Skip to content

QuantumScan

NixOS/nixpkgs

NixOS/nixpkgs
12
risk score
16 findings · 200 files scanned

The repository contains 16 critical findings related to MD5 usage, all concentrated in a single LibreOffice package management script. These findings represent checksum verification for upstream dependencies rather than cryptographic security primitives. The risk to quantum resistance is minimal as this is build-time infrastructure code, not runtime cryptography.

Recent findingsView all findings →
FileAlgorithmSeverity
pkgs/applications/office/libreoffice/generate-libreoffice-srcs.py:123MD5criticalBusiness impact 70
pkgs/applications/office/libreoffice/generate-libreoffice-srcs.py:142MD5criticalBusiness impact 70
pkgs/applications/office/libreoffice/generate-libreoffice-srcs.py:285MD5criticalBusiness impact 70
pkgs/applications/office/libreoffice/generate-libreoffice-srcs.py:287MD5criticalBusiness impact 70
pkgs/applications/office/libreoffice/generate-libreoffice-srcs.py:288MD5criticalBusiness impact 70
pkgs/build-support/node/prefetch-npm-deps/src/cacache.rs:4SHA-1criticalBusiness impact 70
pkgs/build-support/node/prefetch-npm-deps/src/cacache.rs:145SHA-1criticalBusiness impact 70
pkgs/build-support/node/prefetch-npm-deps/src/parse/lock.rs:199SHA-1criticalBusiness impact 70
pkgs/by-name/mi/minecraft-server/update.py:17SHA-1criticalBusiness impact 70
pkgs/by-name/mi/minecraft-server/update.py:130SHA-1criticalBusiness impact 70
Exposure by language
Python13 · 81%
Rust3 · 19%
Compliance mapping
DORA
OK
NIS2
OK
NIST PQC
OK
Exports for compliance
Share read-only link

Anyone with this link can view the risk score and top findings — no sign-in required. Source code stays private.

https://quantumscan.io/en/share/a9aaa162-e223-4a76-b532-b416bdc8ec22
Add a badge to your README

Show your project's post-quantum readiness in the README. The badge updates automatically after every new scan.

Preview

Post-Quantum Readiness
Markdown
[![Post-Quantum Readiness](https://quantumscan.io/api/badge/NixOS/nixpkgs.svg)](https://github.com/NixOS/nixpkgs)
HTML
<a href="https://github.com/NixOS/nixpkgs"><img src="https://quantumscan.io/api/badge/NixOS/nixpkgs.svg" alt="Post-Quantum Readiness" /></a>

Add badge to your README

Show your quantum-safety score directly on GitHub.

QuantumScan badge preview
[![QuantumScan](https://quantumscan.io/api/badge/NixOS/nixpkgs.svg)](https://quantumscan.io/en/scan/a9aaa162-e223-4a76-b532-b416bdc8ec22)

Save your results & track future changes

Create a free account to get drift alerts, compliance PDF exports, and scan history.

  • Weekly drift alerts when new vulnerabilities appear
  • Track risk score over time across all your repos
  • Export DORA / NIS2 compliance PDF for auditors

Free forever for design partners · No credit card