Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
jmenu
Artifacts are distributable versions of a package. It typically includes the source code and metadata
Advanced tools
- Version
- 1.10.1
- Maintainers
- 1
jmenu
Command line tool for fetching University of Oulu restaurant menus from the Jamix API.
Doubles as a general library for fetching menu info from Jamix.
Installing
Python Package Index
jmenu is available for install on the python package index.
pip install jmenu
Building from source
For testing purposes, the package can be built from the repository source code.
pip install build
python3 -m build
pip install dist/<package_name>.whl
Usage
Command line tool
jmenu can be invoked from the command line as is:
jmenu [-h] [-v] [-e] [-t] [-l {fi,en}] [-a markers [G, VEG ...]]
All flags and parameters described below
| Argument | Example | Description |
|---|---|---|
| -a, --allergens | g veg | Highlights appropriately marked results |
| Flag | Description |
|---|---|
| -h, --help | Display usage information |
| -v, --version | Display version information |
| -e, --explain | Display allergen marker information |
| -t, --tomorrow | Fetch menu results for tomorrow |
| -l, --language | Result language, opts: {fi, en} |
Python library
jmenu can also be imported as a library:
from jmenu import main
main.run()
Documentation for the library can be found in the project pages.
Contributing
Pull requests are welcome. We use pre-commit hooks and GitHub actions to ensure code quality.
Development environment setup
Requirements
- Python 3.10+
- Virtualenv
Setup the development environment with
python3 -m virtualenv env
source env/bin/activate
pip install -r requirements.txt
Testing
Run the tool
python3 -m src.jmenu.main
Execute unit tests
pytest
Documentation
Documentation for the project is available in the project pages.
Build documentation from source
The documentation for the modules is built with Mkdocs. and the mkdocstrings extension, using google style docstrings.
You can build it from source by installing mkdocs
pip install mkdocs mkdocs-material
mkdocs serve
and navigating to localhost:8000 in your browser.
FAQs
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025