Releases: csnp/cryptoscan
Releases · csnp/cryptoscan
v1.3.0
What's New in v1.3.0
This release adds enterprise-grade CI/CD integration with flexible ignore mechanisms, baseline comparison, and configurable exit codes.
New Features
| Feature | Description |
|---|---|
--ignore |
Suppress specific pattern IDs (e.g., RSA-001,CERT-*) |
--ignore-category |
Suppress entire categories (e.g., Certificate,Library Import) |
--fail-on |
Configurable exit codes (info, low, medium, high, critical) |
--baseline |
Compare against previous scan - only report NEW findings |
--config |
Explicit config file path |
.cryptoscan.yaml |
Auto-detected configuration file |
| Pattern-specific inline ignore | // cryptoscan:ignore RSA-001 suppresses only that pattern |
Configuration File
Create a .cryptoscan.yaml in your project root:
ignore:
patterns:
- CERT-SELFSIGNED-001 # Known dev certificates
- RSA-001 # Legacy auth, tracked in JIRA-123
categories:
- Library Import
files:
- "vendor/*"
failOn: high # Exit non-zero on HIGH or CRITICAL
minSeverity: low
baseline: baseline.json # Only report new findingsCI/CD Workflow Example
# Generate baseline (one-time or after fixing issues)
cryptoscan scan . --format json --output baseline.json
# CI pipeline - fail only on NEW high+ severity findings
cryptoscan scan . --baseline baseline.json --fail-on highInline Suppression
import "crypto/rsa" // cryptoscan:ignore RSA-001 (suppresses only RSA)
import "crypto/ecdsa" // This will still be detectedBug Fixes
- Fixed MigrationScore showing incorrect counts after baseline filtering
Quick Install
# Using Go
go install github.com/csnp/cryptoscan/cmd/cryptoscan@v1.3.0
# Or download binary from assets belowChecksums
Verify your download with the checksums.txt file.
Full Docs: qramm.org/learn/cryptoscan-guide | Source: github.com/csnp/cryptoscan
Part of the QRAMM Toolkit by CSNP
v1.2.1
CryptoScan v1.2.1
Cryptographic discovery tool for the post-quantum era
Part of the QRAMM Toolkit by CSNP
Changelog
Others
- 0512bf1: Improve UX with specific, actionable guidance for certificate findings (@abdelsfane)
Quick Install
# Using Go
go install github.com/csnp/cryptoscan/cmd/cryptoscan@v1.2.1
# Or download binary from assets belowChecksums
Verify your download with the checksums.txt file.
Contributors
abdelsfane
Assets 13
v1.2.0
CryptoScan v1.2.0
Cryptographic discovery tool for the post-quantum era
Part of the QRAMM Toolkit by CSNP
Changelog
Others
- 7ac3b14: Add comprehensive certificate detection and reduce false positives (@abdelsfane)
- 0d83c81: Fix CERT-SUBJECT-001 false positive pattern (@abdelsfane)
- 3ccec7e: Update documentation for v1.2.0 certificate detection (@abdelsfane)
Quick Install
# Using Go
go install github.com/csnp/cryptoscan/cmd/cryptoscan@v1.2.0
# Or download binary from assets belowChecksums
Verify your download with the checksums.txt file.
Contributors
abdelsfane
Assets 13
v1.1.1
CryptoScan v1.1.1
Cryptographic discovery tool for the post-quantum era
Part of the QRAMM Toolkit by CSNP
Changelog
Others
- 70b6214: Fix remaining old repo name references in documentation (@abdelsfane)
- 24c6910: QA fixes: formatting, debug output, and Go version consistency (@abdelsfane)
- d0eebdb: Remove price comparison row from README (@abdelsfane)
- 028f23b: Updated name of repo in installation instructions (@emilyfane)
Quick Install
# Using Go
go install github.com/csnp/cryptoscan/cmd/cryptoscan@v1.1.1
# Or download binary from assets belowChecksums
Verify your download with the checksums.txt file.
Contributors
emilyfane and abdelsfane
Assets 13
v1.1.0
CryptoScan v1.1.0
Cryptographic discovery tool for the post-quantum era
Part of the QRAMM Toolkit by CSNP
Changelog
Others
- 37bc46e: Add PATTERNS.md documentation for detection patterns (@abdelsfane)
- b9b7cdc: Add automatic version detection from Go module info (@abdelsfane)
- d21859f: Add comprehensive PQC detection, Migration Readiness Score, and QRAMM mapping (@abdelsfane)
- b353601: Add links to full documentation on qramm.org (@abdelsfane)
- cb81af1: Add smart remediation engine and enhance CBOM for CycloneDX 1.6 compliance (@abdelsfane)
- 203d273: Fix goreleaser config to use correct repo name (@abdelsfane)
- 3cd2ec8: Fix version command in quick start (version, not --version) (@abdelsfane)
- c9c6477: Hide commit/built fields when not available from module install (@abdelsfane)
- 099d1b3: Improve installation instructions for non-developers (@abdelsfane)
- 40ae956: Replace CryptoCBOM with CryptoDeps in QRAMM toolkit list (@abdelsfane)
- afcd4ca: Update README install commands to new repo path (@abdelsfane)
- 1245255: Update README to simplify installation steps (@abdelsfane)
- 1d91c63: Update TLS Analyzer status to available with repo link (@abdelsfane)
- 04d9145: Update module path to github.com/csnp/cryptoscan (@abdelsfane)
Quick Install
# Using Go
go install github.com/csnp/cryptoscan/cmd/cryptoscan@v1.1.0
# Or download binary from assets belowChecksums
Verify your download with the checksums.txt file.
Contributors
abdelsfane
Assets 13
v1.0.3
CryptoScan v1.0.3
Cryptographic discovery tool for the post-quantum era
Part of the QRAMM Toolkit by CSNP
Changelog
Others
- f261182: Add detailed explanations for all comparison capabilities (@abdelsfane)
Quick Install
# Using Go
go install github.com/csnp/qramm-cryptoscan/cmd/cryptoscan@v1.0.3
# Or download binary from assets belowChecksums
Verify your download with the checksums.txt file.
Contributors
abdelsfane
Assets 13
v1.0.0 - Initial Stable Release
CryptoScan v1.0.0
Cryptographic discovery tool for the post-quantum era
Features
- Scan Sources: Local directories and remote Git repositories
- 50+ Detection Patterns: RSA, ECDSA, Ed25519, AES, DES, MD5, SHA-1, and more
- Quantum Risk Classification: Vulnerable, Partial, Safe, Unknown
- Multiple Output Formats: Text, JSON, CSV, SARIF, CBOM
- Source Code Context: See exactly where crypto is used for easy verification
- Inline Ignore Comments: Suppress false positives with
// cryptoscan:ignore - Real-time Streaming: See findings as they're discovered
Quick Start
# Install
go install github.com/csnp/qramm-cryptoscan/cmd/cryptoscan@v1.0.0
# Scan your project
cryptoscan scan .
# Try the sample files
git clone https://github.com/csnp/qramm-cryptoscan.git
cd qramm-cryptoscan
go build -o cryptoscan ./cmd/cryptoscan
./cryptoscan scan ./crypto-samplesOutput Formats
cryptoscan scan . --format json --output findings.json
cryptoscan scan . --format sarif --output results.sarif
cryptoscan scan . --format cbom --output crypto-bom.jsonPart of the QRAMM Toolkit by CSNP