cryptoserve 0.3.2 → 0.3.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (17) hide show
  1. package/lib/census/aggregator.mjs +51 -1
  2. package/lib/census/collectors/cocoapods-downloads.mjs +3 -3
  3. package/lib/census/collectors/crates-downloads.mjs +3 -3
  4. package/lib/census/collectors/github-enrichment.mjs +160 -0
  5. package/lib/census/collectors/go-downloads.mjs +4 -4
  6. package/lib/census/collectors/hex-downloads.mjs +3 -3
  7. package/lib/census/collectors/maven-downloads.mjs +6 -2
  8. package/lib/census/collectors/npm-downloads.mjs +6 -6
  9. package/lib/census/collectors/nuget-downloads.mjs +3 -3
  10. package/lib/census/collectors/packagist-downloads.mjs +3 -3
  11. package/lib/census/collectors/pub-downloads.mjs +3 -3
  12. package/lib/census/collectors/pypi-downloads.mjs +3 -3
  13. package/lib/census/collectors/rubygems-downloads.mjs +3 -3
  14. package/lib/census/package-catalog.mjs +374 -367
  15. package/lib/census/report-html.mjs +20 -7
  16. package/lib/census/report-terminal.mjs +12 -2
  17. package/package.json +1 -1
package/lib/census/package-catalog.mjs CHANGED
@@ -4,13 +4,29 @@
4
4
  * RubyGems, Hex (Elixir), pub.dev (Dart), and CocoaPods (Swift/ObjC).
5
5
  *
6
6
  * Tiers:
7
- * weak - Broken, deprecated, or quantum-vulnerable primitives
8
- * modern - Current-generation crypto (not PQC)
9
- * pqc - Post-quantum cryptography
7
+ * weak - Broken or deprecated algorithms (MD5, SHA-1, DES, RC4, Blowfish),
8
+ * unmaintained implementations with known CVEs, or libraries
9
+ * that default to insecure configurations
10
+ * modern - Current-generation cryptography with maintained implementations
11
+ * (includes both quantum-vulnerable asymmetric crypto like RSA/ECDSA
12
+ * and quantum-resistant symmetric crypto like AES-256/SHA-256)
13
+ * pqc - Post-quantum cryptography (NIST FIPS 203/204/205)
14
+ *
15
+ * Categories:
16
+ * hashing - Hash functions (MD5, SHA-*, BLAKE, CRC)
17
+ * encryption - Symmetric ciphers and AEAD (AES, ChaCha20, DES, RC4)
18
+ * kdf - Key derivation and password hashing (PBKDF2, scrypt, Argon2, bcrypt)
19
+ * signing - Digital signatures and key exchange (ECDSA, EdDSA, RSA, ML-DSA)
20
+ * jwt - JWT/JWS/JWE token libraries
21
+ * tls - TLS stacks, SSH, and protocol implementations
22
+ * general - Multi-purpose cryptographic libraries
10
23
  */
11
24
 
12
25
  export const TIERS = { WEAK: 'weak', MODERN: 'modern', PQC: 'pqc' };
13
26
 
27
+ /** @type {readonly ["hashing","encryption","kdf","signing","jwt","tls","general"]} */
28
+ export const CATEGORIES = ['hashing', 'encryption', 'kdf', 'signing', 'jwt', 'tls', 'general'];
29
+
14
30
  // =========================================================================
15
31
  // npm
16
32
  // =========================================================================
@@ -18,58 +34,57 @@ export const TIERS = { WEAK: 'weak', MODERN: 'modern', PQC: 'pqc' };
18
34
  /** @type {import('./types').CatalogEntry[]} */
19
35
  export const NPM_PACKAGES = [
20
36
  // --- weak ---
21
- { name: 'md5', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'Collision-broken hash' },
22
- { name: 'sha1', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'Collision-broken hash (SHAttered)' },
23
- { name: 'crypto-js', tier: TIERS.WEAK, algorithms: ['DES', 'RC4', 'MD5'], note: 'Bundles weak ciphers, no constant-time ops' },
24
- { name: 'des.js', tier: TIERS.WEAK, algorithms: ['DES', '3DES'], note: 'Deprecated block cipher' },
25
- { name: 'js-md5', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'Collision-broken hash' },
26
- { name: 'js-sha1', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'Collision-broken hash' },
27
- { name: 'object-hash', tier: TIERS.WEAK, algorithms: ['SHA-1', 'MD5'], note: 'Defaults to SHA-1' },
28
- { name: 'hash.js', tier: TIERS.WEAK, algorithms: ['SHA-1', 'SHA-256'], note: 'No PQC, legacy API surface' },
29
- { name: 'node-forge', tier: TIERS.WEAK, algorithms: ['RSA', 'DES', 'RC2'], note: 'Pure JS RSA, bundles weak ciphers' },
30
- { name: 'jssha', tier: TIERS.WEAK, algorithms: ['SHA-1', 'SHA-256'], note: 'SHA-1 primary, no PQC' },
31
- { name: 'rc4', tier: TIERS.WEAK, algorithms: ['RC4'], note: 'Stream cipher broken since 2013' },
32
- { name: 'js-sha256', tier: TIERS.WEAK, algorithms: ['SHA-256'], note: 'Redundant pure JS hash, no audit' },
33
- { name: 'js-sha512', tier: TIERS.WEAK, algorithms: ['SHA-512'], note: 'Redundant pure JS hash, no audit' },
34
- { name: 'js-sha3', tier: TIERS.WEAK, algorithms: ['SHA-3'], note: 'Unmaintained, use @noble/hashes' },
35
- { name: 'sha.js', tier: TIERS.WEAK, algorithms: ['SHA-1', 'SHA-256'], note: 'Legacy streaming hash, unmaintained' },
36
- { name: 'create-hash', tier: TIERS.WEAK, algorithms: ['MD5', 'SHA-1', 'SHA-256'], note: 'Legacy polyfill, defaults to SHA-1' },
37
- { name: 'create-hmac', tier: TIERS.WEAK, algorithms: ['HMAC-SHA-1'], note: 'Legacy polyfill, pairs with create-hash' },
38
- { name: 'md5.js', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'Collision-broken hash' },
39
- { name: 'sha1-uint8array', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'SHA-1 variant for typed arrays' },
40
- { name: 'ripemd160', tier: TIERS.WEAK, algorithms: ['RIPEMD-160'], note: 'Legacy 160-bit hash, insufficient margin' },
41
- { name: 'browserify-des', tier: TIERS.WEAK, algorithms: ['DES', '3DES'], note: 'Browserify DES polyfill' },
42
- { name: 'browserify-cipher', tier: TIERS.WEAK, algorithms: ['DES', 'Blowfish'], note: 'Browserify legacy cipher polyfill' },
43
- { name: 'blowfish-js', tier: TIERS.WEAK, algorithms: ['Blowfish'], note: '64-bit block cipher, Sweet32 vulnerable' },
44
- { name: 'tripledes', tier: TIERS.WEAK, algorithms: ['3DES'], note: 'Deprecated by NIST 2023' },
37
+ { name: 'md5', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'Collision-broken hash', category: 'hashing', replacedBy: '@noble/hashes' },
38
+ { name: 'sha1', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'Collision-broken hash (SHAttered)', category: 'hashing', replacedBy: '@noble/hashes' },
39
+ { name: 'crypto-js', tier: TIERS.WEAK, algorithms: ['DES', 'RC4', 'MD5'], note: 'Bundles weak ciphers, no constant-time ops', category: 'encryption', replacedBy: '@noble/ciphers' },
40
+ { name: 'des.js', tier: TIERS.WEAK, algorithms: ['DES', '3DES'], note: 'Deprecated block cipher', category: 'encryption', replacedBy: '@noble/ciphers' },
41
+ { name: 'js-md5', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'Collision-broken hash', category: 'hashing', replacedBy: '@noble/hashes' },
42
+ { name: 'js-sha1', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'Collision-broken hash', category: 'hashing', replacedBy: '@noble/hashes' },
43
+ { name: 'hash.js', tier: TIERS.MODERN, algorithms: ['SHA-1', 'SHA-256', 'SHA-512'], note: 'SHA-2 family hashes, dependency of elliptic curve libraries', category: 'hashing' },
44
+ { name: 'node-forge', tier: TIERS.WEAK, algorithms: ['RSA', 'DES', 'RC2'], note: 'Pure JS RSA, bundles weak ciphers', category: 'general', replacedBy: '@noble/curves' },
45
+ { name: 'jssha', tier: TIERS.MODERN, algorithms: ['SHA-1', 'SHA-256', 'SHA-512', 'SHA-3'], note: 'Multi-algorithm hash library', category: 'hashing' },
46
+ { name: 'rc4', tier: TIERS.WEAK, algorithms: ['RC4'], note: 'Stream cipher broken since 2013', category: 'encryption', replacedBy: '@noble/ciphers' },
47
+ { name: 'js-sha256', tier: TIERS.MODERN, algorithms: ['SHA-256'], note: 'Pure JS SHA-256 implementation', category: 'hashing' },
48
+ { name: 'js-sha512', tier: TIERS.MODERN, algorithms: ['SHA-512'], note: 'Pure JS SHA-512 implementation', category: 'hashing' },
49
+ { name: 'js-sha3', tier: TIERS.MODERN, algorithms: ['SHA-3'], note: 'SHA-3 hash functions (unmaintained, prefer @noble/hashes)', category: 'hashing' },
50
+ { name: 'sha.js', tier: TIERS.MODERN, algorithms: ['SHA-256', 'SHA-512'], note: 'Streaming SHA-2 hashes (browserify legacy)', category: 'hashing' },
51
+ { name: 'create-hash', tier: TIERS.MODERN, algorithms: ['SHA-256', 'SHA-512'], note: 'Node crypto.createHash polyfill for browsers', category: 'hashing' },
52
+ { name: 'create-hmac', tier: TIERS.MODERN, algorithms: ['HMAC-SHA-256'], note: 'Node crypto.createHmac polyfill for browsers', category: 'hashing' },
53
+ { name: 'md5.js', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'Collision-broken hash', category: 'hashing', replacedBy: '@noble/hashes' },
54
+ { name: 'sha1-uint8array', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'SHA-1 variant for typed arrays', category: 'hashing', replacedBy: '@noble/hashes' },
55
+ { name: 'ripemd160', tier: TIERS.WEAK, algorithms: ['RIPEMD-160'], note: 'Legacy 160-bit hash, insufficient margin', category: 'hashing', replacedBy: '@noble/hashes' },
56
+ { name: 'browserify-des', tier: TIERS.WEAK, algorithms: ['DES', '3DES'], note: 'Browserify DES polyfill', category: 'encryption', replacedBy: '@noble/ciphers' },
57
+ { name: 'browserify-cipher', tier: TIERS.WEAK, algorithms: ['DES', 'Blowfish'], note: 'Browserify legacy cipher polyfill', category: 'encryption', replacedBy: '@noble/ciphers' },
58
+ { name: 'blowfish-js', tier: TIERS.WEAK, algorithms: ['Blowfish'], note: '64-bit block cipher, Sweet32 vulnerable', category: 'encryption', replacedBy: '@noble/ciphers' },
59
+ { name: 'tripledes', tier: TIERS.WEAK, algorithms: ['3DES'], note: 'Deprecated by NIST 2023', category: 'encryption', replacedBy: '@noble/ciphers' },
45
60
 
46
61
  // --- modern ---
47
- { name: '@noble/curves', tier: TIERS.MODERN, algorithms: ['ECDSA', 'EdDSA', 'secp256k1'], note: 'Audited, constant-time elliptic curves' },
48
- { name: '@noble/hashes', tier: TIERS.MODERN, algorithms: ['SHA-256', 'SHA-3', 'BLAKE2'], note: 'Audited hash functions' },
49
- { name: '@noble/ciphers', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ChaCha20-Poly1305', 'XSalsa20'], note: 'Audited symmetric ciphers' },
50
- { name: 'tweetnacl', tier: TIERS.MODERN, algorithms: ['Curve25519', 'XSalsa20'], note: 'NaCl port, audited' },
51
- { name: 'sodium-native', tier: TIERS.MODERN, algorithms: ['Curve25519', 'ChaCha20'], note: 'libsodium native bindings' },
52
- { name: 'jose', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'EdDSA'], note: 'JOSE/JWT/JWE standard library' },
53
- { name: 'libsodium-wrappers', tier: TIERS.MODERN, algorithms: ['Curve25519', 'ChaCha20'], note: 'libsodium WASM build' },
54
- { name: 'elliptic', tier: TIERS.MODERN, algorithms: ['ECDSA', 'ECDH'], note: 'Elliptic curve math' },
55
- { name: 'bcryptjs', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Password hashing' },
56
- { name: 'scrypt-js', tier: TIERS.MODERN, algorithms: ['scrypt'], note: 'Memory-hard KDF' },
57
- { name: 'argon2', tier: TIERS.MODERN, algorithms: ['Argon2id', 'Argon2i'], note: 'PHC winner password hashing (native)' },
58
- { name: '@types/bcryptjs', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'TypeScript types for bcryptjs' },
59
- { name: 'jsonwebtoken', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256'], note: 'JWT implementation' },
60
- { name: 'passport-jwt', tier: TIERS.MODERN, algorithms: ['JWT'], note: 'Passport JWT strategy' },
61
- { name: '@panva/hkdf', tier: TIERS.MODERN, algorithms: ['HKDF'], note: 'HKDF for Web Crypto and Node' },
62
- { name: 'openpgp', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'EdDSA', 'AES'], note: 'OpenPGP.js v5+ with modern algorithms' },
63
- { name: 'secp256k1', tier: TIERS.MODERN, algorithms: ['secp256k1', 'ECDSA'], note: 'Bitcoin/Ethereum curve' },
64
- { name: '@stablelib/x25519', tier: TIERS.MODERN, algorithms: ['X25519'], note: 'X25519 ECDH' },
65
- { name: '@stablelib/chacha20poly1305', tier: TIERS.MODERN, algorithms: ['ChaCha20-Poly1305'], note: 'AEAD cipher' },
66
- { name: 'noise-protocol', tier: TIERS.MODERN, algorithms: ['Noise', 'X25519'], note: 'Noise protocol framework' },
62
+ { name: '@noble/curves', tier: TIERS.MODERN, algorithms: ['ECDSA', 'EdDSA', 'secp256k1'], note: 'Audited, constant-time elliptic curves', category: 'signing' },
63
+ { name: '@noble/hashes', tier: TIERS.MODERN, algorithms: ['SHA-256', 'SHA-3', 'BLAKE2'], note: 'Audited hash functions', category: 'hashing' },
64
+ { name: '@noble/ciphers', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ChaCha20-Poly1305', 'XSalsa20'], note: 'Audited symmetric ciphers', category: 'encryption' },
65
+ { name: 'tweetnacl', tier: TIERS.MODERN, algorithms: ['Curve25519', 'XSalsa20'], note: 'NaCl port, audited', category: 'general' },
66
+ { name: 'sodium-native', tier: TIERS.MODERN, algorithms: ['Curve25519', 'ChaCha20'], note: 'libsodium native bindings', category: 'general' },
67
+ { name: 'jose', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'EdDSA'], note: 'JOSE/JWT/JWE standard library', category: 'jwt' },
68
+ { name: 'libsodium-wrappers', tier: TIERS.MODERN, algorithms: ['Curve25519', 'ChaCha20'], note: 'libsodium WASM build', category: 'general' },
69
+ { name: 'elliptic', tier: TIERS.MODERN, algorithms: ['ECDSA', 'ECDH'], note: 'Elliptic curve math', category: 'signing' },
70
+ { name: 'bcryptjs', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Password hashing', category: 'kdf' },
71
+ { name: 'scrypt-js', tier: TIERS.MODERN, algorithms: ['scrypt'], note: 'Memory-hard KDF', category: 'kdf' },
72
+ { name: 'argon2', tier: TIERS.MODERN, algorithms: ['Argon2id', 'Argon2i'], note: 'PHC winner password hashing (native)', category: 'kdf' },
73
+ { name: '@types/bcryptjs', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'TypeScript types for bcryptjs', category: 'kdf' },
74
+ { name: 'jsonwebtoken', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256'], note: 'JWT implementation', category: 'jwt' },
75
+ { name: 'passport-jwt', tier: TIERS.MODERN, algorithms: ['JWT'], note: 'Passport JWT strategy', category: 'jwt' },
76
+ { name: '@panva/hkdf', tier: TIERS.MODERN, algorithms: ['HKDF'], note: 'HKDF for Web Crypto and Node', category: 'kdf' },
77
+ { name: 'openpgp', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'EdDSA', 'AES'], note: 'OpenPGP.js v5+ with modern algorithms', category: 'general' },
78
+ { name: 'secp256k1', tier: TIERS.MODERN, algorithms: ['secp256k1', 'ECDSA'], note: 'Bitcoin/Ethereum curve', category: 'signing' },
79
+ { name: '@stablelib/x25519', tier: TIERS.MODERN, algorithms: ['X25519'], note: 'X25519 ECDH', category: 'signing' },
80
+ { name: '@stablelib/chacha20poly1305', tier: TIERS.MODERN, algorithms: ['ChaCha20-Poly1305'], note: 'AEAD cipher', category: 'encryption' },
81
+ { name: 'noise-protocol', tier: TIERS.MODERN, algorithms: ['Noise', 'X25519'], note: 'Noise protocol framework', category: 'tls' },
67
82
 
68
83
  // --- pqc ---
69
- { name: '@noble/post-quantum', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA'], note: 'FIPS 203/204/205 implementations' },
70
- { name: 'crystals-kyber', tier: TIERS.PQC, algorithms: ['Kyber/ML-KEM'], note: 'Lattice-based KEM' },
71
- { name: 'liboqs-node', tier: TIERS.PQC, algorithms: ['Kyber', 'Dilithium', 'SPHINCS+'], note: 'Open Quantum Safe bindings' },
72
- { name: 'kyber-crystals', tier: TIERS.PQC, algorithms: ['Kyber/ML-KEM'], note: 'Kyber implementation' },
84
+ { name: '@noble/post-quantum', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA'], note: 'FIPS 203/204/205 implementations', category: 'general' },
85
+ { name: 'crystals-kyber', tier: TIERS.PQC, algorithms: ['Kyber/ML-KEM'], note: 'Lattice-based KEM', category: 'encryption' },
86
+ { name: 'liboqs-node', tier: TIERS.PQC, algorithms: ['Kyber', 'Dilithium', 'SPHINCS+'], note: 'Open Quantum Safe bindings', category: 'general' },
87
+ { name: 'kyber-crystals', tier: TIERS.PQC, algorithms: ['Kyber/ML-KEM'], note: 'Kyber implementation', category: 'encryption' },
73
88
  ];
74
89
 
75
90
  // =========================================================================
@@ -79,36 +94,35 @@ export const NPM_PACKAGES = [
79
94
  /** @type {import('./types').CatalogEntry[]} */
80
95
  export const PYPI_PACKAGES = [
81
96
  // --- weak ---
82
- { name: 'pycrypto', tier: TIERS.WEAK, algorithms: ['DES', 'Blowfish', 'ARC4'], note: 'Unmaintained since 2013, CVEs unfixed' },
83
- { name: 'simple-crypt', tier: TIERS.WEAK, algorithms: ['AES-CTR'], note: 'Wraps pycrypto, inherits vulnerabilities' },
84
- { name: 'hashlib', tier: TIERS.WEAK, algorithms: ['MD5', 'SHA-1'], note: 'Stdlib wrapper often used for MD5/SHA-1' },
85
- { name: 'tlslite', tier: TIERS.WEAK, algorithms: ['TLS 1.0', 'RC4', 'DES'], note: 'Unmaintained, supports deprecated protocols' },
86
- { name: 'pyDes', tier: TIERS.WEAK, algorithms: ['DES', '3DES'], note: 'Pure Python DES, deprecated cipher' },
87
- { name: 'rsa', tier: TIERS.WEAK, algorithms: ['RSA-PKCS1v15'], note: 'Pure Python RSA, no constant-time operations' },
88
- { name: 'Crypto', tier: TIERS.WEAK, algorithms: ['DES', 'ARC4', 'MD5'], note: 'Alias for pycrypto, unmaintained' },
89
- { name: 'python-gnupg', tier: TIERS.WEAK, algorithms: ['RSA', 'DSA', 'CAST5'], note: 'GnuPG wrapper, often uses legacy defaults' },
97
+ { name: 'pycrypto', tier: TIERS.WEAK, algorithms: ['DES', 'Blowfish', 'ARC4'], note: 'Unmaintained since 2013, CVEs unfixed', category: 'general', replacedBy: 'pycryptodome' },
98
+ { name: 'simple-crypt', tier: TIERS.WEAK, algorithms: ['AES-CTR'], note: 'Wraps pycrypto, inherits vulnerabilities', category: 'encryption', replacedBy: 'cryptography' },
99
+ { name: 'tlslite', tier: TIERS.WEAK, algorithms: ['TLS 1.0', 'RC4', 'DES'], note: 'Unmaintained, supports deprecated protocols', category: 'tls', replacedBy: 'cryptography' },
100
+ { name: 'pyDes', tier: TIERS.WEAK, algorithms: ['DES', '3DES'], note: 'Pure Python DES, deprecated cipher', category: 'encryption', replacedBy: 'pycryptodome' },
101
+ { name: 'rsa', tier: TIERS.WEAK, algorithms: ['RSA-PKCS1v15'], note: 'Pure Python RSA, no constant-time operations', category: 'signing', replacedBy: 'cryptography' },
102
+ { name: 'Crypto', tier: TIERS.WEAK, algorithms: ['DES', 'ARC4', 'MD5'], note: 'Alias for pycrypto, unmaintained', category: 'general', replacedBy: 'pycryptodome' },
103
+ { name: 'python-gnupg', tier: TIERS.WEAK, algorithms: ['RSA', 'DSA', 'CAST5'], note: 'GnuPG wrapper, often uses legacy defaults', category: 'general', replacedBy: 'cryptography' },
90
104
 
91
105
  // --- modern ---
92
- { name: 'cryptography', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'X25519'], note: 'PyCA reference library' },
93
- { name: 'pycryptodome', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ChaCha20'], note: 'PyCrypto fork, maintained' },
94
- { name: 'pynacl', tier: TIERS.MODERN, algorithms: ['Curve25519', 'XSalsa20'], note: 'libsodium Python bindings' },
95
- { name: 'bcrypt', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Password hashing' },
96
- { name: 'argon2-cffi', tier: TIERS.MODERN, algorithms: ['Argon2'], note: 'Winner of Password Hashing Competition' },
97
- { name: 'nacl', tier: TIERS.MODERN, algorithms: ['Curve25519'], note: 'NaCl bindings (alias)' },
98
- { name: 'ecdsa', tier: TIERS.MODERN, algorithms: ['ECDSA'], note: 'Pure Python ECDSA' },
99
- { name: 'ed25519', tier: TIERS.MODERN, algorithms: ['Ed25519'], note: 'EdDSA signing' },
100
- { name: 'PyJWT', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256'], note: 'JWT implementation' },
101
- { name: 'python-jose', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256'], note: 'JOSE standard library' },
102
- { name: 'paramiko', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519'], note: 'SSH protocol implementation' },
103
- { name: 'Fernet', tier: TIERS.MODERN, algorithms: ['AES-CBC', 'HMAC-SHA256'], note: 'High-level symmetric encryption' },
104
- { name: 'tink', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ECDSA', 'Ed25519'], note: 'Google Tink Python' },
105
- { name: 'passlib', tier: TIERS.MODERN, algorithms: ['bcrypt', 'Argon2', 'scrypt'], note: 'Multi-algorithm password hashing' },
106
- { name: 'pyotp', tier: TIERS.MODERN, algorithms: ['HMAC-SHA1', 'TOTP', 'HOTP'], note: 'One-time password library' },
106
+ { name: 'cryptography', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'X25519'], note: 'PyCA reference library', category: 'general' },
107
+ { name: 'pycryptodome', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ChaCha20'], note: 'PyCrypto fork, maintained', category: 'general' },
108
+ { name: 'pynacl', tier: TIERS.MODERN, algorithms: ['Curve25519', 'XSalsa20'], note: 'libsodium Python bindings', category: 'general' },
109
+ { name: 'bcrypt', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Password hashing', category: 'kdf' },
110
+ { name: 'argon2-cffi', tier: TIERS.MODERN, algorithms: ['Argon2'], note: 'Winner of Password Hashing Competition', category: 'kdf' },
111
+ { name: 'nacl', tier: TIERS.MODERN, algorithms: ['Curve25519'], note: 'NaCl bindings (alias)', category: 'general' },
112
+ { name: 'ecdsa', tier: TIERS.MODERN, algorithms: ['ECDSA'], note: 'Pure Python ECDSA', category: 'signing' },
113
+ { name: 'ed25519', tier: TIERS.MODERN, algorithms: ['Ed25519'], note: 'EdDSA signing', category: 'signing' },
114
+ { name: 'PyJWT', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256'], note: 'JWT implementation', category: 'jwt' },
115
+ { name: 'python-jose', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256'], note: 'JOSE standard library', category: 'jwt' },
116
+ { name: 'paramiko', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519'], note: 'SSH protocol implementation', category: 'tls' },
117
+ { name: 'Fernet', tier: TIERS.MODERN, algorithms: ['AES-CBC', 'HMAC-SHA256'], note: 'High-level symmetric encryption', category: 'encryption' },
118
+ { name: 'tink', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ECDSA', 'Ed25519'], note: 'Google Tink Python', category: 'general' },
119
+ { name: 'passlib', tier: TIERS.MODERN, algorithms: ['bcrypt', 'Argon2', 'scrypt'], note: 'Multi-algorithm password hashing', category: 'kdf' },
120
+ { name: 'pyotp', tier: TIERS.MODERN, algorithms: ['HMAC-SHA1', 'TOTP', 'HOTP'], note: 'One-time password library', category: 'hashing' },
107
121
 
108
122
  // --- pqc ---
109
- { name: 'liboqs-python', tier: TIERS.PQC, algorithms: ['Kyber', 'Dilithium', 'SPHINCS+'], note: 'Open Quantum Safe bindings' },
110
- { name: 'pqcrypto', tier: TIERS.PQC, algorithms: ['Kyber', 'Dilithium'], note: 'PQC algorithm wrappers' },
111
- { name: 'oqs', tier: TIERS.PQC, algorithms: ['Kyber', 'Dilithium'], note: 'OQS convenience package' },
123
+ { name: 'liboqs-python', tier: TIERS.PQC, algorithms: ['Kyber', 'Dilithium', 'SPHINCS+'], note: 'Open Quantum Safe bindings', category: 'general' },
124
+ { name: 'pqcrypto', tier: TIERS.PQC, algorithms: ['Kyber', 'Dilithium'], note: 'PQC algorithm wrappers', category: 'general' },
125
+ { name: 'oqs', tier: TIERS.PQC, algorithms: ['Kyber', 'Dilithium'], note: 'OQS convenience package', category: 'general' },
112
126
  ];
113
127
 
114
128
  // =========================================================================
@@ -118,74 +132,74 @@ export const PYPI_PACKAGES = [
118
132
  /** @type {import('./types').CatalogEntry[]} */
119
133
  export const GO_PACKAGES = [
120
134
  // --- weak (stdlib) ---
121
- { name: 'crypto/md5', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'Collision-broken hash' },
122
- { name: 'crypto/sha1', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'Collision-broken hash (SHAttered)' },
123
- { name: 'crypto/des', tier: TIERS.WEAK, algorithms: ['DES', '3DES'], note: 'DES 56-bit brute-forceable, 3DES deprecated by NIST' },
124
- { name: 'crypto/rc4', tier: TIERS.WEAK, algorithms: ['RC4'], note: 'Broken stream cipher, prohibited by RFC 7465' },
125
- { name: 'crypto/dsa', tier: TIERS.WEAK, algorithms: ['DSA'], note: 'Deprecated in Go 1.16+, dropped by NIST FIPS 186-5' },
126
- { name: 'crypto/elliptic', tier: TIERS.WEAK, algorithms: ['ECDH'], note: 'Low-level API deprecated in Go 1.21' },
135
+ { name: 'crypto/md5', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'Collision-broken hash', category: 'hashing', replacedBy: 'crypto/sha256' },
136
+ { name: 'crypto/sha1', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'Collision-broken hash (SHAttered)', category: 'hashing', replacedBy: 'crypto/sha256' },
137
+ { name: 'crypto/des', tier: TIERS.WEAK, algorithms: ['DES', '3DES'], note: 'DES 56-bit brute-forceable, 3DES deprecated by NIST', category: 'encryption', replacedBy: 'crypto/aes' },
138
+ { name: 'crypto/rc4', tier: TIERS.WEAK, algorithms: ['RC4'], note: 'Broken stream cipher, prohibited by RFC 7465', category: 'encryption', replacedBy: 'crypto/aes' },
139
+ { name: 'crypto/dsa', tier: TIERS.WEAK, algorithms: ['DSA'], note: 'Deprecated in Go 1.16+, dropped by NIST FIPS 186-5', category: 'signing', replacedBy: 'crypto/ecdsa' },
140
+ { name: 'crypto/elliptic', tier: TIERS.MODERN, algorithms: ['ECDH'], note: 'Low-level API deprecated in Go 1.21, use crypto/ecdh', category: 'signing' },
127
141
 
128
142
  // --- weak (x/crypto) ---
129
- { name: 'golang.org/x/crypto/md4', tier: TIERS.WEAK, algorithms: ['MD4'], note: 'Collision-broken, weaker than MD5' },
130
- { name: 'golang.org/x/crypto/ripemd160', tier: TIERS.WEAK, algorithms: ['RIPEMD-160'], note: '160-bit hash with known weaknesses' },
131
- { name: 'golang.org/x/crypto/openpgp', tier: TIERS.WEAK, algorithms: ['RSA', 'DSA', 'CAST5'], note: 'Deprecated and frozen' },
132
- { name: 'golang.org/x/crypto/bn256', tier: TIERS.WEAK, algorithms: ['BN256'], note: 'Deprecated pairing curve, below 128-bit' },
133
- { name: 'golang.org/x/crypto/cast5', tier: TIERS.WEAK, algorithms: ['CAST5'], note: '64-bit block cipher' },
134
- { name: 'golang.org/x/crypto/blowfish', tier: TIERS.WEAK, algorithms: ['Blowfish'], note: '64-bit block, Sweet32 vulnerable' },
135
- { name: 'golang.org/x/crypto/tea', tier: TIERS.WEAK, algorithms: ['TEA'], note: 'Known weaknesses, not for security' },
136
- { name: 'golang.org/x/crypto/salsa20', tier: TIERS.WEAK, algorithms: ['Salsa20'], note: 'Superseded by ChaCha20, no AEAD' },
143
+ { name: 'golang.org/x/crypto/md4', tier: TIERS.WEAK, algorithms: ['MD4'], note: 'Collision-broken, weaker than MD5', category: 'hashing', replacedBy: 'golang.org/x/crypto/blake2b' },
144
+ { name: 'golang.org/x/crypto/ripemd160', tier: TIERS.WEAK, algorithms: ['RIPEMD-160'], note: '160-bit hash with known weaknesses', category: 'hashing', replacedBy: 'golang.org/x/crypto/blake2b' },
145
+ { name: 'golang.org/x/crypto/openpgp', tier: TIERS.WEAK, algorithms: ['RSA', 'DSA', 'CAST5'], note: 'Deprecated and frozen', category: 'general', replacedBy: 'github.com/ProtonMail/go-crypto' },
146
+ { name: 'golang.org/x/crypto/bn256', tier: TIERS.WEAK, algorithms: ['BN256'], note: 'Deprecated pairing curve, below 128-bit', category: 'signing', replacedBy: 'github.com/cloudflare/circl' },
147
+ { name: 'golang.org/x/crypto/cast5', tier: TIERS.WEAK, algorithms: ['CAST5'], note: '64-bit block cipher', category: 'encryption', replacedBy: 'crypto/aes' },
148
+ { name: 'golang.org/x/crypto/blowfish', tier: TIERS.WEAK, algorithms: ['Blowfish'], note: '64-bit block, Sweet32 vulnerable', category: 'encryption', replacedBy: 'crypto/aes' },
149
+ { name: 'golang.org/x/crypto/tea', tier: TIERS.WEAK, algorithms: ['TEA'], note: 'Known weaknesses, not for security', category: 'encryption', replacedBy: 'crypto/aes' },
150
+ { name: 'golang.org/x/crypto/salsa20', tier: TIERS.MODERN, algorithms: ['Salsa20'], note: 'Stream cipher, predecessor to ChaCha20', category: 'encryption' },
137
151
 
138
152
  // --- weak (third-party) ---
139
- { name: 'github.com/dgrijalva/jwt-go', tier: TIERS.WEAK, algorithms: ['HMAC', 'RSA'], note: 'Unmaintained, CVE-2020-26160 none alg bypass' },
140
- { name: 'github.com/square/go-jose', tier: TIERS.WEAK, algorithms: ['JWE', 'JWS'], note: 'Deprecated, migrated to go-jose/go-jose' },
141
- { name: 'github.com/zmap/zcrypto', tier: TIERS.WEAK, algorithms: ['TLS 1.0', 'export ciphers'], note: 'Research TLS, speaks deprecated protocols' },
153
+ { name: 'github.com/dgrijalva/jwt-go', tier: TIERS.WEAK, algorithms: ['HMAC', 'RSA'], note: 'Unmaintained, CVE-2020-26160 none alg bypass', category: 'jwt', replacedBy: 'github.com/golang-jwt/jwt/v5' },
154
+ { name: 'github.com/square/go-jose', tier: TIERS.WEAK, algorithms: ['JWE', 'JWS'], note: 'Deprecated, migrated to go-jose/go-jose', category: 'jwt', replacedBy: 'github.com/go-jose/go-jose/v4' },
155
+ { name: 'github.com/zmap/zcrypto', tier: TIERS.WEAK, algorithms: ['TLS 1.0', 'export ciphers'], note: 'Research TLS, speaks deprecated protocols', category: 'tls', replacedBy: 'crypto/tls' },
142
156
 
143
157
  // --- modern (stdlib) ---
144
- { name: 'crypto/aes', tier: TIERS.MODERN, algorithms: ['AES'], note: 'AES block cipher' },
145
- { name: 'crypto/cipher', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'AES-CTR'], note: 'Block cipher modes including AEAD' },
146
- { name: 'crypto/sha256', tier: TIERS.MODERN, algorithms: ['SHA-256'], note: 'NIST-approved hash' },
147
- { name: 'crypto/sha512', tier: TIERS.MODERN, algorithms: ['SHA-384', 'SHA-512'], note: 'NIST-approved hash' },
148
- { name: 'crypto/sha3', tier: TIERS.MODERN, algorithms: ['SHA3-256', 'SHAKE'], note: 'Keccak-based, added Go 1.24' },
149
- { name: 'crypto/rsa', tier: TIERS.MODERN, algorithms: ['RSA-OAEP', 'RSA-PSS'], note: 'RSA encryption and signing' },
150
- { name: 'crypto/ecdsa', tier: TIERS.MODERN, algorithms: ['ECDSA'], note: 'Elliptic curve digital signatures' },
151
- { name: 'crypto/ecdh', tier: TIERS.MODERN, algorithms: ['ECDH', 'X25519'], note: 'ECDH key exchange, added Go 1.20' },
152
- { name: 'crypto/ed25519', tier: TIERS.MODERN, algorithms: ['Ed25519'], note: 'Edwards-curve signatures' },
153
- { name: 'crypto/tls', tier: TIERS.MODERN, algorithms: ['TLS 1.3', 'X25519MLKEM768'], note: 'TLS with hybrid PQC since Go 1.24' },
154
- { name: 'crypto/rand', tier: TIERS.MODERN, algorithms: ['CSPRNG'], note: 'Cryptographic random' },
155
- { name: 'crypto/hmac', tier: TIERS.MODERN, algorithms: ['HMAC'], note: 'HMAC authentication' },
156
- { name: 'crypto/hkdf', tier: TIERS.MODERN, algorithms: ['HKDF'], note: 'RFC 5869 KDF, added Go 1.24' },
157
- { name: 'crypto/x509', tier: TIERS.MODERN, algorithms: ['X.509'], note: 'Certificate handling' },
158
+ { name: 'crypto/aes', tier: TIERS.MODERN, algorithms: ['AES'], note: 'AES block cipher', category: 'encryption' },
159
+ { name: 'crypto/cipher', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'AES-CTR'], note: 'Block cipher modes including AEAD', category: 'encryption' },
160
+ { name: 'crypto/sha256', tier: TIERS.MODERN, algorithms: ['SHA-256'], note: 'NIST-approved hash', category: 'hashing' },
161
+ { name: 'crypto/sha512', tier: TIERS.MODERN, algorithms: ['SHA-384', 'SHA-512'], note: 'NIST-approved hash', category: 'hashing' },
162
+ { name: 'crypto/sha3', tier: TIERS.MODERN, algorithms: ['SHA3-256', 'SHAKE'], note: 'Keccak-based, added Go 1.24', category: 'hashing' },
163
+ { name: 'crypto/rsa', tier: TIERS.MODERN, algorithms: ['RSA-OAEP', 'RSA-PSS'], note: 'RSA encryption and signing', category: 'signing' },
164
+ { name: 'crypto/ecdsa', tier: TIERS.MODERN, algorithms: ['ECDSA'], note: 'Elliptic curve digital signatures', category: 'signing' },
165
+ { name: 'crypto/ecdh', tier: TIERS.MODERN, algorithms: ['ECDH', 'X25519'], note: 'ECDH key exchange, added Go 1.20', category: 'signing' },
166
+ { name: 'crypto/ed25519', tier: TIERS.MODERN, algorithms: ['Ed25519'], note: 'Edwards-curve signatures', category: 'signing' },
167
+ { name: 'crypto/tls', tier: TIERS.MODERN, algorithms: ['TLS 1.3', 'X25519MLKEM768'], note: 'TLS with hybrid PQC since Go 1.24', category: 'tls' },
168
+ { name: 'crypto/rand', tier: TIERS.MODERN, algorithms: ['CSPRNG'], note: 'Cryptographic random', category: 'general' },
169
+ { name: 'crypto/hmac', tier: TIERS.MODERN, algorithms: ['HMAC'], note: 'HMAC authentication', category: 'hashing' },
170
+ { name: 'crypto/hkdf', tier: TIERS.MODERN, algorithms: ['HKDF'], note: 'RFC 5869 KDF, added Go 1.24', category: 'kdf' },
171
+ { name: 'crypto/x509', tier: TIERS.MODERN, algorithms: ['X.509'], note: 'Certificate handling', category: 'tls' },
158
172
 
159
173
  // --- modern (x/crypto) ---
160
- { name: 'golang.org/x/crypto/chacha20poly1305', tier: TIERS.MODERN, algorithms: ['ChaCha20-Poly1305'], note: 'AEAD, RFC 8439' },
161
- { name: 'golang.org/x/crypto/curve25519', tier: TIERS.MODERN, algorithms: ['X25519'], note: 'ECDH on Curve25519' },
162
- { name: 'golang.org/x/crypto/nacl/box', tier: TIERS.MODERN, algorithms: ['X25519', 'XSalsa20-Poly1305'], note: 'NaCl public-key encryption' },
163
- { name: 'golang.org/x/crypto/nacl/secretbox', tier: TIERS.MODERN, algorithms: ['XSalsa20-Poly1305'], note: 'NaCl symmetric encryption' },
164
- { name: 'golang.org/x/crypto/argon2', tier: TIERS.MODERN, algorithms: ['Argon2id'], note: 'PHC winner password hashing' },
165
- { name: 'golang.org/x/crypto/bcrypt', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Adaptive password hashing' },
166
- { name: 'golang.org/x/crypto/scrypt', tier: TIERS.MODERN, algorithms: ['scrypt'], note: 'Memory-hard KDF' },
167
- { name: 'golang.org/x/crypto/blake2b', tier: TIERS.MODERN, algorithms: ['BLAKE2b'], note: 'Fast cryptographic hash' },
168
- { name: 'golang.org/x/crypto/ssh', tier: TIERS.MODERN, algorithms: ['SSH'], note: 'SSH protocol implementation' },
169
- { name: 'golang.org/x/crypto/acme/autocert', tier: TIERS.MODERN, algorithms: ['ACME', 'TLS'], note: 'Auto TLS certificate provisioning' },
174
+ { name: 'golang.org/x/crypto/chacha20poly1305', tier: TIERS.MODERN, algorithms: ['ChaCha20-Poly1305'], note: 'AEAD, RFC 8439', category: 'encryption' },
175
+ { name: 'golang.org/x/crypto/curve25519', tier: TIERS.MODERN, algorithms: ['X25519'], note: 'ECDH on Curve25519', category: 'signing' },
176
+ { name: 'golang.org/x/crypto/nacl/box', tier: TIERS.MODERN, algorithms: ['X25519', 'XSalsa20-Poly1305'], note: 'NaCl public-key encryption', category: 'encryption' },
177
+ { name: 'golang.org/x/crypto/nacl/secretbox', tier: TIERS.MODERN, algorithms: ['XSalsa20-Poly1305'], note: 'NaCl symmetric encryption', category: 'encryption' },
178
+ { name: 'golang.org/x/crypto/argon2', tier: TIERS.MODERN, algorithms: ['Argon2id'], note: 'PHC winner password hashing', category: 'kdf' },
179
+ { name: 'golang.org/x/crypto/bcrypt', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Adaptive password hashing', category: 'kdf' },
180
+ { name: 'golang.org/x/crypto/scrypt', tier: TIERS.MODERN, algorithms: ['scrypt'], note: 'Memory-hard KDF', category: 'kdf' },
181
+ { name: 'golang.org/x/crypto/blake2b', tier: TIERS.MODERN, algorithms: ['BLAKE2b'], note: 'Fast cryptographic hash', category: 'hashing' },
182
+ { name: 'golang.org/x/crypto/ssh', tier: TIERS.MODERN, algorithms: ['SSH'], note: 'SSH protocol implementation', category: 'tls' },
183
+ { name: 'golang.org/x/crypto/acme/autocert', tier: TIERS.MODERN, algorithms: ['ACME', 'TLS'], note: 'Auto TLS certificate provisioning', category: 'tls' },
170
184
 
171
185
  // --- modern (third-party) ---
172
- { name: 'github.com/golang-jwt/jwt/v5', tier: TIERS.MODERN, algorithms: ['HMAC', 'RSA', 'ECDSA', 'EdDSA'], note: 'Most popular Go JWT library' },
173
- { name: 'github.com/go-jose/go-jose/v4', tier: TIERS.MODERN, algorithms: ['JWE', 'JWS', 'JWT'], note: 'JOSE standards' },
174
- { name: 'github.com/tink-crypto/tink-go/v2', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ECDSA', 'Ed25519'], note: 'Google Tink misuse-resistant crypto' },
175
- { name: 'filippo.io/age', tier: TIERS.MODERN, algorithms: ['X25519', 'scrypt', 'ChaCha20-Poly1305'], note: 'Modern file encryption' },
176
- { name: 'github.com/ProtonMail/go-crypto', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'EdDSA'], note: 'Maintained OpenPGP fork' },
177
- { name: 'github.com/flynn/noise', tier: TIERS.MODERN, algorithms: ['Noise', 'X25519', 'ChaCha20-Poly1305'], note: 'Noise protocol framework' },
178
- { name: 'golang.zx2c4.com/wireguard', tier: TIERS.MODERN, algorithms: ['Noise IK', 'X25519', 'ChaCha20-Poly1305'], note: 'WireGuard VPN' },
179
- { name: 'github.com/aws/aws-sdk-go-v2/service/kms', tier: TIERS.MODERN, algorithms: ['AES-256', 'RSA', 'ECDSA'], note: 'AWS KMS client' },
180
- { name: 'cloud.google.com/go/kms/apiv1', tier: TIERS.MODERN, algorithms: ['AES-256', 'RSA', 'ECDSA'], note: 'GCP Cloud KMS client' },
186
+ { name: 'github.com/golang-jwt/jwt/v5', tier: TIERS.MODERN, algorithms: ['HMAC', 'RSA', 'ECDSA', 'EdDSA'], note: 'Most popular Go JWT library', category: 'jwt' },
187
+ { name: 'github.com/go-jose/go-jose/v4', tier: TIERS.MODERN, algorithms: ['JWE', 'JWS', 'JWT'], note: 'JOSE standards', category: 'jwt' },
188
+ { name: 'github.com/tink-crypto/tink-go/v2', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ECDSA', 'Ed25519'], note: 'Google Tink misuse-resistant crypto', category: 'general' },
189
+ { name: 'filippo.io/age', tier: TIERS.MODERN, algorithms: ['X25519', 'scrypt', 'ChaCha20-Poly1305'], note: 'Modern file encryption', category: 'encryption' },
190
+ { name: 'github.com/ProtonMail/go-crypto', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'EdDSA'], note: 'Maintained OpenPGP fork', category: 'general' },
191
+ { name: 'github.com/flynn/noise', tier: TIERS.MODERN, algorithms: ['Noise', 'X25519', 'ChaCha20-Poly1305'], note: 'Noise protocol framework', category: 'tls' },
192
+ { name: 'golang.zx2c4.com/wireguard', tier: TIERS.MODERN, algorithms: ['Noise IK', 'X25519', 'ChaCha20-Poly1305'], note: 'WireGuard VPN', category: 'tls' },
193
+ { name: 'github.com/aws/aws-sdk-go-v2/service/kms', tier: TIERS.MODERN, algorithms: ['AES-256', 'RSA', 'ECDSA'], note: 'AWS KMS client', category: 'general' },
194
+ { name: 'cloud.google.com/go/kms/apiv1', tier: TIERS.MODERN, algorithms: ['AES-256', 'RSA', 'ECDSA'], note: 'GCP Cloud KMS client', category: 'general' },
181
195
 
182
196
  // --- pqc ---
183
- { name: 'crypto/mlkem', tier: TIERS.PQC, algorithms: ['ML-KEM-768', 'ML-KEM-1024'], note: 'FIPS 203 in Go stdlib since 1.24' },
184
- { name: 'github.com/cloudflare/circl', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA', 'HPKE'], note: 'Comprehensive PQC + ECC library' },
185
- { name: 'github.com/cloudflare/circl/kem/mlkem', tier: TIERS.PQC, algorithms: ['ML-KEM-512', 'ML-KEM-768', 'ML-KEM-1024'], note: 'FIPS 203 ML-KEM' },
186
- { name: 'github.com/cloudflare/circl/sign/mldsa', tier: TIERS.PQC, algorithms: ['ML-DSA-44', 'ML-DSA-65', 'ML-DSA-87'], note: 'FIPS 204 ML-DSA' },
187
- { name: 'github.com/cloudflare/circl/sign/slhdsa', tier: TIERS.PQC, algorithms: ['SLH-DSA'], note: 'FIPS 205 hash-based signatures' },
188
- { name: 'github.com/open-quantum-safe/liboqs-go', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'Falcon'], note: 'OQS Go bindings' },
197
+ { name: 'crypto/mlkem', tier: TIERS.PQC, algorithms: ['ML-KEM-768', 'ML-KEM-1024'], note: 'FIPS 203 in Go stdlib since 1.24', category: 'encryption' },
198
+ { name: 'github.com/cloudflare/circl', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA', 'HPKE'], note: 'Comprehensive PQC + ECC library', category: 'general' },
199
+ { name: 'github.com/cloudflare/circl/kem/mlkem', tier: TIERS.PQC, algorithms: ['ML-KEM-512', 'ML-KEM-768', 'ML-KEM-1024'], note: 'FIPS 203 ML-KEM', category: 'encryption' },
200
+ { name: 'github.com/cloudflare/circl/sign/mldsa', tier: TIERS.PQC, algorithms: ['ML-DSA-44', 'ML-DSA-65', 'ML-DSA-87'], note: 'FIPS 204 ML-DSA', category: 'signing' },
201
+ { name: 'github.com/cloudflare/circl/sign/slhdsa', tier: TIERS.PQC, algorithms: ['SLH-DSA'], note: 'FIPS 205 hash-based signatures', category: 'signing' },
202
+ { name: 'github.com/open-quantum-safe/liboqs-go', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'Falcon'], note: 'OQS Go bindings', category: 'general' },
189
203
  ];
190
204
 
191
205
  // =========================================================================
@@ -195,48 +209,46 @@ export const GO_PACKAGES = [
195
209
  /** @type {import('./types').CatalogEntry[]} */
196
210
  export const MAVEN_PACKAGES = [
197
211
  // --- weak ---
198
- { name: 'org.bouncycastle:bcprov-jdk15on', tier: TIERS.WEAK, algorithms: ['AES', 'RSA', 'DES'], note: 'Superseded by jdk18on, no longer maintained' },
199
- { name: 'org.bouncycastle:bcprov-jdk16', tier: TIERS.WEAK, algorithms: ['AES', 'RSA', 'DES'], note: 'Legacy JDK 1.6 build, unmaintained' },
200
- { name: 'org.bouncycastle:bcpkix-jdk15on', tier: TIERS.WEAK, algorithms: ['RSA', 'ECDSA', 'X.509'], note: 'Superseded by jdk18on' },
201
- { name: 'org.bouncycastle:bcpg-jdk15on', tier: TIERS.WEAK, algorithms: ['RSA', 'DSA', 'ElGamal'], note: 'Legacy OpenPGP build' },
202
- { name: 'com.madgag.spongycastle:core', tier: TIERS.WEAK, algorithms: ['AES', 'RSA', 'DES'], note: 'BC Android fork, deprecated' },
203
- { name: 'org.jasypt:jasypt', tier: TIERS.WEAK, algorithms: ['PBE', 'DES', 'MD5'], note: 'Defaults to PBEWithMD5AndDES, unmaintained since 2014' },
204
- { name: 'org.keyczar:keyczar', tier: TIERS.WEAK, algorithms: ['AES', 'RSA', 'DSA'], note: 'Google Keyczar, archived project' },
205
- { name: 'commons-codec:commons-codec', tier: TIERS.WEAK, algorithms: ['MD5', 'SHA-1', 'SHA-256'], note: 'DigestUtils md5Hex/sha1Hex widely used' },
206
- { name: 'com.google.guava:guava', tier: TIERS.WEAK, algorithms: ['MD5', 'SHA-1'], note: 'Hashing.md5()/sha1() convenience methods' },
207
- { name: 'org.apache.commons:commons-crypto', tier: TIERS.WEAK, algorithms: ['AES-CTR', 'AES-CBC'], note: 'No AEAD modes, no GCM support' },
208
- { name: 'io.jsonwebtoken:jjwt', tier: TIERS.WEAK, algorithms: ['HS256', 'RS256'], note: 'Legacy monolithic artifact, replaced by jjwt-api' },
209
- { name: 'org.apache.santuario:xmlsec', tier: TIERS.WEAK, algorithms: ['RSA', 'SHA-1', 'DSA'], note: 'XML-DSIG defaults to SHA-1' },
210
- { name: 'org.apache.wss4j:wss4j-ws-security-common', tier: TIERS.WEAK, algorithms: ['SHA-1', 'AES-CBC'], note: 'WS-Security with legacy defaults' },
211
- { name: 'org.owasp.esapi:esapi', tier: TIERS.WEAK, algorithms: ['AES-CBC', 'SHA-1'], note: 'Legacy OWASP ESAPI, known CVEs' },
212
+ { name: 'org.bouncycastle:bcprov-jdk15on', tier: TIERS.WEAK, algorithms: ['AES', 'RSA', 'DES'], note: 'Superseded by jdk18on, no longer maintained', category: 'general', replacedBy: 'org.bouncycastle:bcprov-jdk18on' },
213
+ { name: 'org.bouncycastle:bcprov-jdk16', tier: TIERS.WEAK, algorithms: ['AES', 'RSA', 'DES'], note: 'Legacy JDK 1.6 build, unmaintained', category: 'general', replacedBy: 'org.bouncycastle:bcprov-jdk18on' },
214
+ { name: 'org.bouncycastle:bcpkix-jdk15on', tier: TIERS.WEAK, algorithms: ['RSA', 'ECDSA', 'X.509'], note: 'Superseded by jdk18on', category: 'signing', replacedBy: 'org.bouncycastle:bcpkix-jdk18on' },
215
+ { name: 'org.bouncycastle:bcpg-jdk15on', tier: TIERS.WEAK, algorithms: ['RSA', 'DSA', 'ElGamal'], note: 'Legacy OpenPGP build', category: 'general', replacedBy: 'org.bouncycastle:bcpg-jdk18on' },
216
+ { name: 'com.madgag.spongycastle:core', tier: TIERS.WEAK, algorithms: ['AES', 'RSA', 'DES'], note: 'BC Android fork, deprecated', category: 'general', replacedBy: 'org.bouncycastle:bcprov-jdk18on' },
217
+ { name: 'org.jasypt:jasypt', tier: TIERS.WEAK, algorithms: ['PBE', 'DES', 'MD5'], note: 'Defaults to PBEWithMD5AndDES, unmaintained since 2014', category: 'encryption', replacedBy: 'com.google.crypto.tink:tink' },
218
+ { name: 'org.keyczar:keyczar', tier: TIERS.WEAK, algorithms: ['AES', 'RSA', 'DSA'], note: 'Google Keyczar, archived project', category: 'general', replacedBy: 'com.google.crypto.tink:tink' },
219
+ { name: 'org.apache.commons:commons-crypto', tier: TIERS.MODERN, algorithms: ['AES-CTR', 'AES-CBC'], note: 'OpenSSL-backed AES; CTR and CBC modes', category: 'encryption' },
220
+ { name: 'io.jsonwebtoken:jjwt', tier: TIERS.MODERN, algorithms: ['HS256', 'RS256', 'ES256'], note: 'JWT library; legacy monolithic artifact, use jjwt-api for modular builds', category: 'jwt' },
221
+ { name: 'org.apache.santuario:xmlsec', tier: TIERS.WEAK, algorithms: ['RSA', 'SHA-1', 'DSA'], note: 'XML-DSIG defaults to SHA-1', category: 'signing', replacedBy: 'org.bouncycastle:bcprov-jdk18on' },
222
+ { name: 'org.apache.wss4j:wss4j-ws-security-common', tier: TIERS.WEAK, algorithms: ['SHA-1', 'AES-CBC'], note: 'WS-Security with legacy defaults', category: 'general', replacedBy: 'org.bouncycastle:bcprov-jdk18on' },
223
+ { name: 'org.owasp.esapi:esapi', tier: TIERS.WEAK, algorithms: ['AES-CBC', 'SHA-1'], note: 'Legacy OWASP ESAPI, known CVEs', category: 'general', replacedBy: 'com.google.crypto.tink:tink' },
212
224
 
213
225
  // --- modern ---
214
- { name: 'org.bouncycastle:bcprov-jdk18on', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ECDSA', 'Ed25519', 'ChaCha20-Poly1305'], note: 'Comprehensive JCA provider' },
215
- { name: 'org.bouncycastle:bcpkix-jdk18on', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'X.509', 'CMS'], note: 'PKI operations' },
216
- { name: 'org.bouncycastle:bctls-jdk18on', tier: TIERS.MODERN, algorithms: ['TLS 1.3', 'AES-GCM'], note: 'BC JSSE TLS provider' },
217
- { name: 'org.bouncycastle:bcpg-jdk18on', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'OpenPGP'], note: 'Modern OpenPGP' },
218
- { name: 'org.conscrypt:conscrypt-openjdk', tier: TIERS.MODERN, algorithms: ['TLS 1.3', 'AES-GCM', 'ChaCha20-Poly1305'], note: 'Google BoringSSL-backed provider' },
219
- { name: 'software.amazon.cryptools:AmazonCorrettoCryptoProvider', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ECDSA', 'HKDF'], note: 'AWS high-perf JCA provider' },
220
- { name: 'com.google.crypto.tink:tink', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'AES-SIV', 'ECDSA', 'Ed25519'], note: 'Google Tink misuse-resistant crypto' },
221
- { name: 'com.nimbusds:nimbus-jose-jwt', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA', 'AES-GCM'], note: 'Comprehensive JOSE/JWT/JWE' },
222
- { name: 'org.bitbucket.b_c:jose4j', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'AES-GCM'], note: 'JCA-only JOSE/JWT' },
223
- { name: 'io.jsonwebtoken:jjwt-api', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA'], note: 'JJWT modular API' },
224
- { name: 'com.auth0:java-jwt', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'PS256'], note: 'Auth0 JWT library' },
225
- { name: 'org.springframework.security:spring-security-crypto', tier: TIERS.MODERN, algorithms: ['bcrypt', 'scrypt', 'Argon2'], note: 'Spring Security password encoders' },
226
- { name: 'org.mindrot:jbcrypt', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Original Java bcrypt' },
227
- { name: 'com.password4j:password4j', tier: TIERS.MODERN, algorithms: ['Argon2', 'bcrypt', 'scrypt', 'PBKDF2'], note: 'Multi-algorithm password hashing' },
228
- { name: 'de.mkammerer:argon2-jvm', tier: TIERS.MODERN, algorithms: ['Argon2'], note: 'Argon2 JVM native bindings' },
229
- { name: 'software.amazon.awssdk:kms', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ECDSA'], note: 'AWS KMS SDK v2' },
230
- { name: 'com.amazonaws:aws-encryption-sdk-java', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA-OAEP', 'HKDF'], note: 'AWS envelope encryption' },
231
- { name: 'com.google.cloud:google-cloud-kms', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ECDSA'], note: 'GCP KMS client' },
232
- { name: 'com.azure:azure-security-keyvault-keys', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'AES-GCM'], note: 'Azure Key Vault keys' },
233
- { name: 'io.netty:netty-handler', tier: TIERS.MODERN, algorithms: ['TLS 1.3', 'AES-GCM'], note: 'Netty SSL/TLS handler' },
234
- { name: 'com.squareup.okhttp3:okhttp', tier: TIERS.MODERN, algorithms: ['TLS 1.3', 'AES-GCM'], note: 'HTTP client with modern TLS' },
235
- { name: 'org.signal:libsignal-client', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'AES-GCM'], note: 'Signal Protocol primitives' },
226
+ { name: 'org.bouncycastle:bcprov-jdk18on', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ECDSA', 'Ed25519', 'ChaCha20-Poly1305'], note: 'Comprehensive JCA provider', category: 'general' },
227
+ { name: 'org.bouncycastle:bcpkix-jdk18on', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'X.509', 'CMS'], note: 'PKI operations', category: 'signing' },
228
+ { name: 'org.bouncycastle:bctls-jdk18on', tier: TIERS.MODERN, algorithms: ['TLS 1.3', 'AES-GCM'], note: 'BC JSSE TLS provider', category: 'tls' },
229
+ { name: 'org.bouncycastle:bcpg-jdk18on', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'OpenPGP'], note: 'Modern OpenPGP', category: 'general' },
230
+ { name: 'org.conscrypt:conscrypt-openjdk', tier: TIERS.MODERN, algorithms: ['TLS 1.3', 'AES-GCM', 'ChaCha20-Poly1305'], note: 'Google BoringSSL-backed provider', category: 'tls' },
231
+ { name: 'software.amazon.cryptools:AmazonCorrettoCryptoProvider', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ECDSA', 'HKDF'], note: 'AWS high-perf JCA provider', category: 'general' },
232
+ { name: 'com.google.crypto.tink:tink', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'AES-SIV', 'ECDSA', 'Ed25519'], note: 'Google Tink misuse-resistant crypto', category: 'general' },
233
+ { name: 'com.nimbusds:nimbus-jose-jwt', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA', 'AES-GCM'], note: 'Comprehensive JOSE/JWT/JWE', category: 'jwt' },
234
+ { name: 'org.bitbucket.b_c:jose4j', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'AES-GCM'], note: 'JCA-only JOSE/JWT', category: 'jwt' },
235
+ { name: 'io.jsonwebtoken:jjwt-api', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA'], note: 'JJWT modular API', category: 'jwt' },
236
+ { name: 'com.auth0:java-jwt', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'PS256'], note: 'Auth0 JWT library', category: 'jwt' },
237
+ { name: 'org.springframework.security:spring-security-crypto', tier: TIERS.MODERN, algorithms: ['bcrypt', 'scrypt', 'Argon2'], note: 'Spring Security password encoders', category: 'kdf' },
238
+ { name: 'org.mindrot:jbcrypt', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Original Java bcrypt', category: 'kdf' },
239
+ { name: 'com.password4j:password4j', tier: TIERS.MODERN, algorithms: ['Argon2', 'bcrypt', 'scrypt', 'PBKDF2'], note: 'Multi-algorithm password hashing', category: 'kdf' },
240
+ { name: 'de.mkammerer:argon2-jvm', tier: TIERS.MODERN, algorithms: ['Argon2'], note: 'Argon2 JVM native bindings', category: 'kdf' },
241
+ { name: 'software.amazon.awssdk:kms', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ECDSA'], note: 'AWS KMS SDK v2', category: 'general' },
242
+ { name: 'com.amazonaws:aws-encryption-sdk-java', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA-OAEP', 'HKDF'], note: 'AWS envelope encryption', category: 'encryption' },
243
+ { name: 'com.google.cloud:google-cloud-kms', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ECDSA'], note: 'GCP KMS client', category: 'general' },
244
+ { name: 'com.azure:azure-security-keyvault-keys', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'AES-GCM'], note: 'Azure Key Vault keys', category: 'general' },
245
+ { name: 'io.netty:netty-handler', tier: TIERS.MODERN, algorithms: ['TLS 1.3', 'AES-GCM'], note: 'Netty SSL/TLS handler', category: 'tls' },
246
+ { name: 'com.squareup.okhttp3:okhttp', tier: TIERS.MODERN, algorithms: ['TLS 1.3', 'AES-GCM'], note: 'HTTP client with modern TLS', category: 'tls' },
247
+ { name: 'org.signal:libsignal-client', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'AES-GCM'], note: 'Signal Protocol primitives', category: 'general' },
236
248
 
237
249
  // --- pqc ---
238
- { name: 'org.bouncycastle:bcpqc-jdk18on', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA', 'NTRU', 'FrodoKEM'], note: 'BC PQC suite since v1.79' },
239
- { name: 'org.openquantumsafe:liboqs-java', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA', 'Falcon'], note: 'OQS JNI wrapper' },
250
+ { name: 'org.bouncycastle:bcpqc-jdk18on', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA', 'NTRU', 'FrodoKEM'], note: 'BC PQC suite since v1.79', category: 'general' },
251
+ { name: 'org.openquantumsafe:liboqs-java', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA', 'Falcon'], note: 'OQS JNI wrapper', category: 'general' },
240
252
  ];
241
253
 
242
254
  // =========================================================================
@@ -246,67 +258,67 @@ export const MAVEN_PACKAGES = [
246
258
  /** @type {import('./types').CatalogEntry[]} */
247
259
  export const CRATES_PACKAGES = [
248
260
  // --- weak ---
249
- { name: 'md-5', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'Collision-broken hash (RustCrypto)' },
250
- { name: 'md5', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'Collision-broken hash (third-party)' },
251
- { name: 'sha1', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'Collision-broken hash (RustCrypto)' },
252
- { name: 'sha-1', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'Collision-broken hash alias (RustCrypto)' },
253
- { name: 'des', tier: TIERS.WEAK, algorithms: ['DES', '3DES'], note: 'Deprecated block cipher (RustCrypto)' },
254
- { name: 'rc4', tier: TIERS.WEAK, algorithms: ['RC4'], note: 'Broken stream cipher' },
255
- { name: 'blowfish', tier: TIERS.WEAK, algorithms: ['Blowfish'], note: '64-bit block, Sweet32 vulnerable' },
256
- { name: 'cast5', tier: TIERS.WEAK, algorithms: ['CAST5'], note: 'Legacy 64-bit block cipher' },
257
- { name: 'idea', tier: TIERS.WEAK, algorithms: ['IDEA'], note: 'Legacy 64-bit block cipher' },
258
- { name: 'rust-crypto', tier: TIERS.WEAK, algorithms: ['AES', 'DES', 'MD5'], note: 'Unmaintained since 2016, RUSTSEC-2016-0005' },
259
- { name: 'ripemd', tier: TIERS.WEAK, algorithms: ['RIPEMD-160'], note: 'Legacy 160-bit hash' },
260
- { name: 'sodiumoxide', tier: TIERS.WEAK, algorithms: ['X25519', 'Ed25519'], note: 'Deprecated on GitHub, use dryoc or libsodium-sys' },
261
+ { name: 'md-5', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'Collision-broken hash (RustCrypto)', category: 'hashing', replacedBy: 'sha2' },
262
+ { name: 'md5', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'Collision-broken hash (third-party)', category: 'hashing', replacedBy: 'sha2' },
263
+ { name: 'sha1', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'Collision-broken hash (RustCrypto)', category: 'hashing', replacedBy: 'sha2' },
264
+ { name: 'sha-1', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'Collision-broken hash alias (RustCrypto)', category: 'hashing', replacedBy: 'sha2' },
265
+ { name: 'des', tier: TIERS.WEAK, algorithms: ['DES', '3DES'], note: 'Deprecated block cipher (RustCrypto)', category: 'encryption', replacedBy: 'aes-gcm' },
266
+ { name: 'rc4', tier: TIERS.WEAK, algorithms: ['RC4'], note: 'Broken stream cipher', category: 'encryption', replacedBy: 'chacha20poly1305' },
267
+ { name: 'blowfish', tier: TIERS.WEAK, algorithms: ['Blowfish'], note: '64-bit block, Sweet32 vulnerable', category: 'encryption', replacedBy: 'aes-gcm' },
268
+ { name: 'cast5', tier: TIERS.WEAK, algorithms: ['CAST5'], note: 'Legacy 64-bit block cipher', category: 'encryption', replacedBy: 'aes-gcm' },
269
+ { name: 'idea', tier: TIERS.WEAK, algorithms: ['IDEA'], note: 'Legacy 64-bit block cipher', category: 'encryption', replacedBy: 'aes-gcm' },
270
+ { name: 'rust-crypto', tier: TIERS.WEAK, algorithms: ['AES', 'DES', 'MD5'], note: 'Unmaintained since 2016, RUSTSEC-2016-0005', category: 'general', replacedBy: 'ring' },
271
+ { name: 'ripemd', tier: TIERS.WEAK, algorithms: ['RIPEMD-160'], note: 'Legacy 160-bit hash', category: 'hashing', replacedBy: 'sha2' },
272
+ { name: 'sodiumoxide', tier: TIERS.WEAK, algorithms: ['X25519', 'Ed25519'], note: 'Deprecated on GitHub, use dryoc or libsodium-sys', category: 'general', replacedBy: 'dryoc' },
261
273
 
262
274
  // --- modern ---
263
- { name: 'ring', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ChaCha20-Poly1305', 'Ed25519', 'X25519', 'RSA', 'ECDSA'], note: 'BoringSSL-backed, audited' },
264
- { name: 'aws-lc-rs', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ChaCha20-Poly1305', 'Ed25519', 'X25519', 'RSA'], note: 'AWS-LC backed, FIPS 140-3, ring-compatible' },
265
- { name: 'rustls', tier: TIERS.MODERN, algorithms: ['TLS 1.2', 'TLS 1.3'], note: 'Pure Rust TLS, audited' },
266
- { name: 'aes-gcm', tier: TIERS.MODERN, algorithms: ['AES-128-GCM', 'AES-256-GCM'], note: 'Audited AEAD (RustCrypto, Cure53)' },
267
- { name: 'chacha20poly1305', tier: TIERS.MODERN, algorithms: ['ChaCha20-Poly1305', 'XChaCha20-Poly1305'], note: 'Audited AEAD, RFC 8439 (RustCrypto)' },
268
- { name: 'aes', tier: TIERS.MODERN, algorithms: ['AES-128', 'AES-256'], note: 'AES block cipher with HW accel (RustCrypto)' },
269
- { name: 'chacha20', tier: TIERS.MODERN, algorithms: ['ChaCha20', 'XChaCha20'], note: 'Stream cipher (RustCrypto)' },
270
- { name: 'sha2', tier: TIERS.MODERN, algorithms: ['SHA-256', 'SHA-384', 'SHA-512'], note: 'NIST hash family (RustCrypto)' },
271
- { name: 'sha3', tier: TIERS.MODERN, algorithms: ['SHA3-256', 'SHA3-512', 'SHAKE'], note: 'Keccak-based hash (RustCrypto)' },
272
- { name: 'blake2', tier: TIERS.MODERN, algorithms: ['BLAKE2b', 'BLAKE2s'], note: 'Fast secure hash, RFC 7693 (RustCrypto)' },
273
- { name: 'blake3', tier: TIERS.MODERN, algorithms: ['BLAKE3'], note: 'Fastest secure hash (official crate)' },
274
- { name: 'hmac', tier: TIERS.MODERN, algorithms: ['HMAC'], note: 'HMAC authentication (RustCrypto)' },
275
- { name: 'hkdf', tier: TIERS.MODERN, algorithms: ['HKDF'], note: 'RFC 5869 KDF (RustCrypto)' },
276
- { name: 'argon2', tier: TIERS.MODERN, algorithms: ['Argon2id', 'Argon2i'], note: 'PHC winner password hash (RustCrypto)' },
277
- { name: 'bcrypt', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Password hashing (RustCrypto)' },
278
- { name: 'scrypt', tier: TIERS.MODERN, algorithms: ['scrypt'], note: 'Memory-hard KDF (RustCrypto)' },
279
- { name: 'pbkdf2', tier: TIERS.MODERN, algorithms: ['PBKDF2'], note: 'Password KDF, RFC 2898 (RustCrypto)' },
280
- { name: 'ed25519-dalek', tier: TIERS.MODERN, algorithms: ['Ed25519'], note: 'Fast Ed25519, audited (dalek-cryptography)' },
281
- { name: 'x25519-dalek', tier: TIERS.MODERN, algorithms: ['X25519'], note: 'X25519 ECDH, audited (dalek-cryptography)' },
282
- { name: 'curve25519-dalek', tier: TIERS.MODERN, algorithms: ['Curve25519', 'Ristretto255'], note: 'Group operations, audited (dalek-cryptography)' },
283
- { name: 'rsa', tier: TIERS.MODERN, algorithms: ['RSA-OAEP', 'RSA-PSS'], note: 'Pure Rust RSA, audited (RustCrypto)' },
284
- { name: 'p256', tier: TIERS.MODERN, algorithms: ['NIST P-256', 'ECDSA', 'ECDH'], note: 'secp256r1 (RustCrypto)' },
285
- { name: 'p384', tier: TIERS.MODERN, algorithms: ['NIST P-384', 'ECDSA', 'ECDH'], note: 'secp384r1 (RustCrypto)' },
286
- { name: 'k256', tier: TIERS.MODERN, algorithms: ['secp256k1', 'ECDSA'], note: 'Bitcoin/Ethereum curve, audited (RustCrypto)' },
287
- { name: 'ecdsa', tier: TIERS.MODERN, algorithms: ['ECDSA'], note: 'ECDSA signing/verification (RustCrypto)' },
288
- { name: 'orion', tier: TIERS.MODERN, algorithms: ['ChaCha20-Poly1305', 'BLAKE2b', 'Argon2i', 'X25519'], note: 'Pure Rust easy-to-use crypto' },
289
- { name: 'dryoc', tier: TIERS.MODERN, algorithms: ['X25519', 'XSalsa20-Poly1305', 'Ed25519'], note: 'Pure Rust libsodium-compatible' },
290
- { name: 'snow', tier: TIERS.MODERN, algorithms: ['Noise', 'X25519', 'ChaCha20-Poly1305'], note: 'Noise Protocol Framework' },
291
- { name: 'jsonwebtoken', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA', 'HS256'], note: 'JWT for Rust' },
292
- { name: 'sequoia-openpgp', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'AES'], note: 'Full OpenPGP (RFC 9580)' },
293
- { name: 'rcgen', tier: TIERS.MODERN, algorithms: ['X.509', 'ECDSA', 'Ed25519', 'RSA'], note: 'X.509 certificate generation' },
294
- { name: 'subtle', tier: TIERS.MODERN, algorithms: ['constant-time'], note: 'Constant-time ops (dalek-cryptography)' },
295
- { name: 'zeroize', tier: TIERS.MODERN, algorithms: ['memory zeroing'], note: 'Secure memory zeroing (RustCrypto)' },
296
- { name: 'crypto-bigint', tier: TIERS.MODERN, algorithms: ['big integer'], note: 'Constant-time bignum (RustCrypto, audited)' },
297
- { name: 'cryptoki', tier: TIERS.MODERN, algorithms: ['PKCS#11'], note: 'HSM interface' },
275
+ { name: 'ring', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ChaCha20-Poly1305', 'Ed25519', 'X25519', 'RSA', 'ECDSA'], note: 'BoringSSL-backed, audited', category: 'general' },
276
+ { name: 'aws-lc-rs', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ChaCha20-Poly1305', 'Ed25519', 'X25519', 'RSA'], note: 'AWS-LC backed, FIPS 140-3, ring-compatible', category: 'general' },
277
+ { name: 'rustls', tier: TIERS.MODERN, algorithms: ['TLS 1.2', 'TLS 1.3'], note: 'Pure Rust TLS, audited', category: 'tls' },
278
+ { name: 'aes-gcm', tier: TIERS.MODERN, algorithms: ['AES-128-GCM', 'AES-256-GCM'], note: 'Audited AEAD (RustCrypto, Cure53)', category: 'encryption' },
279
+ { name: 'chacha20poly1305', tier: TIERS.MODERN, algorithms: ['ChaCha20-Poly1305', 'XChaCha20-Poly1305'], note: 'Audited AEAD, RFC 8439 (RustCrypto)', category: 'encryption' },
280
+ { name: 'aes', tier: TIERS.MODERN, algorithms: ['AES-128', 'AES-256'], note: 'AES block cipher with HW accel (RustCrypto)', category: 'encryption' },
281
+ { name: 'chacha20', tier: TIERS.MODERN, algorithms: ['ChaCha20', 'XChaCha20'], note: 'Stream cipher (RustCrypto)', category: 'encryption' },
282
+ { name: 'sha2', tier: TIERS.MODERN, algorithms: ['SHA-256', 'SHA-384', 'SHA-512'], note: 'NIST hash family (RustCrypto)', category: 'hashing' },
283
+ { name: 'sha3', tier: TIERS.MODERN, algorithms: ['SHA3-256', 'SHA3-512', 'SHAKE'], note: 'Keccak-based hash (RustCrypto)', category: 'hashing' },
284
+ { name: 'blake2', tier: TIERS.MODERN, algorithms: ['BLAKE2b', 'BLAKE2s'], note: 'Fast secure hash, RFC 7693 (RustCrypto)', category: 'hashing' },
285
+ { name: 'blake3', tier: TIERS.MODERN, algorithms: ['BLAKE3'], note: 'Fastest secure hash (official crate)', category: 'hashing' },
286
+ { name: 'hmac', tier: TIERS.MODERN, algorithms: ['HMAC'], note: 'HMAC authentication (RustCrypto)', category: 'hashing' },
287
+ { name: 'hkdf', tier: TIERS.MODERN, algorithms: ['HKDF'], note: 'RFC 5869 KDF (RustCrypto)', category: 'kdf' },
288
+ { name: 'argon2', tier: TIERS.MODERN, algorithms: ['Argon2id', 'Argon2i'], note: 'PHC winner password hash (RustCrypto)', category: 'kdf' },
289
+ { name: 'bcrypt', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Password hashing (RustCrypto)', category: 'kdf' },
290
+ { name: 'scrypt', tier: TIERS.MODERN, algorithms: ['scrypt'], note: 'Memory-hard KDF (RustCrypto)', category: 'kdf' },
291
+ { name: 'pbkdf2', tier: TIERS.MODERN, algorithms: ['PBKDF2'], note: 'Password KDF, RFC 2898 (RustCrypto)', category: 'kdf' },
292
+ { name: 'ed25519-dalek', tier: TIERS.MODERN, algorithms: ['Ed25519'], note: 'Fast Ed25519, audited (dalek-cryptography)', category: 'signing' },
293
+ { name: 'x25519-dalek', tier: TIERS.MODERN, algorithms: ['X25519'], note: 'X25519 ECDH, audited (dalek-cryptography)', category: 'signing' },
294
+ { name: 'curve25519-dalek', tier: TIERS.MODERN, algorithms: ['Curve25519', 'Ristretto255'], note: 'Group operations, audited (dalek-cryptography)', category: 'signing' },
295
+ { name: 'rsa', tier: TIERS.MODERN, algorithms: ['RSA-OAEP', 'RSA-PSS'], note: 'Pure Rust RSA, audited (RustCrypto)', category: 'signing' },
296
+ { name: 'p256', tier: TIERS.MODERN, algorithms: ['NIST P-256', 'ECDSA', 'ECDH'], note: 'secp256r1 (RustCrypto)', category: 'signing' },
297
+ { name: 'p384', tier: TIERS.MODERN, algorithms: ['NIST P-384', 'ECDSA', 'ECDH'], note: 'secp384r1 (RustCrypto)', category: 'signing' },
298
+ { name: 'k256', tier: TIERS.MODERN, algorithms: ['secp256k1', 'ECDSA'], note: 'Bitcoin/Ethereum curve, audited (RustCrypto)', category: 'signing' },
299
+ { name: 'ecdsa', tier: TIERS.MODERN, algorithms: ['ECDSA'], note: 'ECDSA signing/verification (RustCrypto)', category: 'signing' },
300
+ { name: 'orion', tier: TIERS.MODERN, algorithms: ['ChaCha20-Poly1305', 'BLAKE2b', 'Argon2i', 'X25519'], note: 'Pure Rust easy-to-use crypto', category: 'general' },
301
+ { name: 'dryoc', tier: TIERS.MODERN, algorithms: ['X25519', 'XSalsa20-Poly1305', 'Ed25519'], note: 'Pure Rust libsodium-compatible', category: 'general' },
302
+ { name: 'snow', tier: TIERS.MODERN, algorithms: ['Noise', 'X25519', 'ChaCha20-Poly1305'], note: 'Noise Protocol Framework', category: 'tls' },
303
+ { name: 'jsonwebtoken', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA', 'HS256'], note: 'JWT for Rust', category: 'jwt' },
304
+ { name: 'sequoia-openpgp', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'AES'], note: 'Full OpenPGP (RFC 9580)', category: 'general' },
305
+ { name: 'rcgen', tier: TIERS.MODERN, algorithms: ['X.509', 'ECDSA', 'Ed25519', 'RSA'], note: 'X.509 certificate generation', category: 'tls' },
306
+ { name: 'subtle', tier: TIERS.MODERN, algorithms: ['constant-time'], note: 'Constant-time ops (dalek-cryptography)', category: 'general' },
307
+ { name: 'zeroize', tier: TIERS.MODERN, algorithms: ['memory zeroing'], note: 'Secure memory zeroing (RustCrypto)', category: 'general' },
308
+ { name: 'crypto-bigint', tier: TIERS.MODERN, algorithms: ['big integer'], note: 'Constant-time bignum (RustCrypto, audited)', category: 'general' },
309
+ { name: 'cryptoki', tier: TIERS.MODERN, algorithms: ['PKCS#11'], note: 'HSM interface', category: 'general' },
298
310
 
299
311
  // --- pqc ---
300
- { name: 'ml-kem', tier: TIERS.PQC, algorithms: ['ML-KEM-512', 'ML-KEM-768', 'ML-KEM-1024'], note: 'FIPS 203 pure Rust (RustCrypto)' },
301
- { name: 'ml-dsa', tier: TIERS.PQC, algorithms: ['ML-DSA-44', 'ML-DSA-65', 'ML-DSA-87'], note: 'FIPS 204 pure Rust (RustCrypto)' },
302
- { name: 'slh-dsa', tier: TIERS.PQC, algorithms: ['SLH-DSA'], note: 'FIPS 205 pure Rust (RustCrypto)' },
303
- { name: 'pqcrypto', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SPHINCS+'], note: 'Meta-crate, wraps PQClean C' },
304
- { name: 'pqcrypto-kyber', tier: TIERS.PQC, algorithms: ['Kyber/ML-KEM'], note: 'Kyber KEM (PQClean wrapper)' },
305
- { name: 'pqcrypto-dilithium', tier: TIERS.PQC, algorithms: ['Dilithium/ML-DSA'], note: 'Dilithium signatures (PQClean wrapper)' },
306
- { name: 'pqcrypto-sphincsplus', tier: TIERS.PQC, algorithms: ['SPHINCS+/SLH-DSA'], note: 'Hash-based signatures (PQClean wrapper)' },
307
- { name: 'pqcrypto-classicmceliece', tier: TIERS.PQC, algorithms: ['Classic McEliece'], note: 'Code-based KEM' },
308
- { name: 'oqs', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'Falcon'], note: 'OQS Rust wrapper' },
309
- { name: 'quantcrypt', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA'], note: 'High-level PQC with X.509 integration' },
312
+ { name: 'ml-kem', tier: TIERS.PQC, algorithms: ['ML-KEM-512', 'ML-KEM-768', 'ML-KEM-1024'], note: 'FIPS 203 pure Rust (RustCrypto)', category: 'encryption' },
313
+ { name: 'ml-dsa', tier: TIERS.PQC, algorithms: ['ML-DSA-44', 'ML-DSA-65', 'ML-DSA-87'], note: 'FIPS 204 pure Rust (RustCrypto)', category: 'signing' },
314
+ { name: 'slh-dsa', tier: TIERS.PQC, algorithms: ['SLH-DSA'], note: 'FIPS 205 pure Rust (RustCrypto)', category: 'signing' },
315
+ { name: 'pqcrypto', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SPHINCS+'], note: 'Meta-crate, wraps PQClean C', category: 'general' },
316
+ { name: 'pqcrypto-kyber', tier: TIERS.PQC, algorithms: ['Kyber/ML-KEM'], note: 'Kyber KEM (PQClean wrapper)', category: 'encryption' },
317
+ { name: 'pqcrypto-dilithium', tier: TIERS.PQC, algorithms: ['Dilithium/ML-DSA'], note: 'Dilithium signatures (PQClean wrapper)', category: 'signing' },
318
+ { name: 'pqcrypto-sphincsplus', tier: TIERS.PQC, algorithms: ['SPHINCS+/SLH-DSA'], note: 'Hash-based signatures (PQClean wrapper)', category: 'signing' },
319
+ { name: 'pqcrypto-classicmceliece', tier: TIERS.PQC, algorithms: ['Classic McEliece'], note: 'Code-based KEM', category: 'encryption' },
320
+ { name: 'oqs', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'Falcon'], note: 'OQS Rust wrapper', category: 'general' },
321
+ { name: 'quantcrypt', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA'], note: 'High-level PQC with X.509 integration', category: 'general' },
310
322
  ];
311
323
 
312
324
  // =========================================================================
@@ -316,32 +328,32 @@ export const CRATES_PACKAGES = [
316
328
  /** @type {import('./types').CatalogEntry[]} */
317
329
  export const PACKAGIST_PACKAGES = [
318
330
  // --- weak ---
319
- { name: 'paragonie/random_compat', tier: TIERS.WEAK, algorithms: ['CSPRNG'], note: 'PHP 5.x polyfill; obsolete on PHP 7+' },
320
- { name: 'ircmaxell/password-compat', tier: TIERS.WEAK, algorithms: ['bcrypt'], note: 'PHP 5.3/5.4 polyfill; obsolete on PHP 7+' },
321
- { name: 'phpseclib/mcrypt_compat', tier: TIERS.WEAK, algorithms: ['DES', 'Blowfish', '3DES', 'RC4'], note: 'Polyfill for removed ext-mcrypt' },
322
- { name: 'namshi/jose', tier: TIERS.WEAK, algorithms: ['JWT', 'HS256', 'RS256'], note: 'Last release 2018; CVEs for alg confusion' },
323
- { name: 'gree/jose', tier: TIERS.WEAK, algorithms: ['JWT'], note: 'Abandoned by maintainer' },
324
- { name: 'mdanter/ecc', tier: TIERS.WEAK, algorithms: ['ECDSA', 'ECDH'], note: 'Abandoned; superseded by paragonie/ecc' },
325
- { name: 'laminas/laminas-crypt', tier: TIERS.WEAK, algorithms: ['AES-CBC', 'RSA', 'bcrypt'], note: 'Marked abandoned by Laminas' },
326
- { name: 'bordoni/phpass', tier: TIERS.WEAK, algorithms: ['bcrypt'], note: 'Portable phpass; deprecated API' },
327
- { name: 'ircmaxell/random-lib', tier: TIERS.WEAK, algorithms: ['CSPRNG'], note: 'Pre-PHP-7 random library' },
331
+ { name: 'paragonie/random_compat', tier: TIERS.WEAK, algorithms: ['CSPRNG'], note: 'PHP 5.x polyfill; obsolete on PHP 7+', category: 'general', replacedBy: 'random_bytes()' },
332
+ { name: 'ircmaxell/password-compat', tier: TIERS.WEAK, algorithms: ['bcrypt'], note: 'PHP 5.3/5.4 polyfill; obsolete on PHP 7+', category: 'kdf', replacedBy: 'password_hash()' },
333
+ { name: 'phpseclib/mcrypt_compat', tier: TIERS.WEAK, algorithms: ['DES', 'Blowfish', '3DES', 'RC4'], note: 'Polyfill for removed ext-mcrypt', category: 'encryption', replacedBy: 'defuse/php-encryption' },
334
+ { name: 'namshi/jose', tier: TIERS.WEAK, algorithms: ['JWT', 'HS256', 'RS256'], note: 'Last release 2018; CVEs for alg confusion', category: 'jwt', replacedBy: 'firebase/php-jwt' },
335
+ { name: 'gree/jose', tier: TIERS.WEAK, algorithms: ['JWT'], note: 'Abandoned by maintainer', category: 'jwt', replacedBy: 'web-token/jwt-framework' },
336
+ { name: 'mdanter/ecc', tier: TIERS.WEAK, algorithms: ['ECDSA', 'ECDH'], note: 'Abandoned; superseded by paragonie/ecc', category: 'signing', replacedBy: 'phpseclib/phpseclib' },
337
+ { name: 'laminas/laminas-crypt', tier: TIERS.WEAK, algorithms: ['AES-CBC', 'RSA', 'bcrypt'], note: 'Marked abandoned by Laminas', category: 'general', replacedBy: 'defuse/php-encryption' },
338
+ { name: 'bordoni/phpass', tier: TIERS.WEAK, algorithms: ['bcrypt'], note: 'Portable phpass; deprecated API', category: 'kdf', replacedBy: 'password_hash()' },
339
+ { name: 'ircmaxell/random-lib', tier: TIERS.WEAK, algorithms: ['CSPRNG'], note: 'Pre-PHP-7 random library', category: 'general', replacedBy: 'random_bytes()' },
328
340
 
329
341
  // --- modern ---
330
- { name: 'phpseclib/phpseclib', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'AES-GCM', 'ChaCha20'], note: 'Pure-PHP crypto; use v3.0.36+' },
331
- { name: 'defuse/php-encryption', tier: TIERS.MODERN, algorithms: ['AES-256-CTR', 'HMAC-SHA256'], note: 'Audited symmetric encryption; zero CVEs' },
332
- { name: 'paragonie/sodium_compat', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'ChaCha20-Poly1305'], note: 'libsodium polyfill' },
333
- { name: 'paragonie/halite', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'ChaCha20-Poly1305', 'Argon2id'], note: 'Misuse-resistant API over libsodium' },
334
- { name: 'firebase/php-jwt', tier: TIERS.MODERN, algorithms: ['HS256', 'RS256', 'ES256', 'EdDSA'], note: 'Most-downloaded PHP JWT; use v7.0+' },
335
- { name: 'lcobucci/jwt', tier: TIERS.MODERN, algorithms: ['HS256', 'RS256', 'ES256', 'EdDSA'], note: 'Strict JWT; use v5.x' },
336
- { name: 'web-token/jwt-framework', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA', 'AES-GCM', 'ECDH-ES'], note: 'Full JOSE/JWE/JWS' },
337
- { name: 'symfony/password-hasher', tier: TIERS.MODERN, algorithms: ['bcrypt', 'Argon2id'], note: 'Symfony password hasher' },
338
- { name: 'illuminate/hashing', tier: TIERS.MODERN, algorithms: ['bcrypt', 'Argon2id'], note: 'Laravel hashing' },
339
- { name: 'paragonie/paseto', tier: TIERS.MODERN, algorithms: ['Ed25519', 'XChaCha20-Poly1305'], note: 'PASETO v4; preferred over JWT' },
340
- { name: 'spomky-labs/pki-framework', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'X.509'], note: 'Comprehensive PHP PKI' },
341
- { name: 'paragonie/ciphersweet', tier: TIERS.MODERN, algorithms: ['AES-256-CTR', 'XChaCha20-Poly1305'], note: 'Searchable field-level encryption' },
342
+ { name: 'phpseclib/phpseclib', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'AES-GCM', 'ChaCha20'], note: 'Pure-PHP crypto; use v3.0.36+', category: 'general' },
343
+ { name: 'defuse/php-encryption', tier: TIERS.MODERN, algorithms: ['AES-256-CTR', 'HMAC-SHA256'], note: 'Audited symmetric encryption; zero CVEs', category: 'encryption' },
344
+ { name: 'paragonie/sodium_compat', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'ChaCha20-Poly1305'], note: 'libsodium polyfill', category: 'general' },
345
+ { name: 'paragonie/halite', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'ChaCha20-Poly1305', 'Argon2id'], note: 'Misuse-resistant API over libsodium', category: 'general' },
346
+ { name: 'firebase/php-jwt', tier: TIERS.MODERN, algorithms: ['HS256', 'RS256', 'ES256', 'EdDSA'], note: 'Most-downloaded PHP JWT; use v7.0+', category: 'jwt' },
347
+ { name: 'lcobucci/jwt', tier: TIERS.MODERN, algorithms: ['HS256', 'RS256', 'ES256', 'EdDSA'], note: 'Strict JWT; use v5.x', category: 'jwt' },
348
+ { name: 'web-token/jwt-framework', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA', 'AES-GCM', 'ECDH-ES'], note: 'Full JOSE/JWE/JWS', category: 'jwt' },
349
+ { name: 'symfony/password-hasher', tier: TIERS.MODERN, algorithms: ['bcrypt', 'Argon2id'], note: 'Symfony password hasher', category: 'kdf' },
350
+ { name: 'illuminate/hashing', tier: TIERS.MODERN, algorithms: ['bcrypt', 'Argon2id'], note: 'Laravel hashing', category: 'kdf' },
351
+ { name: 'paragonie/paseto', tier: TIERS.MODERN, algorithms: ['Ed25519', 'XChaCha20-Poly1305'], note: 'PASETO v4; preferred over JWT', category: 'jwt' },
352
+ { name: 'spomky-labs/pki-framework', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'X.509'], note: 'Comprehensive PHP PKI', category: 'signing' },
353
+ { name: 'paragonie/ciphersweet', tier: TIERS.MODERN, algorithms: ['AES-256-CTR', 'XChaCha20-Poly1305'], note: 'Searchable field-level encryption', category: 'encryption' },
342
354
 
343
355
  // --- pqc ---
344
- { name: 'secudoc/php-liboqs', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA'], note: 'PHP C extension wrapping liboqs; experimental' },
356
+ { name: 'secudoc/php-liboqs', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA'], note: 'PHP C extension wrapping liboqs; experimental', category: 'general' },
345
357
  ];
346
358
 
347
359
  // =========================================================================
@@ -351,38 +363,37 @@ export const PACKAGIST_PACKAGES = [
351
363
  /** @type {import('./types').CatalogEntry[]} */
352
364
  export const NUGET_PACKAGES = [
353
365
  // --- weak ---
354
- { name: 'Portable.BouncyCastle', tier: TIERS.WEAK, algorithms: ['AES', 'RSA', 'DES'], note: 'EOL since 2021; superseded by BouncyCastle.Cryptography' },
355
- { name: 'BouncyCastle.NetCore', tier: TIERS.WEAK, algorithms: ['AES', 'RSA'], note: 'Unofficial, unmaintained since 2022' },
356
- { name: 'BouncyCastle', tier: TIERS.WEAK, algorithms: ['AES', 'RSA'], note: 'Original namespaced package, EOL' },
357
- { name: 'Microsoft.Owin.Security.Jwt', tier: TIERS.WEAK, algorithms: ['JWT', 'RS256'], note: 'OWIN-era; no ECDSA/EdDSA' },
358
- { name: 'Microsoft.Azure.KeyVault', tier: TIERS.WEAK, algorithms: ['RSA', 'AES'], note: 'Deprecated v1 SDK; use Azure.Security.KeyVault.*' },
359
- { name: 'DotNetOpenAuth.Core', tier: TIERS.WEAK, algorithms: ['RSA', 'HMAC'], note: 'Archived, unmaintained since 2015' },
360
- { name: 'CryptSharpOfficial', tier: TIERS.WEAK, algorithms: ['SCrypt', 'MD5-crypt'], note: 'Legacy crypt implementations' },
361
- { name: 'CryptoHelper', tier: TIERS.WEAK, algorithms: ['bcrypt'], note: 'Unmaintained since 2020' },
366
+ { name: 'Portable.BouncyCastle', tier: TIERS.WEAK, algorithms: ['AES', 'RSA', 'DES'], note: 'EOL since 2021; superseded by BouncyCastle.Cryptography', category: 'general', replacedBy: 'BouncyCastle.Cryptography' },
367
+ { name: 'BouncyCastle.NetCore', tier: TIERS.WEAK, algorithms: ['AES', 'RSA'], note: 'Unofficial, unmaintained since 2022', category: 'general', replacedBy: 'BouncyCastle.Cryptography' },
368
+ { name: 'BouncyCastle', tier: TIERS.WEAK, algorithms: ['AES', 'RSA'], note: 'Original namespaced package, EOL', category: 'general', replacedBy: 'BouncyCastle.Cryptography' },
369
+ { name: 'Microsoft.Owin.Security.Jwt', tier: TIERS.WEAK, algorithms: ['JWT', 'RS256'], note: 'OWIN-era; no ECDSA/EdDSA', category: 'jwt', replacedBy: 'System.IdentityModel.Tokens.Jwt' },
370
+ { name: 'Microsoft.Azure.KeyVault', tier: TIERS.WEAK, algorithms: ['RSA', 'AES'], note: 'Deprecated v1 SDK; use Azure.Security.KeyVault.*', category: 'general', replacedBy: 'Azure.Security.KeyVault.Keys' },
371
+ { name: 'DotNetOpenAuth.Core', tier: TIERS.WEAK, algorithms: ['RSA', 'HMAC'], note: 'Archived, unmaintained since 2015', category: 'general', replacedBy: 'Microsoft.IdentityModel.Tokens' },
372
+ { name: 'CryptSharpOfficial', tier: TIERS.WEAK, algorithms: ['SCrypt', 'MD5-crypt'], note: 'Legacy crypt implementations', category: 'kdf', replacedBy: 'BCrypt.Net-Next' },
373
+ { name: 'CryptoHelper', tier: TIERS.WEAK, algorithms: ['bcrypt'], note: 'Unmaintained since 2020', category: 'kdf', replacedBy: 'BCrypt.Net-Next' },
362
374
 
363
375
  // --- modern ---
364
- { name: 'BouncyCastle.Cryptography', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ChaCha20-Poly1305', 'Ed25519', 'X25519', 'TLS 1.3'], note: 'Official BC .NET; actively maintained' },
365
- { name: 'System.IdentityModel.Tokens.Jwt', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256'], note: 'Microsoft JWT library' },
366
- { name: 'Microsoft.IdentityModel.Tokens', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA'], note: 'Token validation infrastructure' },
367
- { name: 'Microsoft.AspNetCore.DataProtection', tier: TIERS.MODERN, algorithms: ['AES-256-CBC', 'HMAC-SHA256'], note: 'ASP.NET Core data protection' },
368
- { name: 'BCrypt.Net-Next', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Well-maintained bcrypt' },
369
- { name: 'Konscious.Security.Cryptography.Argon2', tier: TIERS.MODERN, algorithms: ['Argon2id', 'Argon2i'], note: 'Pure C# Argon2' },
370
- { name: 'Isopoh.Cryptography.Argon2', tier: TIERS.MODERN, algorithms: ['Argon2'], note: 'Argon2 with memory security' },
371
- { name: 'NSec.Cryptography', tier: TIERS.MODERN, algorithms: ['Ed25519', 'X25519', 'AES-256-GCM', 'ChaCha20-Poly1305'], note: 'Modern .NET 8+ libsodium API' },
372
- { name: 'libsodium', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'ChaCha20-Poly1305'], note: 'Native libsodium binaries' },
373
- { name: 'NaCl.Net', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'XSalsa20-Poly1305'], note: 'libsodium .NET bindings' },
374
- { name: 'Sodium.Core', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519'], note: 'libsodium managed wrapper' },
375
- { name: 'JWT', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256', 'PS256'], note: 'Lightweight JWT' },
376
- { name: 'jose-jwt', tier: TIERS.MODERN, algorithms: ['JWS', 'JWE', 'AES-GCM', 'ECDH-ES', 'EdDSA'], note: 'Full JOSE' },
377
- { name: 'Azure.Security.KeyVault.Keys', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'AES-GCM'], note: 'Azure KV keys' },
378
- { name: 'AWSSDK.KeyManagementService', tier: TIERS.MODERN, algorithms: ['AES-256', 'RSA', 'ECDSA'], note: 'AWS KMS .NET SDK' },
379
- { name: 'MimeKit', tier: TIERS.MODERN, algorithms: ['S/MIME', 'RSA-OAEP', 'AES-GCM', 'EdDSA'], note: 'S/MIME and OpenPGP' },
380
- { name: 'Pkcs11Interop', tier: TIERS.MODERN, algorithms: ['PKCS#11'], note: 'HSM interface' },
381
- { name: 'Inferno', tier: TIERS.MODERN, algorithms: ['AES-CBC', 'HMAC-SHA2'], note: 'SuiteB authenticated encryption' },
376
+ { name: 'BouncyCastle.Cryptography', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ChaCha20-Poly1305', 'Ed25519', 'X25519', 'TLS 1.3', 'ML-KEM', 'ML-DSA'], note: 'Official BC .NET; includes PQC suite since v2.0', category: 'general' },
377
+ { name: 'System.IdentityModel.Tokens.Jwt', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256'], note: 'Microsoft JWT library', category: 'jwt' },
378
+ { name: 'Microsoft.IdentityModel.Tokens', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA'], note: 'Token validation infrastructure', category: 'jwt' },
379
+ { name: 'Microsoft.AspNetCore.DataProtection', tier: TIERS.MODERN, algorithms: ['AES-256-CBC', 'HMAC-SHA256'], note: 'ASP.NET Core data protection', category: 'encryption' },
380
+ { name: 'BCrypt.Net-Next', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Well-maintained bcrypt', category: 'kdf' },
381
+ { name: 'Konscious.Security.Cryptography.Argon2', tier: TIERS.MODERN, algorithms: ['Argon2id', 'Argon2i'], note: 'Pure C# Argon2', category: 'kdf' },
382
+ { name: 'Isopoh.Cryptography.Argon2', tier: TIERS.MODERN, algorithms: ['Argon2'], note: 'Argon2 with memory security', category: 'kdf' },
383
+ { name: 'NSec.Cryptography', tier: TIERS.MODERN, algorithms: ['Ed25519', 'X25519', 'AES-256-GCM', 'ChaCha20-Poly1305'], note: 'Modern .NET 8+ libsodium API', category: 'general' },
384
+ { name: 'libsodium', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'ChaCha20-Poly1305'], note: 'Native libsodium binaries', category: 'general' },
385
+ { name: 'NaCl.Net', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'XSalsa20-Poly1305'], note: 'libsodium .NET bindings', category: 'general' },
386
+ { name: 'Sodium.Core', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519'], note: 'libsodium managed wrapper', category: 'general' },
387
+ { name: 'JWT', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256', 'PS256'], note: 'Lightweight JWT', category: 'jwt' },
388
+ { name: 'jose-jwt', tier: TIERS.MODERN, algorithms: ['JWS', 'JWE', 'AES-GCM', 'ECDH-ES', 'EdDSA'], note: 'Full JOSE', category: 'jwt' },
389
+ { name: 'Azure.Security.KeyVault.Keys', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'AES-GCM'], note: 'Azure KV keys', category: 'general' },
390
+ { name: 'AWSSDK.KeyManagementService', tier: TIERS.MODERN, algorithms: ['AES-256', 'RSA', 'ECDSA'], note: 'AWS KMS .NET SDK', category: 'general' },
391
+ { name: 'MimeKit', tier: TIERS.MODERN, algorithms: ['S/MIME', 'RSA-OAEP', 'AES-GCM', 'EdDSA'], note: 'S/MIME and OpenPGP', category: 'general' },
392
+ { name: 'Pkcs11Interop', tier: TIERS.MODERN, algorithms: ['PKCS#11'], note: 'HSM interface', category: 'general' },
393
+ { name: 'Inferno', tier: TIERS.MODERN, algorithms: ['AES-CBC', 'HMAC-SHA2'], note: 'SuiteB authenticated encryption', category: 'encryption' },
382
394
 
383
395
  // --- pqc ---
384
- { name: 'BouncyCastle.Cryptography', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA', 'NTRU', 'FrodoKEM'], note: 'BC PQC suite since v2.0' },
385
- { name: 'LibOQS.NET', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'Falcon', 'SPHINCS+'], note: 'OQS .NET wrapper' },
396
+ { name: 'LibOQS.NET', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'Falcon', 'SPHINCS+'], note: 'OQS .NET wrapper', category: 'general' },
386
397
  ];
387
398
 
388
399
  // =========================================================================
@@ -392,37 +403,35 @@ export const NUGET_PACKAGES = [
392
403
  /** @type {import('./types').CatalogEntry[]} */
393
404
  export const RUBYGEMS_PACKAGES = [
394
405
  // --- weak ---
395
- { name: 'digest', tier: TIERS.WEAK, algorithms: ['MD5', 'SHA-1'], note: 'Stdlib; Digest::MD5 and Digest::SHA1 widely used' },
396
- { name: 'digest-crc', tier: TIERS.WEAK, algorithms: ['CRC32', 'CRC16'], note: 'CRC checksums, not cryptographic' },
397
- { name: 'crypt', tier: TIERS.WEAK, algorithms: ['DES-crypt', 'MD5-crypt'], note: 'Unix crypt() wrapper, legacy password hashing' },
398
- { name: 'fast-aes', tier: TIERS.WEAK, algorithms: ['AES-ECB'], note: 'AES in ECB mode only, no IV, no authentication' },
399
- { name: 'gibberish', tier: TIERS.WEAK, algorithms: ['AES-256-CBC', 'SHA-1'], note: 'Uses SHA-1 for key derivation' },
400
- { name: 'ezcrypto', tier: TIERS.WEAK, algorithms: ['Blowfish', 'DES'], note: 'Unmaintained since 2009' },
401
- { name: 'crypt19', tier: TIERS.WEAK, algorithms: ['Blowfish', 'GOST'], note: 'Legacy ciphers, unmaintained' },
402
- { name: 'gpgme', tier: TIERS.WEAK, algorithms: ['RSA', 'DSA', 'CAST5'], note: 'GnuPG bindings, often uses legacy defaults' },
406
+ { name: 'crypt', tier: TIERS.WEAK, algorithms: ['DES-crypt', 'MD5-crypt'], note: 'Unix crypt() wrapper, legacy password hashing', category: 'kdf', replacedBy: 'bcrypt' },
407
+ { name: 'fast-aes', tier: TIERS.WEAK, algorithms: ['AES-ECB'], note: 'AES in ECB mode only, no IV, no authentication', category: 'encryption', replacedBy: 'openssl' },
408
+ { name: 'gibberish', tier: TIERS.WEAK, algorithms: ['AES-256-CBC', 'SHA-1'], note: 'Uses SHA-1 for key derivation', category: 'encryption', replacedBy: 'openssl' },
409
+ { name: 'ezcrypto', tier: TIERS.WEAK, algorithms: ['Blowfish', 'DES'], note: 'Unmaintained since 2009', category: 'encryption', replacedBy: 'openssl' },
410
+ { name: 'crypt19', tier: TIERS.WEAK, algorithms: ['Blowfish', 'GOST'], note: 'Legacy ciphers, unmaintained', category: 'encryption', replacedBy: 'openssl' },
411
+ { name: 'gpgme', tier: TIERS.WEAK, algorithms: ['RSA', 'DSA', 'CAST5'], note: 'GnuPG bindings, often uses legacy defaults', category: 'general', replacedBy: 'rbnacl' },
403
412
 
404
413
  // --- modern ---
405
- { name: 'openssl', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ECDSA', 'Ed25519', 'ChaCha20-Poly1305'], note: 'Ruby stdlib OpenSSL bindings' },
406
- { name: 'bcrypt', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'OpenBSD bcrypt password hashing' },
407
- { name: 'argon2', tier: TIERS.MODERN, algorithms: ['Argon2id', 'Argon2i'], note: 'PHC winner password hashing' },
408
- { name: 'scrypt', tier: TIERS.MODERN, algorithms: ['scrypt'], note: 'Memory-hard KDF' },
409
- { name: 'rbnacl', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'XSalsa20-Poly1305', 'ChaCha20-Poly1305', 'BLAKE2b'], note: 'libsodium FFI bindings' },
410
- { name: 'ed25519', tier: TIERS.MODERN, algorithms: ['Ed25519'], note: 'Ed25519 digital signatures' },
411
- { name: 'x25519', tier: TIERS.MODERN, algorithms: ['X25519'], note: 'X25519 Diffie-Hellman key exchange' },
412
- { name: 'lockbox', tier: TIERS.MODERN, algorithms: ['AES-256-GCM'], note: 'Modern encryption for Ruby/Rails' },
413
- { name: 'attr_encrypted', tier: TIERS.MODERN, algorithms: ['AES-256-GCM'], note: 'ActiveRecord attribute encryption' },
414
- { name: 'symmetric-encryption', tier: TIERS.MODERN, algorithms: ['AES-256-CBC', 'AES-256-GCM'], note: 'Enterprise symmetric encryption for Rails' },
415
- { name: 'encryptor', tier: TIERS.MODERN, algorithms: ['AES-256-GCM'], note: 'Simple OpenSSL cipher wrapper' },
416
- { name: 'jwt', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256'], note: 'Ruby JWT implementation' },
417
- { name: 'json-jwt', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA'], note: 'JSON JWT/JWS/JWE for Ruby' },
418
- { name: 'jose', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA', 'AES-GCM'], note: 'JOSE/JWT standards library' },
419
- { name: 'rotp', tier: TIERS.MODERN, algorithms: ['HMAC-SHA1', 'TOTP', 'HOTP'], note: 'RFC 6238/4226 one-time passwords' },
420
- { name: 'net-ssh', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'ChaCha20-Poly1305'], note: 'SSH protocol implementation' },
421
- { name: 'digest-sha3', tier: TIERS.MODERN, algorithms: ['SHA-3', 'Keccak'], note: 'SHA-3 hash function' },
422
- { name: 'fernet', tier: TIERS.MODERN, algorithms: ['AES-128-CBC', 'HMAC-SHA256'], note: 'Fernet symmetric encryption' },
414
+ { name: 'openssl', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ECDSA', 'Ed25519', 'ChaCha20-Poly1305'], note: 'Ruby stdlib OpenSSL bindings', category: 'general' },
415
+ { name: 'bcrypt', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'OpenBSD bcrypt password hashing', category: 'kdf' },
416
+ { name: 'argon2', tier: TIERS.MODERN, algorithms: ['Argon2id', 'Argon2i'], note: 'PHC winner password hashing', category: 'kdf' },
417
+ { name: 'scrypt', tier: TIERS.MODERN, algorithms: ['scrypt'], note: 'Memory-hard KDF', category: 'kdf' },
418
+ { name: 'rbnacl', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'XSalsa20-Poly1305', 'ChaCha20-Poly1305', 'BLAKE2b'], note: 'libsodium FFI bindings', category: 'general' },
419
+ { name: 'ed25519', tier: TIERS.MODERN, algorithms: ['Ed25519'], note: 'Ed25519 digital signatures', category: 'signing' },
420
+ { name: 'x25519', tier: TIERS.MODERN, algorithms: ['X25519'], note: 'X25519 Diffie-Hellman key exchange', category: 'signing' },
421
+ { name: 'lockbox', tier: TIERS.MODERN, algorithms: ['AES-256-GCM'], note: 'Modern encryption for Ruby/Rails', category: 'encryption' },
422
+ { name: 'attr_encrypted', tier: TIERS.MODERN, algorithms: ['AES-256-GCM'], note: 'ActiveRecord attribute encryption', category: 'encryption' },
423
+ { name: 'symmetric-encryption', tier: TIERS.MODERN, algorithms: ['AES-256-CBC', 'AES-256-GCM'], note: 'Enterprise symmetric encryption for Rails', category: 'encryption' },
424
+ { name: 'encryptor', tier: TIERS.MODERN, algorithms: ['AES-256-GCM'], note: 'Simple OpenSSL cipher wrapper', category: 'encryption' },
425
+ { name: 'jwt', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256'], note: 'Ruby JWT implementation', category: 'jwt' },
426
+ { name: 'json-jwt', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA'], note: 'JSON JWT/JWS/JWE for Ruby', category: 'jwt' },
427
+ { name: 'jose', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA', 'AES-GCM'], note: 'JOSE/JWT standards library', category: 'jwt' },
428
+ { name: 'rotp', tier: TIERS.MODERN, algorithms: ['HMAC-SHA1', 'TOTP', 'HOTP'], note: 'RFC 6238/4226 one-time passwords', category: 'hashing' },
429
+ { name: 'net-ssh', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'ChaCha20-Poly1305'], note: 'SSH protocol implementation', category: 'tls' },
430
+ { name: 'digest-sha3', tier: TIERS.MODERN, algorithms: ['SHA-3', 'Keccak'], note: 'SHA-3 hash function', category: 'hashing' },
431
+ { name: 'fernet', tier: TIERS.MODERN, algorithms: ['AES-128-CBC', 'HMAC-SHA256'], note: 'Fernet symmetric encryption', category: 'encryption' },
423
432
 
424
433
  // --- pqc ---
425
- { name: 'liboqs', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA', 'Falcon'], note: 'Open Quantum Safe Ruby bindings' },
434
+ { name: 'liboqs', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA', 'Falcon'], note: 'Open Quantum Safe Ruby bindings', category: 'general' },
426
435
  ];
427
436
 
428
437
  // =========================================================================
@@ -432,32 +441,31 @@ export const RUBYGEMS_PACKAGES = [
432
441
  /** @type {import('./types').CatalogEntry[]} */
433
442
  export const HEX_PACKAGES = [
434
443
  // --- weak ---
435
- { name: 'cipher', tier: TIERS.WEAK, algorithms: ['AES-256-CBC', 'MD5'], note: 'Uses MD5 for key derivation' },
436
- { name: 'crypto', tier: TIERS.WEAK, algorithms: ['DES', 'RC4', 'MD5'], note: 'Erlang stdlib with access to weak algorithms' },
437
- { name: 'keccakf1600', tier: TIERS.WEAK, algorithms: ['Keccak-f1600'], note: 'Low-level Keccak permutation NIF' },
444
+ { name: 'cipher', tier: TIERS.WEAK, algorithms: ['AES-256-CBC', 'MD5'], note: 'Uses MD5 for key derivation', category: 'encryption', replacedBy: 'cloak' },
438
445
 
439
446
  // --- modern ---
440
- { name: 'comeonin', tier: TIERS.MODERN, algorithms: ['bcrypt', 'Argon2', 'Pbkdf2'], note: 'Password hashing behaviour' },
441
- { name: 'bcrypt_elixir', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Bcrypt password hashing' },
442
- { name: 'argon2_elixir', tier: TIERS.MODERN, algorithms: ['Argon2id', 'Argon2i'], note: 'PHC winner password hashing' },
443
- { name: 'pbkdf2_elixir', tier: TIERS.MODERN, algorithms: ['PBKDF2-SHA512'], note: 'PBKDF2 password hashing' },
444
- { name: 'plug_crypto', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'HMAC', 'SHA-256'], note: 'Crypto utilities for Plug/Phoenix' },
445
- { name: 'ex_crypto', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'AES-CBC', 'RSA'], note: 'Wrapper around Erlang :crypto' },
446
- { name: 'cloak', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'AES-CTR'], note: 'Encryption library, pluggable ciphers' },
447
- { name: 'cloak_ecto', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'AES-CTR'], note: 'Ecto types for field encryption via Cloak' },
448
- { name: 'enacl', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'XSalsa20-Poly1305', 'ChaCha20-Poly1305'], note: 'NIF bindings to libsodium' },
449
- { name: 'salty', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'XSalsa20-Poly1305'], note: 'NIF bindings to libsodium' },
450
- { name: 'jose', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA', 'AES-GCM'], note: 'JOSE/JWT/JWS/JWE for Erlang and Elixir' },
451
- { name: 'joken', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256'], note: 'JWT token utility' },
452
- { name: 'guardian', tier: TIERS.MODERN, algorithms: ['HS256', 'RS256', 'ES256'], note: 'Token-based auth for Phoenix' },
453
- { name: 'x509', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'X.509'], note: 'X.509 certificate handling' },
454
- { name: 'ex_sha3', tier: TIERS.MODERN, algorithms: ['SHA-3', 'Keccak'], note: 'Pure Elixir SHA-3' },
455
- { name: 'nimble_totp', tier: TIERS.MODERN, algorithms: ['HMAC-SHA1', 'TOTP'], note: 'TOTP for 2FA' },
456
- { name: 'curve25519', tier: TIERS.MODERN, algorithms: ['Curve25519'], note: 'Curve25519 Diffie-Hellman' },
447
+ { name: 'keccakf1600', tier: TIERS.MODERN, algorithms: ['Keccak-f1600'], note: 'Keccak permutation NIF (core of SHA-3)', category: 'hashing' },
448
+ { name: 'comeonin', tier: TIERS.MODERN, algorithms: ['bcrypt', 'Argon2', 'Pbkdf2'], note: 'Password hashing behaviour', category: 'kdf' },
449
+ { name: 'bcrypt_elixir', tier: TIERS.MODERN, algorithms: ['bcrypt'], note: 'Bcrypt password hashing', category: 'kdf' },
450
+ { name: 'argon2_elixir', tier: TIERS.MODERN, algorithms: ['Argon2id', 'Argon2i'], note: 'PHC winner password hashing', category: 'kdf' },
451
+ { name: 'pbkdf2_elixir', tier: TIERS.MODERN, algorithms: ['PBKDF2-SHA512'], note: 'PBKDF2 password hashing', category: 'kdf' },
452
+ { name: 'plug_crypto', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'HMAC', 'SHA-256'], note: 'Crypto utilities for Plug/Phoenix', category: 'general' },
453
+ { name: 'ex_crypto', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'AES-CBC', 'RSA'], note: 'Wrapper around Erlang :crypto', category: 'general' },
454
+ { name: 'cloak', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'AES-CTR'], note: 'Encryption library, pluggable ciphers', category: 'encryption' },
455
+ { name: 'cloak_ecto', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'AES-CTR'], note: 'Ecto types for field encryption via Cloak', category: 'encryption' },
456
+ { name: 'enacl', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'XSalsa20-Poly1305', 'ChaCha20-Poly1305'], note: 'NIF bindings to libsodium', category: 'general' },
457
+ { name: 'salty', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'XSalsa20-Poly1305'], note: 'NIF bindings to libsodium', category: 'general' },
458
+ { name: 'jose', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA', 'AES-GCM'], note: 'JOSE/JWT/JWS/JWE for Erlang and Elixir', category: 'jwt' },
459
+ { name: 'joken', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256'], note: 'JWT token utility', category: 'jwt' },
460
+ { name: 'guardian', tier: TIERS.MODERN, algorithms: ['HS256', 'RS256', 'ES256'], note: 'Token-based auth for Phoenix', category: 'jwt' },
461
+ { name: 'x509', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'X.509'], note: 'X.509 certificate handling', category: 'tls' },
462
+ { name: 'ex_sha3', tier: TIERS.MODERN, algorithms: ['SHA-3', 'Keccak'], note: 'Pure Elixir SHA-3', category: 'hashing' },
463
+ { name: 'nimble_totp', tier: TIERS.MODERN, algorithms: ['HMAC-SHA1', 'TOTP'], note: 'TOTP for 2FA', category: 'hashing' },
464
+ { name: 'curve25519', tier: TIERS.MODERN, algorithms: ['Curve25519'], note: 'Curve25519 Diffie-Hellman', category: 'signing' },
457
465
 
458
466
  // --- pqc ---
459
- { name: 'pqclean', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA', 'Classic McEliece'], note: 'PQClean NIF bindings' },
460
- { name: 'ex_tholos_pq', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA'], note: 'Elixir NIF bindings for PQC' },
467
+ { name: 'pqclean', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA', 'Classic McEliece'], note: 'PQClean NIF bindings', category: 'general' },
468
+ { name: 'ex_tholos_pq', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA'], note: 'Elixir NIF bindings for PQC', category: 'general' },
461
469
  ];
462
470
 
463
471
  // =========================================================================
@@ -467,30 +475,29 @@ export const HEX_PACKAGES = [
467
475
  /** @type {import('./types').CatalogEntry[]} */
468
476
  export const PUB_PACKAGES = [
469
477
  // --- weak ---
470
- { name: 'crypto', tier: TIERS.WEAK, algorithms: ['MD5', 'SHA-1', 'SHA-256', 'HMAC'], note: 'Dart team package; includes MD5/SHA-1' },
471
- { name: 'crypto_dart', tier: TIERS.WEAK, algorithms: ['MD5', 'SHA-1', 'AES-CBC'], note: 'CryptoJS-like API, includes weak algorithms' },
472
- { name: 'md5_plugin', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'MD5 hash only, collision-broken' },
473
- { name: 'sha1', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'SHA-1 only, collision-broken' },
478
+ { name: 'crypto_dart', tier: TIERS.WEAK, algorithms: ['MD5', 'SHA-1', 'AES-CBC'], note: 'CryptoJS-like API, includes weak algorithms', category: 'general', replacedBy: 'cryptography' },
479
+ { name: 'md5_plugin', tier: TIERS.WEAK, algorithms: ['MD5'], note: 'MD5 hash only, collision-broken', category: 'hashing', replacedBy: 'hashlib' },
480
+ { name: 'sha1', tier: TIERS.WEAK, algorithms: ['SHA-1'], note: 'SHA-1 only, collision-broken', category: 'hashing', replacedBy: 'hashlib' },
474
481
 
475
482
  // --- modern ---
476
- { name: 'cryptography', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ChaCha20', 'Ed25519', 'X25519', 'Argon2id', 'BLAKE2'], note: 'Comprehensive cross-platform crypto' },
477
- { name: 'cryptography_flutter', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ChaCha20', 'Ed25519', 'X25519'], note: 'Flutter plugin for OS crypto APIs' },
478
- { name: 'pointycastle', tier: TIERS.MODERN, algorithms: ['AES', 'RSA', 'ECDSA', 'SHA-256', 'SHA-3', 'ChaCha20'], note: 'BouncyCastle port for Dart' },
479
- { name: 'encrypt', tier: TIERS.MODERN, algorithms: ['AES-CBC', 'AES-GCM', 'RSA', 'Salsa20'], note: 'High-level API over PointyCastle' },
480
- { name: 'webcrypto', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'AES-CTR', 'RSA-OAEP', 'ECDSA', 'ECDH', 'HMAC'], note: 'Web Crypto API on all platforms' },
481
- { name: 'fast_rsa', tier: TIERS.MODERN, algorithms: ['RSA-OAEP', 'RSA-PKCS1v15', 'RSA-PSS'], note: 'Native RSA operations' },
482
- { name: 'steel_crypt', tier: TIERS.MODERN, algorithms: ['AES', 'ChaCha20', 'SHA-256', 'HMAC'], note: 'High-level crypto APIs' },
483
- { name: 'pinenacl', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'XSalsa20-Poly1305', 'BLAKE2b'], note: 'TweetNaCl Dart port' },
484
- { name: 'hashlib', tier: TIERS.MODERN, algorithms: ['SHA-256', 'SHA-3', 'BLAKE2', 'Argon2', 'bcrypt', 'scrypt'], note: 'Optimized hash and KDF library' },
485
- { name: 'basic_utils', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'X.509'], note: 'Key parsing, CSR generation, X.509' },
486
- { name: 'dart_jsonwebtoken', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256', 'EdDSA'], note: 'JWT for Dart' },
487
- { name: 'jose', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA', 'AES-GCM'], note: 'JOSE/JWS/JWE/JWK for Dart' },
488
- { name: 'sodium_libs', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'ChaCha20-Poly1305', 'Argon2id'], note: 'FFI bindings to native libsodium' },
483
+ { name: 'cryptography', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ChaCha20', 'Ed25519', 'X25519', 'Argon2id', 'BLAKE2'], note: 'Comprehensive cross-platform crypto', category: 'general' },
484
+ { name: 'cryptography_flutter', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ChaCha20', 'Ed25519', 'X25519'], note: 'Flutter plugin for OS crypto APIs', category: 'general' },
485
+ { name: 'pointycastle', tier: TIERS.MODERN, algorithms: ['AES', 'RSA', 'ECDSA', 'SHA-256', 'SHA-3', 'ChaCha20'], note: 'BouncyCastle port for Dart', category: 'general' },
486
+ { name: 'encrypt', tier: TIERS.MODERN, algorithms: ['AES-CBC', 'AES-GCM', 'RSA', 'Salsa20'], note: 'High-level API over PointyCastle', category: 'encryption' },
487
+ { name: 'webcrypto', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'AES-CTR', 'RSA-OAEP', 'ECDSA', 'ECDH', 'HMAC'], note: 'Web Crypto API on all platforms', category: 'general' },
488
+ { name: 'fast_rsa', tier: TIERS.MODERN, algorithms: ['RSA-OAEP', 'RSA-PKCS1v15', 'RSA-PSS'], note: 'Native RSA operations', category: 'signing' },
489
+ { name: 'steel_crypt', tier: TIERS.MODERN, algorithms: ['AES', 'ChaCha20', 'SHA-256', 'HMAC'], note: 'High-level crypto APIs', category: 'encryption' },
490
+ { name: 'pinenacl', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'XSalsa20-Poly1305', 'BLAKE2b'], note: 'TweetNaCl Dart port', category: 'general' },
491
+ { name: 'hashlib', tier: TIERS.MODERN, algorithms: ['SHA-256', 'SHA-3', 'BLAKE2', 'Argon2', 'bcrypt', 'scrypt'], note: 'Optimized hash and KDF library', category: 'hashing' },
492
+ { name: 'basic_utils', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'X.509'], note: 'Key parsing, CSR generation, X.509', category: 'signing' },
493
+ { name: 'dart_jsonwebtoken', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'HS256', 'EdDSA'], note: 'JWT for Dart', category: 'jwt' },
494
+ { name: 'jose', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'EdDSA', 'AES-GCM'], note: 'JOSE/JWS/JWE/JWK for Dart', category: 'jwt' },
495
+ { name: 'sodium_libs', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'ChaCha20-Poly1305', 'Argon2id'], note: 'FFI bindings to native libsodium', category: 'general' },
489
496
 
490
497
  // --- pqc ---
491
- { name: 'pqcrypto', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA'], note: 'Pure Dart NIST PQC' },
492
- { name: 'xkyber_crypto', tier: TIERS.PQC, algorithms: ['Kyber/ML-KEM'], note: 'Kyber KEM for Dart' },
493
- { name: 'custom_post_quantum', tier: TIERS.PQC, algorithms: ['Kyber/ML-KEM', 'Dilithium/ML-DSA'], note: 'Dart NIST PQC candidates' },
498
+ { name: 'pqcrypto', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA'], note: 'Pure Dart NIST PQC', category: 'general' },
499
+ { name: 'xkyber_crypto', tier: TIERS.PQC, algorithms: ['Kyber/ML-KEM'], note: 'Kyber KEM for Dart', category: 'encryption' },
500
+ { name: 'custom_post_quantum', tier: TIERS.PQC, algorithms: ['Kyber/ML-KEM', 'Dilithium/ML-DSA'], note: 'Dart NIST PQC candidates', category: 'general' },
494
501
  ];
495
502
 
496
503
  // =========================================================================
@@ -500,30 +507,30 @@ export const PUB_PACKAGES = [
500
507
  /** @type {import('./types').CatalogEntry[]} */
501
508
  export const COCOAPODS_PACKAGES = [
502
509
  // --- weak ---
503
- { name: 'OpenSSL', tier: TIERS.WEAK, algorithms: ['RSA', 'DES', 'RC4', 'MD5'], note: 'Deprecated by Apple, bundles weak ciphers' },
504
- { name: 'OpenSSL-Universal', tier: TIERS.WEAK, algorithms: ['RSA', 'DES', 'RC4', 'MD5'], note: 'Universal OpenSSL build, legacy algorithms' },
505
- { name: 'AESCrypt-ObjC', tier: TIERS.WEAK, algorithms: ['AES-256-CBC'], note: 'AES-CBC without authentication' },
506
- { name: 'Arcane', tier: TIERS.WEAK, algorithms: ['MD5', 'SHA-1', 'AES-CBC', 'HMAC'], note: 'CommonCrypto wrapper; exposes MD5, SHA-1' },
507
- { name: 'CommonCryptoSwift', tier: TIERS.WEAK, algorithms: ['DES', '3DES', 'MD5', 'SHA-1', 'AES-CBC'], note: 'CommonCrypto Swift wrapper' },
510
+ { name: 'OpenSSL', tier: TIERS.WEAK, algorithms: ['RSA', 'DES', 'RC4', 'MD5'], note: 'Deprecated by Apple, bundles weak ciphers', category: 'general', replacedBy: 'CryptoSwift' },
511
+ { name: 'OpenSSL-Universal', tier: TIERS.WEAK, algorithms: ['RSA', 'DES', 'RC4', 'MD5'], note: 'Universal OpenSSL build, legacy algorithms', category: 'general', replacedBy: 'CryptoSwift' },
512
+ { name: 'AESCrypt-ObjC', tier: TIERS.WEAK, algorithms: ['AES-256-CBC'], note: 'AES-CBC without authentication', category: 'encryption', replacedBy: 'CryptoSwift' },
513
+ { name: 'Arcane', tier: TIERS.WEAK, algorithms: ['MD5', 'SHA-1', 'AES-CBC', 'HMAC'], note: 'CommonCrypto wrapper; exposes MD5, SHA-1', category: 'general', replacedBy: 'CryptoSwift' },
514
+ { name: 'CommonCryptoSwift', tier: TIERS.WEAK, algorithms: ['DES', '3DES', 'MD5', 'SHA-1', 'AES-CBC'], note: 'CommonCrypto Swift wrapper', category: 'general', replacedBy: 'CryptoSwift' },
508
515
 
509
516
  // --- modern ---
510
- { name: 'CryptoSwift', tier: TIERS.MODERN, algorithms: ['AES', 'ChaCha20', 'Poly1305', 'RSA', 'PBKDF2', 'scrypt', 'HMAC', 'BLAKE2'], note: 'Pure Swift comprehensive crypto' },
511
- { name: 'IDZSwiftCommonCrypto', tier: TIERS.MODERN, algorithms: ['AES', 'SHA-256', 'SHA-512', 'HMAC'], note: 'Swift wrapper for CommonCrypto' },
512
- { name: 'SCrypto', tier: TIERS.MODERN, algorithms: ['SHA-256', 'HMAC', 'PBKDF2', 'AES'], note: 'CommonCrypto digest/HMAC/AES extensions' },
513
- { name: 'SwCrypt', tier: TIERS.MODERN, algorithms: ['RSA', 'AES', 'ECDSA'], note: 'RSA key gen, AES via CommonCrypto' },
514
- { name: 'SwiftyRSA', tier: TIERS.MODERN, algorithms: ['RSA-OAEP', 'RSA-PKCS1v15'], note: 'RSA encryption and signing' },
515
- { name: 'Sodium', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'ChaCha20-Poly1305', 'Argon2id', 'BLAKE2b'], note: 'Swift libsodium bindings' },
516
- { name: 'TweetNacl', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'XSalsa20-Poly1305'], note: 'TweetNaCl Swift port' },
517
- { name: 'RNCryptor', tier: TIERS.MODERN, algorithms: ['AES-256-CBC', 'HMAC-SHA256', 'PBKDF2'], note: 'Cross-platform AES encryption' },
518
- { name: 'themis', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ECDSA', 'Ed25519'], note: 'Cossack Labs data security' },
519
- { name: 'ObjectivePGP', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'AES'], note: 'OpenPGP for iOS/macOS' },
520
- { name: 'JOSESwift', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'AES-GCM', 'ECDH-ES'], note: 'JOSE/JWS/JWE/JWK framework' },
521
- { name: 'BlueRSA', tier: TIERS.MODERN, algorithms: ['RSA-OAEP', 'RSA-PSS'], note: 'IBM Kitura RSA' },
522
- { name: 'BlueCryptor', tier: TIERS.MODERN, algorithms: ['AES', 'SHA-256', 'SHA-512', 'HMAC'], note: 'IBM Kitura CommonCrypto wrapper' },
523
- { name: 'Tink', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ECDSA', 'Ed25519'], note: 'Google Tink for iOS' },
517
+ { name: 'CryptoSwift', tier: TIERS.MODERN, algorithms: ['AES', 'ChaCha20', 'Poly1305', 'RSA', 'PBKDF2', 'scrypt', 'HMAC', 'BLAKE2'], note: 'Pure Swift comprehensive crypto', category: 'general' },
518
+ { name: 'IDZSwiftCommonCrypto', tier: TIERS.MODERN, algorithms: ['AES', 'SHA-256', 'SHA-512', 'HMAC'], note: 'Swift wrapper for CommonCrypto', category: 'general' },
519
+ { name: 'SCrypto', tier: TIERS.MODERN, algorithms: ['SHA-256', 'HMAC', 'PBKDF2', 'AES'], note: 'CommonCrypto digest/HMAC/AES extensions', category: 'general' },
520
+ { name: 'SwCrypt', tier: TIERS.MODERN, algorithms: ['RSA', 'AES', 'ECDSA'], note: 'RSA key gen, AES via CommonCrypto', category: 'general' },
521
+ { name: 'SwiftyRSA', tier: TIERS.MODERN, algorithms: ['RSA-OAEP', 'RSA-PKCS1v15'], note: 'RSA encryption and signing', category: 'signing' },
522
+ { name: 'Sodium', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'ChaCha20-Poly1305', 'Argon2id', 'BLAKE2b'], note: 'Swift libsodium bindings', category: 'general' },
523
+ { name: 'TweetNacl', tier: TIERS.MODERN, algorithms: ['X25519', 'Ed25519', 'XSalsa20-Poly1305'], note: 'TweetNaCl Swift port', category: 'general' },
524
+ { name: 'RNCryptor', tier: TIERS.MODERN, algorithms: ['AES-256-CBC', 'HMAC-SHA256', 'PBKDF2'], note: 'Cross-platform AES encryption', category: 'encryption' },
525
+ { name: 'themis', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'RSA', 'ECDSA', 'Ed25519'], note: 'Cossack Labs data security', category: 'general' },
526
+ { name: 'ObjectivePGP', tier: TIERS.MODERN, algorithms: ['RSA', 'ECDSA', 'Ed25519', 'AES'], note: 'OpenPGP for iOS/macOS', category: 'general' },
527
+ { name: 'JOSESwift', tier: TIERS.MODERN, algorithms: ['RS256', 'ES256', 'AES-GCM', 'ECDH-ES'], note: 'JOSE/JWS/JWE/JWK framework', category: 'jwt' },
528
+ { name: 'BlueRSA', tier: TIERS.MODERN, algorithms: ['RSA-OAEP', 'RSA-PSS'], note: 'IBM Kitura RSA', category: 'signing' },
529
+ { name: 'BlueCryptor', tier: TIERS.MODERN, algorithms: ['AES', 'SHA-256', 'SHA-512', 'HMAC'], note: 'IBM Kitura CommonCrypto wrapper', category: 'general' },
530
+ { name: 'Tink', tier: TIERS.MODERN, algorithms: ['AES-GCM', 'ECDSA', 'Ed25519'], note: 'Google Tink for iOS', category: 'general' },
524
531
 
525
532
  // --- pqc ---
526
- { name: 'liboqs', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA', 'Falcon'], note: 'Open Quantum Safe via bridging header' },
533
+ { name: 'liboqs', tier: TIERS.PQC, algorithms: ['ML-KEM', 'ML-DSA', 'SLH-DSA', 'Falcon'], note: 'Open Quantum Safe via bridging header', category: 'general' },
527
534
  ];
528
535
 
529
536
  // =========================================================================