', {...}).
\n
• Queries in the form of Object.hasOwn(process.env, 'KEY'),\nprocess.env.hasOwnProperty('KEY') or 'KEY' in process.env.
\n
• Deletions in the form of delete process.env.KEY.
\n
• Enumerations inf the form of ...process.env or Object.keys(process.env).
\n

Only the names of the environment variables being accessed are printed. The values are not printed.

To print the stack trace of the access, use --trace-env-js-stack and/or\n--trace-env-native-stack.

In addition to what --trace-env does, this prints the JavaScript stack trace of the access.

In addition to what --trace-env does, this prints the native stack trace of the access.

A comma separated list of categories that should be traced when trace event\ntracing is enabled using --trace-events-enabled.

Template string specifying the filepath for the trace event data, it\nsupports ${rotation} and ${pid}.

Enables the collection of trace event tracing information.

Prints a stack trace whenever an environment is exited proactively,\ni.e. invoking process.exit().

Prints information about usage of Loading ECMAScript modules using require().

When mode is all, all usage is printed. When mode is no-node-modules, usage\nfrom the node_modules folder is excluded.

Prints a stack trace on SIGINT.

Prints a stack trace whenever synchronous I/O is detected after the first turn\nof the event loop.

Prints TLS packet trace information to stderr. This can be used to debug TLS\nconnection problems.

Print stack traces for uncaught exceptions; usually, the stack trace associated\nwith the creation of an Error is printed, whereas this makes Node.js also\nprint the stack trace associated with throwing the value (which does not need\nto be an Error instance).

Enabling this option may affect garbage collection behavior negatively.

Print stack traces for process warnings (including deprecations).

Track heap object allocations for heap snapshots.

Using this flag allows to change what should happen when an unhandled rejection\noccurs. One of the following modes can be chosen:

\n
• throw: Emit unhandledRejection. If this hook is not set, raise the\nunhandled rejection as an uncaught exception. This is the default.
\n
• strict: Raise the unhandled rejection as an uncaught exception. If the\nexception is handled, unhandledRejection is emitted.
\n
• warn: Always trigger a warning, no matter if the unhandledRejection\nhook is set or not but do not print the deprecation warning.
\n
• warn-with-error-code: Emit unhandledRejection. If this hook is not\nset, trigger a warning, and set the process exit code to 1.
\n
• none: Silence all warnings.
\n

If a rejection happens during the command line entry point's ES module static\nloading phase, it will always raise it as an uncaught exception.

Use bundled Mozilla CA store as supplied by current Node.js version\nor use OpenSSL's default CA store. The default store is selectable\nat build-time.

The bundled CA store, as supplied by Node.js, is a snapshot of Mozilla CA store\nthat is fixed at release time. It is identical on all supported platforms.

Using OpenSSL store allows for external modifications of the store. For most\nLinux and BSD distributions, this store is maintained by the distribution\nmaintainers and system administrators. OpenSSL CA store location is dependent on\nconfiguration of the OpenSSL library but this can be altered at runtime using\nenvironment variables.

See SSL_CERT_DIR and SSL_CERT_FILE.

When enabled, Node.js parses the HTTP_PROXY, HTTPS_PROXY and NO_PROXY\nenvironment variables during startup, and tunnels requests over the\nspecified proxy.

This is equivalent to setting the NODE_USE_ENV_PROXY=1 environment variable.\nWhen both are set, --use-env-proxy takes precedence.

Re-map the Node.js static code to large memory pages at startup. If supported on\nthe target system, this will cause the Node.js static code to be moved onto 2\nMiB pages instead of 4 KiB pages.

The following values are valid for mode:

\n
• off: No mapping will be attempted. This is the default.
\n
• on: If supported by the OS, mapping will be attempted. Failure to map will\nbe ignored and a message will be printed to standard error.
\n
• silent: If supported by the OS, mapping will be attempted. Failure to map\nwill be ignored and will not be reported.
\n

Node.js uses the trusted CA certificates present in the system store along with\nthe --use-bundled-ca option and the NODE_EXTRA_CA_CERTS environment variable.\nOn platforms other than Windows and macOS, this loads certificates from the directory\nand file trusted by OpenSSL, similar to --use-openssl-ca, with the difference being\nthat it caches the certificates after first load.

On Windows and macOS, the certificate trust policy is similar to\nChromium's policy for locally trusted certificates, but with some differences:

On macOS, the following settings are respected:

\n
• Default and System Keychains\n
  \n
  • Trust:\n
    \n
    • Any certificate where the “When using this certificate” flag is set to “Always Trust” or
    \n
    • Any certificate where the “Secure Sockets Layer (SSL)” flag is set to “Always Trust”.
    \n
    \n
  \n
  • The certificate must also be valid, with \"X.509 Basic Policy\" set to “Always Trust”.
  \n
  \n
\n

On Windows, the following settings are respected:

\n
• Local Machine (accessed via certlm.msc)\n
  \n
  • Trust:\n
    \n
    • Trusted Root Certification Authorities
    \n
    • Trusted People
    \n
    • Enterprise Trust -> Enterprise -> Trusted Root Certification Authorities
    \n
    • Enterprise Trust -> Enterprise -> Trusted People
    \n
    • Enterprise Trust -> Group Policy -> Trusted Root Certification Authorities
    \n
    • Enterprise Trust -> Group Policy -> Trusted People
    \n
    \n
  \n
  \n
\n
• Current User (accessed via certmgr.msc)\n
  \n
  • Trust:\n
    \n
    • Trusted Root Certification Authorities
    \n
    • Enterprise Trust -> Group Policy -> Trusted Root Certification Authorities
    \n
    \n
  \n
  \n
\n

On Windows and macOS, Node.js would check that the user settings for the trusted\ncertificates do not forbid them for TLS server authentication before using them.

Node.js currently does not support distrust/revocation of certificates\nfrom another source based on system settings.

On other systems, Node.js loads certificates from the default certificate file\n(typically /etc/ssl/cert.pem) and default certificate directory (typically\n/etc/ssl/certs) that the version of OpenSSL that Node.js links to respects.\nThis typically works with the convention on major Linux distributions and other\nUnix-like systems. If the overriding OpenSSL environment variables\n(typically SSL_CERT_FILE and SSL_CERT_DIR, depending on the configuration\nof the OpenSSL that Node.js links to) are set, the specified paths will be used to load\ncertificates instead. These environment variables can be used as workarounds\nif the conventional paths used by the version of OpenSSL Node.js links to are\nnot consistent with the system configuration that the users have for some reason.

Print V8 command-line options.

Set V8's thread pool size which will be used to allocate background jobs.

If set to 0 then Node.js will choose an appropriate size of the thread pool\nbased on an estimate of the amount of parallelism.

The amount of parallelism refers to the number of computations that can be\ncarried out simultaneously in a given machine. In general, it's the same as the\namount of CPUs, but it may diverge in environments such as VMs or containers.

Print node's version.

Starts Node.js in watch mode.\nWhen in watch mode, changes in the watched files cause the Node.js process to\nrestart.\nBy default, watch mode will watch the entry point\nand any required or imported module.\nUse --watch-path to specify what paths to watch.

This flag cannot be combined with\n--check, --eval, --interactive, or the REPL.

Note: The --watch flag requires a file path as an argument and is incompatible\nwith --run or inline script input, as --run takes precedence and ignores watch\nmode. If no file is provided, Node.js will exit with status code 9.

node --watch index.js\n

Customizes the signal sent to the process on watch mode restarts.

node --watch --watch-kill-signal SIGINT test.js\n

Starts Node.js in watch mode and specifies what paths to watch.\nWhen in watch mode, changes in the watched paths cause the Node.js process to\nrestart.\nThis will turn off watching of required or imported modules, even when used in\ncombination with --watch.

This flag cannot be combined with\n--check, --eval, --interactive, --test, or the REPL.

Note: Using --watch-path implicitly enables --watch, which requires a file path\nand is incompatible with --run, as --run takes precedence and ignores watch mode.

node --watch-path=./src --watch-path=./tests index.js\n

This option is only supported on macOS and Windows.\nAn ERR_FEATURE_UNAVAILABLE_ON_PLATFORM exception will be thrown\nwhen the option is used on a platform that does not support it.

Disable the clearing of the console when watch mode restarts the process.

node --watch --watch-preserve-output test.js\n

Automatically zero-fills all newly allocated Buffer instances.

The FORCE_COLOR environment variable is used to\nenable ANSI colorized output. The value may be:

\n
• 1, true, or the empty string '' indicate 16-color support,
\n
• 2 to indicate 256-color support, or
\n
• 3 to indicate 16 million-color support.
\n

When FORCE_COLOR is used and set to a supported value, both the NO_COLOR,\nand NODE_DISABLE_COLORS environment variables are ignored.

Any other value will result in colorized output being disabled.

Enable the module compile cache for the Node.js instance. See the documentation of\nmodule compile cache for details.

When set to 1, the module compile cache can be reused across different directory\nlocations as long as the module layout relative to the cache directory remains the same.

','-separated list of core modules that should print debug information.

','-separated list of core C++ modules that should print debug information.

When set, colors will not be used in the REPL.

Disable the module compile cache for the Node.js instance. See the documentation of\nmodule compile cache for details.

When set, the well known \"root\" CAs (like VeriSign) will be extended with the\nextra certificates in file. The file should consist of one or more trusted\ncertificates in PEM format. A message will be emitted (once) with\nprocess.emitWarning() if the file is missing or\nmalformed, but any errors are otherwise ignored.

Neither the well known nor extra certificates are used when the ca\noptions property is explicitly specified for a TLS or HTTPS client or server.

This environment variable is ignored when node runs as setuid root or\nhas Linux file capabilities set.

The NODE_EXTRA_CA_CERTS environment variable is only read when the Node.js\nprocess is first launched. Changing the value at runtime using\nprocess.env.NODE_EXTRA_CA_CERTS has no effect on the current process.

Data path for ICU (Intl object) data. Will extend linked-in data when compiled\nwith small-icu support.

When set to 1, process warnings are silenced.

A space-separated list of command-line options. options... are interpreted\nbefore command-line options, so command-line options will override or\ncompound after anything in options.... Node.js will exit with an error if\nan option that is not allowed in the environment is used, such as -p or a\nscript file.

If an option value contains a space, it can be escaped using double quotes:

NODE_OPTIONS='--require \"./my path/file.js\"'\n

A singleton flag passed as a command-line option will override the same flag\npassed into NODE_OPTIONS:

# The inspector will be available on port 5555\nNODE_OPTIONS='--inspect=localhost:4444' node --inspect=localhost:5555\n

A flag that can be passed multiple times will be treated as if its\nNODE_OPTIONS instances were passed first, and then its command-line\ninstances afterwards:

NODE_OPTIONS='--require \"./a.js\"' node --require \"./b.js\"\n# is equivalent to:\nnode --require \"./a.js\" --require \"./b.js\"\n

Node.js options that are allowed are in the following list. If an option\nsupports both --XX and --no-XX variants, they are both supported but only\none is included in the list below.

\n
• --allow-addons
\n
• --allow-child-process
\n
• --allow-fs-read
\n
• --allow-fs-write
\n
• --allow-inspector
\n
• --allow-net
\n
• --allow-wasi
\n
• --allow-worker
\n
• --conditions, -C
\n
• --cpu-prof-dir
\n
• --cpu-prof-interval
\n
• --cpu-prof-name
\n
• --cpu-prof
\n
• --diagnostic-dir
\n
• --disable-proto
\n
• --disable-sigusr1
\n
• --disable-warning
\n
• --disable-wasm-trap-handler
\n
• --dns-result-order
\n
• --enable-fips
\n
• --enable-network-family-autoselection
\n
• --enable-source-maps
\n
• --entry-url
\n
• --experimental-abortcontroller
\n
• --experimental-addon-modules
\n
• --experimental-detect-module
\n
• --experimental-eventsource
\n
• --experimental-import-meta-resolve
\n
• --experimental-json-modules
\n
• --experimental-loader
\n
• --experimental-modules
\n
• --experimental-print-required-tla
\n
• --experimental-quic
\n
• --experimental-require-module
\n
• --experimental-shadow-realm
\n
• --experimental-specifier-resolution
\n
• --experimental-test-isolation
\n
• --experimental-top-level-await
\n
• --experimental-transform-types
\n
• --experimental-vm-modules
\n
• --experimental-wasi-unstable-preview1
\n
• --force-context-aware
\n
• --force-fips
\n
• --force-node-api-uncaught-exceptions-policy
\n
• --frozen-intrinsics
\n
• --heap-prof-dir
\n
• --heap-prof-interval
\n
• --heap-prof-name
\n
• --heap-prof
\n
• --heapsnapshot-near-heap-limit
\n
• --heapsnapshot-signal
\n
• --http-parser
\n
• --icu-data-dir
\n
• --import
\n
• --input-type
\n
• --insecure-http-parser
\n
• --inspect-brk
\n
• --inspect-port, --debug-port
\n
• --inspect-publish-uid
\n
• --inspect-wait
\n
• --inspect
\n
• --localstorage-file
\n
• --max-http-header-size
\n
• --max-old-space-size-percentage
\n
• --napi-modules
\n
• --network-family-autoselection-attempt-timeout
\n
• --no-addons
\n
• --no-async-context-frame
\n
• --no-deprecation
\n
• --no-experimental-global-navigator
\n
• --no-experimental-repl-await
\n
• --no-experimental-sqlite
\n
• --no-experimental-strip-types
\n
• --no-experimental-websocket
\n
• --no-experimental-webstorage
\n
• --no-extra-info-on-fatal-exception
\n
• --no-force-async-hooks-checks
\n
• --no-global-search-paths
\n
• --no-network-family-autoselection
\n
• --no-strip-types
\n
• --no-warnings
\n
• --no-webstorage
\n
• --node-memory-debug
\n
• --openssl-config
\n
• --openssl-legacy-provider
\n
• --openssl-shared-config
\n
• --pending-deprecation
\n
• --permission-audit
\n
• --permission
\n
• --preserve-symlinks-main
\n
• --preserve-symlinks
\n
• --prof-process
\n
• --redirect-warnings
\n
• --report-compact
\n
• --report-dir, --report-directory
\n
• --report-exclude-env
\n
• --report-exclude-network
\n
• --report-filename
\n
• --report-on-fatalerror
\n
• --report-on-signal
\n
• --report-signal
\n
• --report-uncaught-exception
\n
• --require-module
\n
• --require, -r
\n
• --secure-heap-min
\n
• --secure-heap
\n
• --snapshot-blob
\n
• --test-coverage-branches
\n
• --test-coverage-exclude
\n
• --test-coverage-functions
\n
• --test-coverage-include
\n
• --test-coverage-lines
\n
• --test-global-setup
\n
• --test-isolation
\n
• --test-name-pattern
\n
• --test-only
\n
• --test-reporter-destination
\n
• --test-reporter
\n
• --test-rerun-failures
\n
• --test-shard
\n
• --test-skip-pattern
\n
• --throw-deprecation
\n
• --title
\n
• --tls-cipher-list
\n
• --tls-keylog
\n
• --tls-max-v1.2
\n
• --tls-max-v1.3
\n
• --tls-min-v1.0
\n
• --tls-min-v1.1
\n
• --tls-min-v1.2
\n
• --tls-min-v1.3
\n
• --trace-deprecation
\n
• --trace-env-js-stack
\n
• --trace-env-native-stack
\n
• --trace-env
\n
• --trace-event-categories
\n
• --trace-event-file-pattern
\n
• --trace-events-enabled
\n
• --trace-exit
\n
• --trace-require-module
\n
• --trace-sigint
\n
• --trace-sync-io
\n
• --trace-tls
\n
• --trace-uncaught
\n
• --trace-warnings
\n
• --track-heap-objects
\n
• --unhandled-rejections
\n
• --use-bundled-ca
\n
• --use-env-proxy
\n
• --use-largepages
\n
• --use-openssl-ca
\n
• --use-system-ca
\n
• --v8-pool-size
\n
• --watch-kill-signal
\n
• --watch-path
\n
• --watch-preserve-output
\n
• --watch
\n
• --zero-fill-buffers
\n

V8 options that are allowed are:

\n
• --abort-on-uncaught-exception
\n
• --disallow-code-generation-from-strings
\n
• --enable-etw-stack-walking
\n
• --expose-gc
\n
• --interpreted-frames-native-stack
\n
• --jitless
\n
• --max-old-space-size
\n
• --max-semi-space-size
\n
• --perf-basic-prof-only-functions
\n
• --perf-basic-prof
\n
• --perf-prof-unwinding-info
\n
• --perf-prof
\n
• --stack-trace-limit
\n

--perf-basic-prof-only-functions, --perf-basic-prof,\n--perf-prof-unwinding-info, and --perf-prof are only available on Linux.

--enable-etw-stack-walking is only available on Windows.

':'-separated list of directories prefixed to the module search path.

On Windows, this is a ';'-separated list instead.

When set to 1, emit pending deprecation warnings.

Pending deprecations are generally identical to a runtime deprecation with the\nnotable exception that they are turned off by default and will not be emitted\nunless either the --pending-deprecation command-line flag, or the\nNODE_PENDING_DEPRECATION=1 environment variable, is set. Pending deprecations\nare used to provide a kind of selective \"early warning\" mechanism that\ndevelopers may leverage to detect deprecated API usage.

Set the number of pending pipe instance handles when the pipe server is waiting\nfor connections. This setting applies to Windows only.

When set to 1, instructs the module loader to preserve symbolic links when\nresolving and caching modules.

When set, process warnings will be emitted to the given file instead of\nprinting to stderr. The file will be created if it does not exist, and will be\nappended to if it does. If an error occurs while attempting to write the\nwarning to the file, the warning will be written to stderr instead. This is\nequivalent to using the --redirect-warnings=file command-line flag.

Path to a Node.js module which will be loaded in place of the built-in REPL.\nOverriding this value to an empty string ('') will use the built-in REPL.

Path to the file used to store the persistent REPL history. The default path is\n~/.node_repl_history, which is overridden by this variable. Setting the value\nto an empty string ('' or ' ') disables persistent REPL history.

If value equals '1', the check for a supported platform is skipped during\nNode.js startup. Node.js might not execute correctly. Any issues encountered\non unsupported platforms will not be fixed.

If value equals 'child', test reporter options will be overridden and test\noutput will be sent to stdout in the TAP format. If any other value is provided,\nNode.js makes no guarantees about the reporter format used or its stability.

If value equals '0', certificate validation is disabled for TLS connections.\nThis makes TLS, and HTTPS by extension, insecure. The use of this environment\nvariable is strongly discouraged.

When enabled, Node.js parses the HTTP_PROXY, HTTPS_PROXY and NO_PROXY\nenvironment variables during startup, and tunnels requests over the\nspecified proxy.

This can also be enabled using the --use-env-proxy command-line flag.\nWhen both are set, --use-env-proxy takes precedence.

Node.js uses the trusted CA certificates present in the system store along with\nthe --use-bundled-ca option and the NODE_EXTRA_CA_CERTS environment variable.

This can also be enabled using the --use-system-ca command-line flag.\nWhen both are set, --use-system-ca takes precedence.

When set, Node.js will begin outputting V8 JavaScript code coverage and\nSource Map data to the directory provided as an argument (coverage\ninformation is written as JSON to files with a coverage prefix).

NODE_V8_COVERAGE will automatically propagate to subprocesses, making it\neasier to instrument applications that call the child_process.spawn() family\nof functions. NODE_V8_COVERAGE can be set to an empty string, to prevent\npropagation.

Coverage is output as an array of ScriptCoverage objects on the top-level\nkey result:

{\n  \"result\": [\n    {\n      \"scriptId\": \"67\",\n      \"url\": \"internal/tty.js\",\n      \"functions\": []\n    }\n  ]\n}\n

If found, source map data is appended to the top-level key source-map-cache\non the JSON coverage object.

source-map-cache is an object with keys representing the files source maps\nwere extracted from, and values which include the raw source-map URL\n(in the key url), the parsed Source Map v3 information (in the key data),\nand the line lengths of the source file (in the key lineLengths).

{\n  \"result\": [\n    {\n      \"scriptId\": \"68\",\n      \"url\": \"file:///absolute/path/to/source.js\",\n      \"functions\": []\n    }\n  ],\n  \"source-map-cache\": {\n    \"file:///absolute/path/to/source.js\": {\n      \"url\": \"./path-to-map.json\",\n      \"data\": {\n        \"version\": 3,\n        \"sources\": [\n          \"file:///absolute/path/to/original.js\"\n        ],\n        \"names\": [\n          \"Foo\",\n          \"console\",\n          \"info\"\n        ],\n        \"mappings\": \"MAAMA,IACJC,YAAaC\",\n        \"sourceRoot\": \"./\"\n      },\n      \"lineLengths\": [\n        13,\n        62,\n        38,\n        27\n      ]\n    }\n  }\n}\n

$ TZ=Europe/Dublin node -pe \"new Date().toString()\"\nWed May 12 2021 20:30:48 GMT+0100 (Irish Standard Time)\n

node --max-old-space-size=1536 index.js\n

for MiB in 16 32 64 128; do\n    node --max-semi-space-size=$MiB index.js\ndone\n

node --stack-trace-limit=12 -p -e \"Error.stackTraceLimit\" # prints 12\n