Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Python client for fetching estimated departures from stop places in Norway from entur.org
API. Information about stop places, platforms and real-time departures.
import aiohttp
import asyncio
from enturclient import EnturPublicTransportData
API_CLIENT_ID = 'awesome_company - my_application'
async def print_bergen_train_delay():
async with aiohttp.ClientSession() as client:
stops = ['NSR:StopPlace:548']
quays = ['NSR:Quay:48550']
data = EnturPublicTransportData(
client_name=API_CLIENT_ID, # Required
stops=stops,
quays=quays,
omit_non_boarding=True,
number_of_departures=5,
web_session=client) # recommended argument
await data.update()
bergen_train = data.get_stop_info('NSR:StopPlace:548')
bergen_train_delay = bergen_train.estimated_calls[0].delay_in_min
print(bergen_train_delay)
asyncio.run(print_bergen_train_delay())
Entur's travel planer has a map of all stops used in Norway. Use the map to find the stops you're interested in. When you have found one of your stops, click on it, and hit "Se alle avganger".
Now the web browser should contain an URL with the id in it. Such as this:
https://en-tur.no/nearby-stop-place-detail?id=NSR:StopPlace:32376
The stop id is the content after id=
parameter in the url. Copy paste this into the configuration.
It's also possible to use the National Stop Register (NSR). Find your stop in the map, click on it and then again at the name. You have to zoom quite a bit in before the stops shows in the map. Information about the stop place, including the stop and quay ids will pop up on the side.
FAQs
An API client for public transport data from Entur.
We found that enturclient demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.