Oleksii Lozovskyi

To put some numbers to where my mouth is, here are sizes that Themis *currently* has with typical builds on a typical x86_64 machine with Linux. | Crypto backend linkage...

`libthemis-boringssl` is probably going to be a thing starting with Themis 0.14. It is already implemented in #683, but it definitely needs more testing.

This issue is caused by duplicate OpenSSL symbols. Due to the way ELF linkage and loading works on Linux, Themis may be using OpenSSL functions different from the ones it...

Hi! Thanks for your interest in Themis! :heart: Unfortunately, PHPThemis has not been a priority for us for quite some time. The development has been frozen for the most part,...

> should we turn off dependabot if we run our own workflow for audit? or re-configure via dependabot.yaml? Oh, right. It should be possible to disable it only for some...

Well, I'm not sure it *is* possible, since "Dependabot alerts", "Dependabot security updates", and "Dependabot version updates" look like separate features. We never had "version updates" enabled (bot submitting PRs...

So, what about this thing? I've synced it up with `master`, let's see if the build is still passing...

> ``` > 19 vulnerabilities (5 moderate, 5 high, 9 critical) > ``` Well but of course!

Okay... So I've bumped even more of React Native stuff to "resolve" all "critical" things that `npm audit` found there. I've tried running it on the RN example. There are...

Meanwhile, [GitHub has removed](https://github.blog/changelog/2022-10-28-yellow-security-vulnerability-repository-banner-is-being-removed/) those "We found potential security vulnerabilities" banners from UI, so that's one source of anxiety gone. Is there any merit in customized severity levels for audit?...