Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
sigimera
Artifacts are distributable versions of a package. It typically includes the source code and metadata
Advanced tools
sigimera
Sigimera Client
The following ruby gem encapsulates access to the Sigimera REST API under http://api.sigimera.org. It includes the needed SSL certificate for the HTTPS connections and a detailed documentation. This library will be developed in parallel to the API.
Installation
Add this line to your application's Gemfile:
gem 'sigimera'
And then execute:
$ bundle
Or install it yourself as:
$ gem install sigimera
Usage
This examples are only a short outline how to use the library. For more information read the documentation, checkout the rspecs or look into the source code. To use the library include or execute the following lines:
irb
>> require "sigimera"
>> puts Sigimera::Client.get_api_version
>> puts Sigimera::Client.get_public_crises
>> puts Sigimera::Client.get_public_rss_feed
>> puts Sigimera::Client.get_auth_token("johndoe@example.org", "verySecretPassword")
# see http://api.sigimera.org/dashboard
>> client = Sigimera::Client.new("YourSecretToken")
or
# The username and password are NOT stored, but only used to fetch an
# authentication token
>> client = Sigimera::Client.new(username = "johndoe@example.org", password = "verySecretPassword")
>> puts client.get_latest_crises
>> puts client.get_latest_crises({ :type => "earthquakes" })
>> puts client.get_crises_stat
>> puts client.get_user_stat
Start RSpec Tests
In order to test this library with the help of rspec you have get first an authentication token under the Developer Dashboard
export AUTH_TOKEN=YourSecretToken
rake spec
API Documentation
This library simplifies the Sigimera REST API. If you want learn more about this API you can use the following links:
- Quickstart
- FAQ
- Developer Dashboard: You must be logged in.
License
(c) 2012 by Sigimera, published under MIT license.
Warranty
This software is provided "as is" and without any express or implied warranties, including, without limitation, the implied warranties of merchantibility and fitness for a particular purpose.
FAQs
Unknown package
We found that sigimera demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 02 Dec 2013
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025