Merge pull request #1 from script3r/cursor/rust-crypto-library-scanner-984e

Rust crypto library scanner

Author: script3r

.github/workflows/ci.yml

@@ -0,0 +1,152 @@
+name: CI
+
+on:
+  push:
+    branches: [ main, master ]
+  pull_request:
+    branches: [ main, master ]
+
+env:
+  CARGO_TERM_COLOR: always
+
+jobs:
+  test:
+    name: Test
+    runs-on: ubuntu-latest
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Install Rust
+      uses: actions-rs/toolchain@v1
+      with:
+        toolchain: stable
+        components: rustfmt, clippy
+        override: true
+        
+    - name: Cache cargo registry
+      uses: actions/cache@v4
+      with:
+        path: |
+          ~/.cargo/registry
+          ~/.cargo/git
+          target
+        key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
+        restore-keys: |
+          ${{ runner.os }}-cargo-
+          
+    - name: Check formatting
+      run: cargo fmt --all -- --check
+      
+    - name: Run clippy
+      run: cargo clippy --all-targets --all-features
+      
+    - name: Build project
+      run: cargo build --verbose
+      
+    - name: Run tests
+      run: cargo test --verbose
+      
+    - name: Build release
+      run: cargo build --release --verbose
+      
+    - name: Test CLI help
+      run: ./target/release/cryptofind --help
+
+  test-windows:
+    name: Test (Windows)
+    runs-on: windows-latest
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Install Rust
+      uses: actions-rs/toolchain@v1
+      with:
+        toolchain: stable
+        override: true
+        
+    - name: Cache cargo registry
+      uses: actions/cache@v4
+      with:
+        path: |
+          ~/.cargo/registry
+          ~/.cargo/git
+          target
+        key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
+        restore-keys: |
+          ${{ runner.os }}-cargo-
+          
+    - name: Build project
+      run: cargo build --verbose
+      
+    - name: Run tests
+      run: cargo test --verbose
+      
+    - name: Build release
+      run: cargo build --release --verbose
+
+  test-macos:
+    name: Test (macOS)
+    runs-on: macos-latest
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Install Rust
+      uses: actions-rs/toolchain@v1
+      with:
+        toolchain: stable
+        override: true
+        
+    - name: Cache cargo registry
+      uses: actions/cache@v4
+      with:
+        path: |
+          ~/.cargo/registry
+          ~/.cargo/git
+          target
+        key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
+        restore-keys: |
+          ${{ runner.os }}-cargo-
+          
+    - name: Build project
+      run: cargo build --verbose
+      
+    - name: Run tests
+      run: cargo test --verbose
+      
+    - name: Build release
+      run: cargo build --release --verbose
+
+  benchmark:
+    name: Benchmark
+    runs-on: ubuntu-latest
+    if: github.event_name == 'push' && github.ref == 'refs/heads/main'
+    
+    steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      
+    - name: Install Rust
+      uses: actions-rs/toolchain@v1
+      with:
+        toolchain: stable
+        override: true
+        
+    - name: Cache cargo registry
+      uses: actions/cache@v4
+      with:
+        path: |
+          ~/.cargo/registry
+          ~/.cargo/git
+          target
+        key: ${{ runner.os }}-cargo-${{ hashFiles('**/Cargo.lock') }}
+        restore-keys: |
+          ${{ runner.os }}-cargo-
+          
+    - name: Run benchmarks
+      run: cargo bench --verbose

CONTRIBUTING.md

@@ -0,0 +1,31 @@
+## Contributing to cryptofind
+
+Thank you for improving cryptofind! This project aims for speed, precision, and extensibility.
+
+### Adding a New Library via patterns
+
+1. Edit `patterns.toml` and add a new `[[library]]` entry.
+2. Use anchored regexes for `include`/`import`/`namespace`/`apis`.
+3. Prefer import/include anchors; use API patterns only as secondary evidence.
+4. Run `cargo test` to validate regex and stripper behavior.
+
+### Adding a New Language or Custom Detector
+
+1. Create a new crate under `crates/detector-<lang>/`.
+2. Implement the `Detector` trait from `scanner-core`.
+3. Provide `prefilter()` substrings and extensions for fast filtering.
+4. Use comment stripping utilities to avoid matches in comments/strings.
+
+### Performance Guidelines
+
+- Stream files and avoid unnecessary allocations.
+- Use `rayon` for parallelism; keep per-file work independent.
+- Prefer `aho-corasick` for prefilter substring matching.
+- Short-circuit after sufficient evidence unless `--exhaustive` (future work).
+
+### Testing
+
+- Add unit tests for any new stripper rules.
+- Provide fixtures under `fixtures/<lang>/positive` and `fixtures/<lang>/negative`.
+- Add integration tests in `tests/` to cover the new patterns.
+