CryptoServe v1.4.3

What Changed

SDK (PyPI v1.4.3)

• CryptoClient now accepts base_url as alias for server_url (backwards compatibility)
• Offline encrypt()/decrypt() docstrings clarified (password-based, no server required)
• hash_password() supports argon2 algorithm (pip install cryptoserve-core[password])

CLI (npm v0.3.4)

• cryptoserve census --live fetches real-time data from npm, PyPI, crates.io registries
• --ecosystems npm,pypi,crates to limit scope, --format json for machine output
• --password flag for vault and hash-password commands (non-interactive/CI mode)
• --help works on all subcommands (scan --help, pqc --help, etc.)
• Nonexistent path detection with exit code 1

Server/Docker (v1.3.7)

• PQC endpoints working in Docker (liboqs LD_LIBRARY_PATH fixed)
• HPKE endpoints functional (pyhpke added)
• argon2-cffi in production requirements
• Key exchange case-insensitive (X25519, x25519 both accepted)
• Dockerfile.allinone runs application processes as non-root

Census Dashboard

• 511 curated projects analyzed (was 75)
• Temporal trend chart tracking PQC adoption since Jan 2025
• Live API data from npm, PyPI, crates.io, NuGet (5.1B monthly downloads)
• Monthly catalog discovery workflow
• Methodology rigor: split weak-to-PQC ratio, logistic S-curve projections, confidence badges

Documentation

• README: Built-in Help, Use Cases, Exit Codes sections
• CLI quickstart guide
• SDK Python docs with argon2, token, and client API coverage
• All version numbers verified and consistent

CryptoServe SDK v1.4.2

What's Changed

• Fix create_token/verify_token to accept string keys by @thebenignhacker in #28

Full Changelog: v0.3.4...v1.4.2

CryptoServe SDK v0.3.4

What's Changed

• fix: cross-language scanner dedup, deprecated examples, CI gaps, version bumps by @thebenignhacker in #22
• fix: command injection in browser open during login by @thebenignhacker in #23
• feat: add cryptoserve census command by @thebenignhacker in #24
• feat: expand crypto census to 11 ecosystems by @thebenignhacker in #25
• fix: census accuracy - reclassify packages, fix NIST language, add data transparency by @thebenignhacker in #26
• Fix documentation, CLI, and Python production readiness by @thebenignhacker in #27

Full Changelog: v0.2.0...v0.3.4

CryptoServe SDK v1.4.1

What's Changed

• fix: cross-language scanner dedup, deprecated examples, CI gaps, version bumps by @abdelsfane in #22
• fix: command injection in browser open during login by @abdelsfane in #23

Full Changelog: v0.2.0...v1.4.1

CryptoServe SDK v0.2.0

What's Changed

• Add zero-dependency Node.js CLI by @abdelsfane in #16
• Fix quantum readiness score calculation by @abdelsfane in #17
• Strengthen PR review to catch logic errors by @abdelsfane in #18
• Fix scanner to detect all node:crypto usage patterns by @abdelsfane in #19
• Fix quantum score for monorepos and small-sample projects by @abdelsfane in #20
• feat: v0.2.0 multi-language scanning, CBOM, CI gate, and architecture consolidation by @abdelsfane in #21

Full Changelog: v1.4.0...v0.2.0

CryptoServe SDK v1.4.0

What's Changed

• fix: point README doc links to in-repo files by @abdelsfane in #13
• docs: convert MkDocs syntax to GitHub-compatible markdown by @abdelsfane in #14
• feat: offline PQC analysis engine for air-gapped environments by @abdelsfane in #15

Full Changelog: v1.8.0...v1.4.0

CryptoServe SDK v1.8.0

What's Changed

• feat: quickstart script and all-in-one Docker image by @abdelsfane in #10
• docs: restructure README to separate CLI vs Platform by @abdelsfane in #11
• fix: bump SDK sub-package versions for PyPI publish by @abdelsfane in #12

Full Changelog: v1.7.0...v1.8.0

v1.6.0 - Security Audit Remediation & Production Readiness

What's New

This release addresses all findings from a comprehensive platform security audit and penetration test, adds PyPI publishing infrastructure, and resolves multiple bugs discovered during deep QA.

Security

• Platform audit remediation — All 23 findings resolved: startup validation hardening, Docker multi-stage non-root build, auth consolidation, dependency pinning, payload size limits, audit integrity hashes, tenant isolation enforcement
• Penetration test remediation — 11 of 13 findings fixed, 2 accepted as standard engineering tradeoffs (GCM nonce birthday bound, policy engine DotDict pattern)
• Token revocation — Now database-backed and persistent across restarts, with user ownership verification
• OAuth hardening — HMAC-SHA256 state signatures upgraded from 64-bit to 128-bit with constant-time comparison

Features

• String usage hints — SDK encrypt methods now accept string usage hints for algorithm selection
• PyPI OIDC publishing — CI workflow for SDK publishing via trusted publishers (no stored API tokens)
• Trust & transparency docs — Enterprise evaluation guide and full security transparency report with remediation evidence

Bug Fixes

• Fix CLI crashes from removed crypto singleton and missing yaml dependency
• Fix invalid hex key defaults in docker-compose for dev mode
• Correct AESGCMCipher API signature in docs and docstrings
• Resolve 7 server bugs found during deep QA (SDK field mismatches, broken endpoints)
• Resolve all CI failures (lint, security, SDK, frontend)
• Align sub-package metadata and exports for PyPI publish

Documentation

• Update all platform documentation to reflect current state
• Update SDK install instructions for PyPI
• Add LICENSE files to SDK packages

Infrastructure

• Production readiness hardening (security, QA, CI/CD)
• Remove legacy docs-site/ in favor of cryptoserve-website

Full Changelog: v1.5.0...v1.6.0

v1.5.0 - Post-Quantum Cryptography Enhancements

What's New

This release adds Post-Quantum Cryptography (PQC) support following NIST recommendations for the quantum transition period.

Features

• Hybrid Key Exchange API - New /api/v1/kex endpoints for X25519 + ML-KEM hybrid key exchange
• Algorithm Suite Resolution - Intelligent algorithm selection based on security level preferences
• PQC Capability Detection - Runtime detection of available post-quantum algorithms
• Graceful Degradation - Automatic fallback to classical cryptography when liboqs is unavailable

Technical Details

• Implements hybrid key encapsulation per NIST SP 800-227 draft guidelines
• Supports ML-KEM-768 and ML-KEM-1024 parameter sets
• Optional liboqs-python dependency for PQC operations
• Full backward compatibility with existing classical crypto APIs

Installation

# Standard installation (classical crypto only)
pip install -r requirements.txt

# With PQC support
pip install -r requirements.txt liboqs-python

Full Changelog: v1.4.0...v1.5.0