Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
statsman
Artifacts are distributable versions of a package. It typically includes the source code and metadata
Advanced tools
statsman
A terminal-based system monitoring tool with manual UI rendering, full-screen support, and dynamic layout management
- Version
- 0.1.2
- Maintainers
- 1
StatsMan is a terminal-based system monitoring tool that provides real-time system information using ASCII visualizations.
Installation
Using pipx
pipx install statsman
Using pip
pip install statsman
Usage
Run the tool:
statsman
Options
statsman --help # Show help
statsman --refresh-rate 1.0 # Set refresh rate to 1 second
statsman --no-color # Disable color output
statsman --config ~/.statsman.yaml # Use a custom configuration file
Keyboard Controls
qorCtrl+C: Quitp: Pause or resume updatesc: Sort processes by CPU usagem: Sort processes by memory usager: Reset sorting↑/↓: Navigate the process listEnter: Terminate the selected process
Requirements
- Python 3.8 or higher
- Currently statsman is built only for Linux, Windows support may be added in the future
Development
git clone https://github.com/ExilProductions/statsman.git
cd statsman
pip install -e ".[dev]"
python -m statsman
Build wheel
To build a wheel distribution locally from the project root (where pyproject.toml lives):
# Install the build backend
python -m pip install build
# Build only the wheel
python -m build --wheel
The wheel file will be created in the dist/ directory and can then be installed with:
pip install dist/statsman-<version>-py3-none-any.whl
License
Released under the MIT License. See the LICENSE file for details.
FAQs
A terminal-based system monitoring tool with manual UI rendering, full-screen support, and dynamic layout management
We found that statsman demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025