https://github.com/pyca/cryptography.git
· scanned 2026-05-16 09:40 UTC (2 weeks, 6 days ago)
· 10 languages
186 findings (14 legacy + 172 scanner) 75th percentile · Python · large (100-500K LoC)
Last scanned 2 weeks, 6 days ago · v1 · 12 findings from 1 source. Findings combine the legacy security pipeline AND the multi-layer engine (atlas, wiring, flows, ranked) AND verified AI agent contributions.
All 4048 nodes from the latest scan, grouped by kind. Each node is a unit the engine identified (file, function, endpoint, table…). Most users won't need this view — it's primarily for debugging the engine's graph extraction or for AI agents that want to enumerate the project structure.
| Label | Layer | Status | Path |
|---|---|---|---|
install |
software | healthy | noxfile.py:27 |
load_pyproject_toml |
software | healthy | noxfile.py:42 |
tests |
software | healthy | noxfile.py:52 |
docs |
software | healthy | noxfile.py:123 |
docs_linkcheck |
software | healthy | noxfile.py:194 |
flake |
software | healthy | noxfile.py:203 |
rust |
software | healthy | noxfile.py:235 |
local |
software | healthy | noxfile.py:290 |
process_rust_coverage |
software | healthy | noxfile.py:360 |
run |
software | healthy | release.py:26 |
cli |
software | healthy | release.py:32 |
release |
software | healthy | release.py:37 |
replace_pattern |
software | healthy | release.py:53 |
replace_version |
software | healthy | release.py:63 |
bump_version |
software | healthy | release.py:73 |
__init__ |
software | healthy | tests/doubles.py:65 |
validate_for_algorithm |
software | healthy | tests/doubles.py:33 |
digest_size |
software | healthy | tests/doubles.py:45 |
public_bytes |
software | healthy | tests/doubles.py:68 |
public_bytes_raw |
software | healthy | tests/doubles.py:75 |
verify |
software | healthy | tests/doubles.py:78 |
__eq__ |
software | healthy | tests/doubles.py:81 |
__copy__ |
software | healthy | tests/doubles.py:84 |
__deepcopy__ |
software | healthy | tests/doubles.py:87 |
pytest_configure |
software | healthy | tests/conftest.py:14 |
pytest_report_header |
software | healthy | tests/conftest.py:19 |
pytest_addoption |
software | healthy | tests/conftest.py:28 |
pytest_runtest_setup |
software | healthy | tests/conftest.py:34 |
backend |
software | healthy | tests/conftest.py:41 |
subtests |
software | healthy | tests/conftest.py:54 |
test |
software | healthy | tests/conftest.py:64 |
find_all_modules |
software | healthy | tests/test_meta.py:15 |
test_no_circular_imports |
software | healthy | tests/test_meta.py:26 |
json_parametrize |
software | healthy | tests/test_fernet.py:20 |
test_generate |
software | healthy | tests/test_fernet.py:44 |
test_verify |
software | healthy | tests/test_fernet.py:57 |
test_invalid |
software | healthy | tests/test_fernet.py:86 |
test_invalid_start_byte |
software | healthy | tests/test_fernet.py:99 |
test_timestamp_too_short |
software | healthy | tests/test_fernet.py:104 |
test_non_base64_token |
software | healthy | tests/test_fernet.py:109 |
test_invalid_types |
software | healthy | tests/test_fernet.py:116 |
test_timestamp_ignored_no_ttl |
software | healthy | tests/test_fernet.py:123 |
test_ttl_required_in_decrypt_at_time |
software | healthy | tests/test_fernet.py:130 |
test_roundtrips |
software | healthy | tests/test_fernet.py:142 |
test_bad_key |
software | healthy | tests/test_fernet.py:147 |
test_extract_timestamp |
software | healthy | tests/test_fernet.py:151 |
test_encrypt |
software | healthy | tests/test_fernet.py:168 |
test_decrypt |
software | healthy | tests/test_fernet.py:175 |
test_decrypt_at_time |
software | healthy | tests/test_fernet.py:191 |
test_no_fernets |
software | healthy | tests/test_fernet.py:206 |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
DummyCipherAlgorithm |
software | healthy | tests/doubles.py:16 |
DummyBlockCipherAlgorithm |
software | healthy | tests/doubles.py:23 |
DummyMode |
software | healthy | tests/doubles.py:30 |
DummyHashAlgorithm |
software | healthy | tests/doubles.py:37 |
DummyKeySerializationEncryption |
software | healthy | tests/doubles.py:49 |
DummyAsymmetricPadding |
software | healthy | tests/doubles.py:55 |
DummyEd25519PublicKey |
software | healthy | tests/doubles.py:59 |
SubTests |
software | healthy | tests/conftest.py:62 |
TestFernet |
software | healthy | tests/test_fernet.py:39 |
TestMultiFernet |
software | healthy | tests/test_fernet.py:167 |
TestDeprecated |
software | healthy | tests/test_warnings.py:16 |
TestException |
software | healthy | tests/test_utils.py:4430 |
TestDeprecated |
software | healthy | tests/test_utils.py:4465 |
TestCachedProperty |
software | healthy | tests/test_cryptography_utils.py:13 |
T |
software | healthy | tests/test_cryptography_utils.py:37 |
TestEnum |
software | healthy | tests/test_cryptography_utils.py:58 |
WycheproofTest |
software | healthy | tests/utils.py:956 |
TestDummyEd25519PublicKey |
software | healthy | tests/test_doubles.py:14 |
TestExtension |
software | healthy | tests/x509/test_x509_ext.py:62 |
TestTLSFeature |
software | healthy | tests/x509/test_x509_ext.py:145 |
TestUnrecognizedExtension |
software | healthy | tests/x509/test_x509_ext.py:220 |
TestCertificateIssuer |
software | healthy | tests/x509/test_x509_ext.py:288 |
TestCRLReason |
software | healthy | tests/x509/test_x509_ext.py:349 |
TestDeltaCRLIndicator |
software | healthy | tests/x509/test_x509_ext.py:382 |
TestInvalidityDate |
software | healthy | tests/x509/test_x509_ext.py:414 |
TestNoticeReference |
software | healthy | tests/x509/test_x509_ext.py:468 |
TestUserNotice |
software | healthy | tests/x509/test_x509_ext.py:513 |
TestPolicyInformation |
software | healthy | tests/x509/test_x509_ext.py:557 |
TestCertificatePolicies |
software | healthy | tests/x509/test_x509_ext.py:635 |
TestCertificatePoliciesExtension |
software | healthy | tests/x509/test_x509_ext.py:729 |
TestKeyUsage |
software | healthy | tests/x509/test_x509_ext.py:880 |
TestSubjectKeyIdentifier |
software | healthy | tests/x509/test_x509_ext.py:1181 |
TestAuthorityKeyIdentifier |
software | healthy | tests/x509/test_x509_ext.py:1243 |
TestBasicConstraints |
software | healthy | tests/x509/test_x509_ext.py:1378 |
TestExtendedKeyUsage |
software | healthy | tests/x509/test_x509_ext.py:1436 |
TestExtensions |
software | healthy | tests/x509/test_x509_ext.py:1508 |
TestBasicConstraintsExtension |
software | healthy | tests/x509/test_x509_ext.py:1627 |
TestSubjectKeyIdentifierExtension |
software | healthy | tests/x509/test_x509_ext.py:1702 |
TestKeyUsageExtension |
software | healthy | tests/x509/test_x509_ext.py:1820 |
TestPrivateKeyUsagePeriodExtension |
software | healthy | tests/x509/test_x509_ext.py:1872 |
TestDNSName |
software | healthy | tests/x509/test_x509_ext.py:2089 |
TestDirectoryName |
software | healthy | tests/x509/test_x509_ext.py:2119 |
TestRFC822Name |
software | healthy | tests/x509/test_x509_ext.py:2169 |
TestUniformResourceIdentifier |
software | healthy | tests/x509/test_x509_ext.py:2213 |
TestRegisteredID |
software | healthy | tests/x509/test_x509_ext.py:2257 |
TestIPAddress |
software | healthy | tests/x509/test_x509_ext.py:2291 |
TestOtherName |
software | healthy | tests/x509/test_x509_ext.py:2331 |
TestGeneralNames |
software | healthy | tests/x509/test_x509_ext.py:2381 |
TestIssuerAlternativeName |
software | healthy | tests/x509/test_x509_ext.py:2453 |
TestRSAIssuerAlternativeNameExtension |
software | healthy | tests/x509/test_x509_ext.py:2526 |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
Cargo.toml |
software | healthy | Cargo.toml |
noxfile.py |
software | healthy | noxfile.py |
.readthedocs.yml |
software | healthy | .readthedocs.yml |
pyproject.toml |
software | healthy | pyproject.toml |
AGENTS.md |
software | healthy | AGENTS.md |
release.py |
software | healthy | release.py |
doubles.py |
software | healthy | tests/doubles.py |
__init__.py |
software | healthy | tests/__init__.py |
conftest.py |
software | healthy | tests/conftest.py |
test_meta.py |
software | healthy | tests/test_meta.py |
test_fernet.py |
software | healthy | tests/test_fernet.py |
test_warnings.py |
software | healthy | tests/test_warnings.py |
test_utils.py |
software | healthy | tests/test_utils.py |
test_cryptography_utils.py |
software | healthy | tests/test_cryptography_utils.py |
deprecated_module.py |
software | warning | tests/deprecated_module.py |
utils.py |
software | healthy | tests/utils.py |
test_doubles.py |
software | healthy | tests/test_doubles.py |
test_hmac.py |
software | healthy | tests/wycheproof/test_hmac.py |
__init__.py |
software | healthy | tests/wycheproof/__init__.py |
test_x448.py |
software | healthy | tests/wycheproof/test_x448.py |
test_chacha20poly1305.py |
software | healthy | tests/wycheproof/test_chacha20poly1305.py |
test_hkdf.py |
software | healthy | tests/wycheproof/test_hkdf.py |
test_pbkdf2.py |
software | healthy | tests/wycheproof/test_pbkdf2.py |
test_utils.py |
software | healthy | tests/wycheproof/test_utils.py |
test_rsa.py |
software | healthy | tests/wycheproof/test_rsa.py |
test_cmac.py |
software | healthy | tests/wycheproof/test_cmac.py |
test_x25519.py |
software | healthy | tests/wycheproof/test_x25519.py |
test_aes.py |
software | healthy | tests/wycheproof/test_aes.py |
utils.py |
software | healthy | tests/wycheproof/utils.py |
test_dsa.py |
software | healthy | tests/wycheproof/test_dsa.py |
test_mlkem.py |
software | healthy | tests/wycheproof/test_mlkem.py |
test_ecdsa.py |
software | healthy | tests/wycheproof/test_ecdsa.py |
test_eddsa.py |
software | healthy | tests/wycheproof/test_eddsa.py |
test_ecdh.py |
software | healthy | tests/wycheproof/test_ecdh.py |
test_mldsa.py |
software | healthy | tests/wycheproof/test_mldsa.py |
test_keywrap.py |
software | healthy | tests/wycheproof/test_keywrap.py |
test_x509_ext.py |
software | healthy | tests/x509/test_x509_ext.py |
__init__.py |
software | healthy | tests/x509/__init__.py |
test_x509_crlbuilder.py |
software | healthy | tests/x509/test_x509_crlbuilder.py |
test_x509.py |
software | healthy | tests/x509/test_x509.py |
test_ocsp.py |
software | healthy | tests/x509/test_ocsp.py |
test_name.py |
software | healthy | tests/x509/test_name.py |
test_x509_revokedcertbuilder.py |
software | healthy | tests/x509/test_x509_revokedcertbuilder.py |
__init__.py |
software | healthy | tests/x509/verification/__init__.py |
test_limbo.py |
software | healthy | tests/x509/verification/test_limbo.py |
test_verification.py |
software | healthy | tests/x509/verification/test_verification.py |
__init__.py |
software | healthy | tests/hazmat/__init__.py |
test_oid.py |
software | healthy | tests/hazmat/test_oid.py |
test_openssl.py |
software | healthy | tests/hazmat/bindings/test_openssl.py |
test_api.py |
software | healthy | tests/hazmat/asn1/test_api.py |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
5.6.2.4 |
network | healthy | tests/test_utils.py |
5.6.2.5 |
network | healthy | tests/test_utils.py |
2.5.29.19 |
network | healthy | tests/x509/test_x509_ext.py |
1.2.3.4 |
network | healthy | tests/x509/test_x509_ext.py |
1.2.3.5 |
network | healthy | tests/x509/test_x509_ext.py |
1.3.6.1 |
network | healthy | tests/x509/test_x509_ext.py |
4.1.311.21 |
network | healthy | tests/x509/test_x509_ext.py |
2.16.840.1 |
network | healthy | tests/x509/test_x509_ext.py |
2.5.29.14 |
network | healthy | tests/x509/test_x509_ext.py |
5.5.7.3 |
network | healthy | tests/x509/test_x509_ext.py |
2.5.4.3 |
network | healthy | tests/x509/test_x509_ext.py |
127.0.0.1 |
network | healthy | tests/x509/test_x509_ext.py |
192.168.0.0 |
network | healthy | tests/x509/test_x509_ext.py |
127.0.0.2 |
network | healthy | tests/x509/test_x509_ext.py |
2.5.4.65 |
network | healthy | tests/x509/test_x509_ext.py |
2.5.29.37 |
network | healthy | tests/x509/test_x509_ext.py |
1.5.5.7 |
network | healthy | tests/x509/test_x509_ext.py |
5.5.7.48 |
network | healthy | tests/x509/test_x509_ext.py |
10.10.0.0 |
network | healthy | tests/x509/test_x509_ext.py |
192.168.0.1 |
network | healthy | tests/x509/test_x509_ext.py |
2.5.4.6 |
network | healthy | tests/x509/test_x509_ext.py |
1.2.276.0 |
network | healthy | tests/x509/test_x509_ext.py |
76.3.1.91 |
network | healthy | tests/x509/test_x509_ext.py |
76.3.1.1 |
network | healthy | tests/x509/test_x509_ext.py |
8.0.0.0 |
network | healthy | tests/x509/test_x509.py |
1.2.3.3 |
network | healthy | tests/x509/test_x509.py |
1.2.643.3 |
network | healthy | tests/x509/test_x509.py |
2.5.4.45 |
network | healthy | tests/x509/test_x509.py |
5.6.7.8 |
network | healthy | tests/x509/test_x509.py |
2.5.4.5 |
network | healthy | tests/x509/test_x509.py |
2.5.4.15 |
network | healthy | tests/x509/test_x509.py |
2.5.29.3 |
network | healthy | tests/x509/test_x509.py |
2.999.37.5 |
network | healthy | tests/x509/test_x509.py |
9.1.9.7 |
network | healthy | tests/x509/test_x509.py |
2.5.4.10 |
network | healthy | tests/x509/test_name.py |
101.3.4.1 |
network | healthy | tests/hazmat/primitives/test_pkcs7.py |
1.1.1.1 |
network | healthy | tests/hazmat/primitives/test_ec.py |
7.4.1.4 |
network | healthy | src/cryptography/x509/certificate_transparency.py |
2.5.29.9 |
network | healthy | src/cryptography/hazmat/_oid.py |
2.5.29.15 |
network | healthy | src/cryptography/hazmat/_oid.py |
2.5.29.16 |
network | healthy | src/cryptography/hazmat/_oid.py |
2.5.29.17 |
network | healthy | src/cryptography/hazmat/_oid.py |
2.5.29.18 |
network | healthy | src/cryptography/hazmat/_oid.py |
2.5.29.30 |
network | healthy | src/cryptography/hazmat/_oid.py |
2.5.29.31 |
network | healthy | src/cryptography/hazmat/_oid.py |
2.5.29.32 |
network | healthy | src/cryptography/hazmat/_oid.py |
2.5.29.33 |
network | healthy | src/cryptography/hazmat/_oid.py |
2.5.29.35 |
network | healthy | src/cryptography/hazmat/_oid.py |
2.5.29.36 |
network | healthy | src/cryptography/hazmat/_oid.py |
2.5.29.46 |
network | healthy | src/cryptography/hazmat/_oid.py |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
tests |
software | healthy | tests |
wycheproof |
software | healthy | tests/wycheproof |
x509 |
software | healthy | tests/x509 |
verification |
software | healthy | tests/x509/verification |
hazmat |
software | healthy | tests/hazmat |
bindings |
software | healthy | tests/hazmat/bindings |
asn1 |
software | healthy | tests/hazmat/asn1 |
primitives |
software | healthy | tests/hazmat/primitives |
decrepit |
software | healthy | tests/hazmat/primitives/decrepit |
twofactor |
software | healthy | tests/hazmat/primitives/twofactor |
backends |
software | healthy | tests/hazmat/backends |
bench |
software | healthy | tests/bench |
docs |
software | healthy | docs |
development |
software | healthy | docs/development |
custom-vectors |
software | healthy | docs/development/custom-vectors |
rc2 |
software | healthy | docs/development/custom-vectors/rc2 |
rc2 |
software | healthy | docs/development/custom-vectors/rc2/rc2 |
rsa-oaep-sha2 |
software | healthy | docs/development/custom-vectors/rsa-oaep-sha2 |
idea |
software | healthy | docs/development/custom-vectors/idea |
aes-192-gcm-siv |
software | healthy | docs/development/custom-vectors/aes-192-gcm-siv |
verify-aes192gcmsiv |
software | healthy | docs/development/custom-vectors/aes-192-gcm-siv/verify-aes1… |
src |
software | healthy | docs/development/custom-vectors/aes-192-gcm-siv/verify-aes1… |
chacha20 |
software | healthy | docs/development/custom-vectors/chacha20 |
arc4 |
software | healthy | docs/development/custom-vectors/arc4 |
hkdf |
software | healthy | docs/development/custom-vectors/hkdf |
seed |
software | healthy | docs/development/custom-vectors/seed |
cast5 |
software | healthy | docs/development/custom-vectors/cast5 |
secp256k1 |
software | healthy | docs/development/custom-vectors/secp256k1 |
_templates |
software | healthy | docs/_templates |
_ext |
software | healthy | docs/_ext |
vectors |
software | healthy | vectors |
cryptography_vectors |
software | healthy | vectors/cryptography_vectors |
fernet |
software | healthy | vectors/cryptography_vectors/fernet |
asymmetric |
software | healthy | vectors/cryptography_vectors/asymmetric |
OpenSSH |
software | healthy | vectors/cryptography_vectors/asymmetric/OpenSSH |
HPKE |
software | healthy | vectors/cryptography_vectors/HPKE |
.github |
software | healthy | .github |
ISSUE_TEMPLATE |
software | healthy | .github/ISSUE_TEMPLATE |
workflows |
software | healthy | .github/workflows |
actions |
software | healthy | .github/actions |
wheel-smoketest |
software | healthy | .github/actions/wheel-smoketest |
cache |
software | healthy | .github/actions/cache |
upload-coverage |
software | healthy | .github/actions/upload-coverage |
fetch-vectors |
software | healthy | .github/actions/fetch-vectors |
downstream.d |
software | healthy | .github/downstream.d |
src |
software | healthy | src |
cryptography |
software | healthy | src/cryptography |
x509 |
software | healthy | src/cryptography/x509 |
hazmat |
software | healthy | src/cryptography/hazmat |
bindings |
software | healthy | src/cryptography/hazmat/bindings |
Showing first 50 of this kind. Full payload available via the JSON button at the top of the page.
| Label | Layer | Status | Path |
|---|---|---|---|
sdist |
cicd | healthy | .github/workflows/wheel-builder.yml |
manylinux |
cicd | healthy | .github/workflows/wheel-builder.yml |
macos |
cicd | healthy | .github/workflows/wheel-builder.yml |
windows |
cicd | healthy | .github/workflows/wheel-builder.yml |
bump |
cicd | healthy | .github/workflows/x509-limbo-version-bump.yml |
bump |
cicd | healthy | .github/workflows/boring-open-awslc-bump.yml |
linux |
cicd | healthy | .github/workflows/ci.yml |
distros |
cicd | healthy | .github/workflows/ci.yml |
alpine |
cicd | healthy | .github/workflows/ci.yml |
macos |
cicd | healthy | .github/workflows/ci.yml |
windows |
cicd | healthy | .github/workflows/ci.yml |
linux-downstream |
cicd | healthy | .github/workflows/ci.yml |
all-green |
cicd | healthy | .github/workflows/ci.yml |
docs-linkcheck |
cicd | healthy | .github/workflows/linkcheck.yml |
publish |
cicd | healthy | .github/workflows/pypi-publish.yml |
bump |
cicd | healthy | .github/workflows/downstream-version-bump.yml |
auto-close |
cicd | healthy | .github/workflows/auto-close-stale.yml |
benchmark |
cicd | healthy | .github/workflows/benchmark.yml |
lock |
cicd | healthy | .github/workflows/lock.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
gha::wheel-builder |
cicd | healthy | .github/workflows/wheel-builder.yml |
gha::x509-limbo-version-bump |
cicd | healthy | .github/workflows/x509-limbo-version-bump.yml |
gha::boring-open-awslc-bump |
cicd | healthy | .github/workflows/boring-open-awslc-bump.yml |
gha::ci |
cicd | healthy | .github/workflows/ci.yml |
gha::linkcheck |
cicd | healthy | .github/workflows/linkcheck.yml |
gha::pypi-publish |
cicd | healthy | .github/workflows/pypi-publish.yml |
gha::downstream-version-bump |
cicd | healthy | .github/workflows/downstream-version-bump.yml |
gha::auto-close-stale |
cicd | healthy | .github/workflows/auto-close-stale.yml |
gha::benchmark |
cicd | healthy | .github/workflows/benchmark.yml |
gha::lock |
cicd | healthy | .github/workflows/lock.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
CRYPTOGRAPHY_WHEEL_NAME |
cicd | healthy | — |
BORINGBOT_PRIVATE_KEY |
cicd | healthy | — |
BORINGBOT_APP_ID |
cicd | healthy | — |
UV_REQUIREMENTS_PATH |
cicd | healthy | — |
OPENSSL_HASH |
cicd | healthy | — |
GITHUB_TOKEN |
cicd | healthy | — |
BUILD_REQUIREMENTS_PATH |
cicd | healthy | — |
PYPI_URL |
cicd | healthy | — |
| Label | Layer | Status | Path |
|---|---|---|---|
password_literal::tests/hazmat/primitives/test_serializatio… |
security | healthy | tests/hazmat/primitives/test_serialization.py |
password_literal::tests/hazmat/primitives/test_serializatio… |
security | healthy | tests/hazmat/primitives/test_serialization.py |
password_literal::vectors/cryptography_vectors/asymmetric/O… |
security | healthy | vectors/cryptography_vectors/asymmetric/OpenSSH/gen.sh |
password_literal::src/cryptography/hazmat/_oid.py |
security | healthy | src/cryptography/hazmat/_oid.py |
| Label | Layer | Status | Path |
|---|---|---|---|
port:23000 |
network | healthy | vectors/cryptography_vectors/asymmetric/OpenSSH/gen.sh |
port:21090 |
network | healthy | vectors/cryptography_vectors/asymmetric/OpenSSH/gen.sh |
port:06 |
network | healthy | .github/dependabot.yml |
| Label | Layer | Status | Path |
|---|---|---|---|
repobility-clone-a55_88cq |
software | healthy | /tmp/repobility-clone-a55_88cq |
| Label | Layer | Status | Path |
|---|---|---|---|
vps::aws |
hardware | healthy | tests/hazmat/primitives/test_dsa.py |
This page is publicly accessible at:
https://repobility.com/scan/828639f6-2a9e-43e7-bae7-7834832b2873/
To check status programmatically (no auth required):
curl -s https://repobility.com/api/v1/public/scan/828639f6-2a9e-43e7-bae7-7834832b2873/Important — please don't re-submit the same URL repeatedly. The submission endpoint is idempotent: re-submitting the same git URL returns this same scan_token, not a new one. To re-scan this repo, sign up free and use the dashboard.