QuantumScan
servo/servo
Servo repository contains one critical finding: SHA-1 usage in network event devtools code. The finding is located in developer tooling infrastructure rather than core security or cryptographic operations. While SHA-1 is cryptographically broken, the context appears to be for network event tracking/debugging rather than security-critical authentication or integrity verification.
| File | Algorithm | Severity | |
|---|---|---|---|
| components/devtools/actors/network_event.rs:246 | SHA-1 | criticalBusiness impact 25 |
Anyone with this link can view the risk score and top findings — no sign-in required. Source code stays private.
https://quantumscan.io/en/share/9ff502df-95ed-45dc-ae53-eaee29ccef26Show your project's post-quantum readiness in the README. The badge updates automatically after every new scan.
[](https://github.com/servo/servo)<a href="https://github.com/servo/servo"><img src="https://quantumscan.io/api/badge/servo/servo.svg" alt="Post-Quantum Readiness" /></a>Add badge to your README
Show your quantum-safety score directly on GitHub.
[](https://quantumscan.io/en/scan/9ff502df-95ed-45dc-ae53-eaee29ccef26)Save your results & track future changes
Create a free account to get drift alerts, compliance PDF exports, and scan history.
- Weekly drift alerts when new vulnerabilities appear
- Track risk score over time across all your repos
- Export DORA / NIS2 compliance PDF for auditors
Free forever for design partners · No credit card