open source

Releasing RepoMetaScore (repository metadata scoring): a dependency checking tool that analyzes metadata of open-source project, including commit history and contributors’ background. RepoMetaScore calculates risk rating, makes supply chain risks visible and prevents weaponizing OSS.

OpenSSL complexity starts with its version string. Apple, Carthage, and some dependency analysis tools have different opinions about it. Here is how we dealt with them and submitted iOS app to the App Store. So, we decided to update OpenSSL in iOS app # Themis provides easy-to-use cryptography for multiple languages and platforms. We implement it on top of existing cryptography engines , such as OpenSSL or BoringSSL, which Themis uses as a source of the cryptographic primitives.

This story is dedicated to fellow developers struggling with updating Carthage package with the latest OpenSSL for iOS and macOS apps. Here you will find the scripts, error messages, testing matrix, and our working solution for Themis to this no small feat. We believe it could save you time then you meet the same task. Fire in the hole! 🔥 # Imagine your builds going red because of an outdated OpenSSL that is used by one of your Carthage dependencies.

We believe that everyone should be able to create secure applications and protect users’ privacy. That’s why our main cryptographic components are open source and developer-friendly. But open-source would be nothing without external contributions and feedback from users. We would like to publicly celebrate our open-source contributors and users who challenged us to make our open-source offerings more robust by asking hard questions, pointing out usability problems and potential usage patterns we were not aware of before.