Hasty Briefsbeta

Bilingual

Show HN: Grade your code's post-quantum crypto exposure A–F, free, in-browser

10 hours ago
  • #DevOps
  • #Cybersecurity
  • #Post-Quantum Cryptography
  • A Cryptographic Bill of Materials (CBOM) is crucial for identifying quantum-vulnerable cryptography in your stack as part of PQC migration.
  • An open-source scanner provides a full scan in CI/CD workflows, generating a CycloneDX 1.6 CBOM, SARIF report, and an A–F grade badge without uploading data.
  • The scan can be run locally via npm or integrated into GitHub Actions, with options to fail builds on broken classical cryptography.
  • For audit readiness, an Evidence Pack Express offers a cryptographically signed deliverable including an executive summary, findings, CBOM, and migration plan.
  • Note: The scanner is lexical, findings are leads to verify, not a complete inventory, and it does not guarantee quantum safety or certification.