QuantumScan
NixOS/nixpkgs
The repository contains 16 critical findings related to MD5 usage, all concentrated in a single LibreOffice package management script. These findings represent checksum verification for upstream dependencies rather than cryptographic security primitives. The risk to quantum resistance is minimal as this is build-time infrastructure code, not runtime cryptography.
| File | Algorithm | Severity | |
|---|---|---|---|
| pkgs/applications/office/libreoffice/generate-libreoffice-srcs.py:123 | MD5 | criticalBusiness impact 70 | |
| pkgs/applications/office/libreoffice/generate-libreoffice-srcs.py:142 | MD5 | criticalBusiness impact 70 | |
| pkgs/applications/office/libreoffice/generate-libreoffice-srcs.py:285 | MD5 | criticalBusiness impact 70 | |
| pkgs/applications/office/libreoffice/generate-libreoffice-srcs.py:287 | MD5 | criticalBusiness impact 70 | |
| pkgs/applications/office/libreoffice/generate-libreoffice-srcs.py:288 | MD5 | criticalBusiness impact 70 | |
| pkgs/build-support/node/prefetch-npm-deps/src/cacache.rs:4 | SHA-1 | criticalBusiness impact 70 | |
| pkgs/build-support/node/prefetch-npm-deps/src/cacache.rs:145 | SHA-1 | criticalBusiness impact 70 | |
| pkgs/build-support/node/prefetch-npm-deps/src/parse/lock.rs:199 | SHA-1 | criticalBusiness impact 70 | |
| pkgs/by-name/mi/minecraft-server/update.py:17 | SHA-1 | criticalBusiness impact 70 | |
| pkgs/by-name/mi/minecraft-server/update.py:130 | SHA-1 | criticalBusiness impact 70 |
Anyone with this link can view the risk score and top findings — no sign-in required. Source code stays private.
https://quantumscan.io/en/share/a9aaa162-e223-4a76-b532-b416bdc8ec22Show your project's post-quantum readiness in the README. The badge updates automatically after every new scan.
[](https://github.com/NixOS/nixpkgs)<a href="https://github.com/NixOS/nixpkgs"><img src="https://quantumscan.io/api/badge/NixOS/nixpkgs.svg" alt="Post-Quantum Readiness" /></a>Add badge to your README
Show your quantum-safety score directly on GitHub.
[](https://quantumscan.io/en/scan/a9aaa162-e223-4a76-b532-b416bdc8ec22)Save your results & track future changes
Create a free account to get drift alerts, compliance PDF exports, and scan history.
- Weekly drift alerts when new vulnerabilities appear
- Track risk score over time across all your repos
- Export DORA / NIS2 compliance PDF for auditors
Free forever for design partners · No credit card