
Security News
Nx npm Packages Compromised in Supply Chain Attack Weaponizing AI CLI Tools
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.
This is a Rubygem which acts as a wrapper for the Transport for Greater Manchester REST API. This provides the most accurate car parks, bus and metrolink information available to freely consume through the opendata.tfgm.com REST API.
We built this to use internally in our project, EventRoute, for the Innovation Challenge in Manchester (which won Best Under 21). The TFGM REST API is new and unstable as of March 2013 so we would avoid using it in production.
Sign up for an API Key — It's easy to sign up at developer.tfgm.com and you'll need a developer & application key. An example of what both the keys should like are: a1b23cd4-ef67-890g-h123-4567i8jk9lmn
and they must be 36 characters in length.
Install the gem
gem install tfgm
require 'tfgm'
instance = TFGM::API.new("Developer Key", "Application Key")
instance.stops_on_route('X50')
Hash.new
in Ruby. Use .inspect
to extract data you need.There's very limited data available, but we've outlined what's currently available below. Parameters denoted with *
are mandatory.
# Parameters:
# (int) *page = default: 0
# (int) *per_page = default: 10
instance.carparks(0, 5)
# Parameters:
# (int) *id
instance.carpark(21915)
# Parameters:
# None
instance.routes
# Parameters
# (string) *bus_code
instance.route('X50')
# Parameters:
# (string) *bus_code
if instance.is_route('X50') then
# Route exists, yay!
end
# Parameters
# (string) *bus_code
instance.stops_on_route('X50')
# Parameters:
# (double) *latitude
# (double) *longitude
instance.bus_stops_near(52.91391221, -3.39414441)
# Parameters:
# (string) *atco_code
instance.bus_stop('1800SB04781')
# Parameters:
# (string) *atco_code
instance.buses_on_stop('1800SB04781')
# Parameters:
# None
instance.journey_times
# Parameters:
# (string) *journey_id
instance.journey_times('A56-Dunham_proxy')
We all know the REST API for TFGM is really buggy, but it's a great start. I'm glad that it's available and can foster innovation in the city, so if you're interested in developing it with me, just play about with it.
Let me know via @bilawalhameed on Twitter if you're interested before sending a pull request.
FAQs
Unknown package
We found that tfgm demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.
Security News
CISA’s 2025 draft SBOM guidance adds new fields like hashes, licenses, and tool metadata to make software inventories more actionable.
Security News
A clarification on our recent research investigating 60 malicious Ruby gems.