Public scan corpus
What we found scanning OSS
Every entry below is a real pqc-audit run
against a public repository. Findings are informational:
RSA-2048 and P-256 are still secure today; the issue is harvest-now-decrypt-later
and NIST's 2030 deprecation deadline. See the methodology.
- Repos scanned
- 12
- Total scans
- 12
- Total findings
- 714
| Repository | Lang | ★ | Files | Shor | Grover | Total | Scanned |
|---|---|---|---|---|---|---|---|
| nodejs/undici An HTTP/1.1 client, written from scratch for Node.js | JavaScript | 7.5k | 682 | 0 | 20 | 20 | 19d ago |
| auth0/node-jsonwebtoken JsonWebToken implementation for node.js http://self-issued.info/docs/draft-ietf-oauth-json-web-token.html | JavaScript | 18.2k | 74 | 13 | 0 | 13 | 19d ago |
| axios/axios Promise based HTTP client for the browser and node.js | JavaScript | 109.0k | 247 | 1 | 0 | 1 | 19d ago |
| expressjs/session Simple session middleware for Express | JavaScript | 6.4k | 19 | 0 | 0 | 0 | 19d ago |