Security News
The Nightmare Before Deployment
Season’s greetings from Socket, and here’s to a calm end of year: clean dependencies, boring pipelines, no surprises.
By Ahmad Nassri - Dec 16, 2025
hyper-purescript
Advanced tools
PureScript npm package
PureScript binary wrapper that makes it seamlessly available via npm
Prerequisites
This package makes maximum use of postinstall script, so please make sure that ignore-scripts npm-config is not enabled before installation.
$ npm config get ignore-scripts
false
Installation
npm install purescript
Once the command above is executed,
1. First, it checks if a PureScript binary has been already cached, and restores that if available.
2. The second plan: if no cache is available, it downloads a prebuilt binary from the PureScript release page.
3. The last resort: if no prebuilt binary is provided for your platform or the downloaded binary doesn't work correctly, it downloads the PureScript source code and compile it with Stack.
API
require('purescript')
Type: string
An absolute path to the installed PureScript binary, which can be used with child_process functions.
const {execFile} = require('child_process');
const purs = require('purescript'); //=> '/Users/you/example/node_modules/purescript/purs.bin'
execFile(purs, ['compile', 'input.purs', '--output', 'output.purs'], () => {
console.log('Compiled.');
});
CLI
You can use it via CLI by installing it globally.
npm install --global purescript
purs --help
License
ISC License © 2017 - 2019 Watanabe Shinnosuke
FAQs
PureScript wrapper that makes it available as a local dependency
The npm package hyper-purescript receives a total of 274 weekly downloads. As such, hyper-purescript popularity was classified as not popular.
We found that hyper-purescript demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Package last updated on 03 Mar 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Malicious NuGet Package Typosquats Popular .NET Tracing Library to Steal Wallet Passwords
Impostor NuGet package Tracer.Fody.NLog typosquats Tracer.Fody and its author, using homoglyph tricks, and exfiltrates Stratis wallet JSON/passwords to a Russian IP address.
By Kirill Boychenko - Dec 15, 2025
Security News
Deno 2.6 + Socket: Supply Chain Defense In Your CLI
Deno 2.6 introduces deno audit with a new --socket flag that plugs directly into Socket to bring supply chain security checks into the Deno CLI.
By Sarah Gooding - Dec 12, 2025