profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/vixentael/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
vixentael @cossacklabs Kyiv, Ukraine https://cossacklabs.com/ Designing data security / cryptography software solutions at @cossacklabs. Speaking at conferences, making conferences, leading communities.

PaulTaykalo/objc-dependency-visualizer 1687

Objective-C and Swift dependency visualizer. It's tool that helps to visualize current state of your project. It's really easy to see how tight your classes are coupled.

veorq/cryptocoding 770

Guidelines for low-level cryptography software

cossacklabs/acra 748

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.

PragmaticSwift/PragmaticSwift 46

Articles of Pragmatic Swift

cossacklabs/theswiftalpsdemo 5

Demo code for security workshop on #swiftalps: storage and transfer encryption using Themis

ilammy/themis 2

Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across ten platforms.

vixentael/AppCode-Settings 2

Appcode Settings repository

ilammy/themis.rs 1

Rust implementation of Themis cryptographic framework core

vixentael/crypto-benchmarks 1

Sandbox project to measure benchmarks between Themis and new Apple's CryptoKit

deszip/tasty-imitation-keyboard 0

A custom keyboard for iOS8 that serves as a tasty imitation of the default Apple keyboard. Built using Swift and the latest Apple technologies!

delete branch cossacklabs/themis

delete branch : dependabot/npm_and_yarn/src/wrappers/themis/wasm/lodash-4.17.21

delete time in 12 hours

pull request commentcossacklabs/themis

Bump lodash from 4.17.19 to 4.17.21 in /src/wrappers/themis/wasm

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot]

comment created time in 12 hours

PR closed cossacklabs/themis

Reviewers
Bump lodash from 4.17.19 to 4.17.21 in /src/wrappers/themis/wasm dependencies

Bumps lodash from 4.17.19 to 4.17.21. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/f299b52f39486275a9e6483b60a410e06520c538"><code>f299b52</code></a> Bump to v4.17.21</li> <li><a href="https://github.com/lodash/lodash/commit/c4847ebe7d14540bb28a8b932a9ce1b9ecbfee1a"><code>c4847eb</code></a> Improve performance of <code>toNumber</code>, <code>trim</code> and <code>trimEnd</code> on large input strings</li> <li><a href="https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"><code>3469357</code></a> Prevent command injection through <code>_.template</code>'s <code>variable</code> option</li> <li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li> <li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li> <li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li> <li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li> <li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li> <li>See full diff in <a href="https://github.com/lodash/lodash/compare/4.17.19...4.17.21">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

1 comment

1 changed file

dependabot[bot]

pr closed time in 12 hours

pull request commentcossacklabs/themis

Bump lodash from 4.17.19 to 4.17.21 in /src/wrappers/themis/wasm

@dependabot, you're too slow, see #814.

dependabot[bot]

comment created time in 12 hours

PR opened cossacklabs/themis

Bump lodash from 4.17.19 to 4.17.21 in /src/wrappers/themis/wasm

Bumps lodash from 4.17.19 to 4.17.21. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lodash/lodash/commit/f299b52f39486275a9e6483b60a410e06520c538"><code>f299b52</code></a> Bump to v4.17.21</li> <li><a href="https://github.com/lodash/lodash/commit/c4847ebe7d14540bb28a8b932a9ce1b9ecbfee1a"><code>c4847eb</code></a> Improve performance of <code>toNumber</code>, <code>trim</code> and <code>trimEnd</code> on large input strings</li> <li><a href="https://github.com/lodash/lodash/commit/3469357cff396a26c363f8c1b5a91dde28ba4b1c"><code>3469357</code></a> Prevent command injection through <code>_.template</code>'s <code>variable</code> option</li> <li><a href="https://github.com/lodash/lodash/commit/ded9bc66583ed0b4e3b7dc906206d40757b4a90a"><code>ded9bc6</code></a> Bump to v4.17.20.</li> <li><a href="https://github.com/lodash/lodash/commit/63150ef7645ac07961b63a86490f419f356429aa"><code>63150ef</code></a> Documentation fixes.</li> <li><a href="https://github.com/lodash/lodash/commit/00f0f62a979d2f5fa0287c06eae70cf9a62d8794"><code>00f0f62</code></a> test.js: Remove trailing comma.</li> <li><a href="https://github.com/lodash/lodash/commit/846e434c7a5b5692c55ebf5715ed677b70a32389"><code>846e434</code></a> Temporarily use a custom fork of <code>lodash-cli</code>.</li> <li><a href="https://github.com/lodash/lodash/commit/5d046f39cbd27f573914768e3b36eeefcc4f1229"><code>5d046f3</code></a> Re-enable Travis tests on <code>4.17</code> branch.</li> <li><a href="https://github.com/lodash/lodash/commit/aa816b36d402a1ad9385142ce7188f17dae514fd"><code>aa816b3</code></a> Remove <code>/npm-package</code>.</li> <li>See full diff in <a href="https://github.com/lodash/lodash/compare/4.17.19...4.17.21">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~bnjmnt4n">bnjmnt4n</a>, a new releaser for lodash since your current version.</p> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+3 -3

0 comment

1 changed file

pr created time in 12 hours

issue openedkeeshux/openssl-apple

Linking for arm64 and arm64e error.

> Making all for tool membrane…
==> Compiling src/main.mm (arm64)…
==> Compiling src/membrane.m (arm64)…
==> Linking tool membrane (arm64)…
Undefined symbols for architecture arm64:
  "___darwin_check_fd_set_overflow", referenced from:
      _RAND_poll in libcrypto.a(rand_unix.o)
ld: symbol(s) not found for architecture arm64
clang: error: linker command failed with exit code 1 (use -v to see invocation)
make[3]: *** [/Users/enty8080/Desktop/iphoneos-membrane/handler/.theos/obj/debug/arm64/membrane] Error 1
make[2]: *** [/Users/enty8080/Desktop/iphoneos-membrane/handler/.theos/obj/debug/arm64/membrane] Error 2
make[1]: *** [internal-tool-all_] Error 2
make: *** [membrane.all.tool.variables] Error 2

Compiled libssl.a and libcrypto.a using your program for ios_arm64 and ios_arm64e

created time in 14 hours

PR opened cossacklabs/themis

Reviewers
Update npm lockfiles W-JsThemis :lollipop: W-WasmThemis :globe_with_meridians: dependencies

Update npm lockfile format. We don't get a say here.

Update some dependencies with it, resolving some security advisories:

  • CVE-2020-7774 Prototype Pollution in y18n
  • CVE-2021-23337 Command Injection in lodash

These are not terribly important since they do not affect our users, only potentially affect the CI environment.

Checklist

  • [x] Change is covered by automated tests
  • [x] Changelog is updated (don't think it's necessary)
+2343 -14

0 comment

2 changed files

pr created time in 19 hours

create barnchilammy/themis

branch : npm-go-brrrrr

created branch time in 19 hours

PR opened cossacklabs/themis

Reviewers
Assimilate Android example project O-Android :robot: docs :books: infrastructure

Instead of keeping it in the cossacklabs/themis-java-examples ghetto, allow the example to join the warm monorepo family.

On Gradle

Note that this example uses Gradle, like Themis project itself, but the example is completely independent of the top-level Gradle project. It even uses a different version of Gradle wrapper because that's what Android Studio insists on. I'd like to keep it that way, so that users are able to copy and paste the project directory and get a working example.

The example is also tied to a published version of AndroidThemis, not the one being developed in the source tree. Maintainers will have to update the dependency manually, similar to how macOS/iOS examples work.

On dependency updates

Standard operating procedure is in effect: before you do anything, blindly apply whatever updates Android Studio shoves down your throat, or else you'll regret it later.

On Kotlin migration

I'm converting Android example to Kotlin because that's how most Android stuff is developed these days. Java is really a legacy language there. Java 16 is the current version. Android has mostly Java 7 with some selected bits of Java 8. Go figure.

JavaThemis will have its own separate example using Java specifically. AndroidThemis now has a Kotlin showcase.

On automated tests

Just build the example to make sure it's not completely broken. It would be cool to test the resulting application but that opens up a whole new time hell hole, with launching emulators and stuff. I have no desire to dive there at the moment.

Future work

This PR only migrates existing code. It would be nice to revision the example to make it nicer and more native, but that's a story for another day.

Checklist

  • [x] Change is covered by automated tests
  • [x] The coding guidelines are followed
  • [x] Public API has proper documentation
  • [x] Example projects and code samples are up-to-date
  • [x] Changelog is updated
+846 -0

0 comment

35 changed files

pr created time in 21 hours

push eventilammy/themis

Alexei Lozovsky

commit sha e5465f4601100a7e0e178e1ac14cafaeb8ee9356

Build Android examples on GitHub Actions Just build. It would be cool to test the resulting application but that opens up a whole new time hell hole, with launching emulators and stuff. I have no desire to dive there at the moment.

view details

Alexei Lozovsky

commit sha 05c3c02b655805c598a3e8536259ad0de8992394

Update changelog This is somewhat notable so let's update the changelog too. Once JavaThemis example is moved to the main repository as well, we can finally deprecate and archive that separate repo.

view details

push time in 21 hours

create barnchilammy/themis

branch : assimilate-android-example

created branch time in 21 hours

push eventilammy/themis

Alexei Lozovsky

commit sha abeafbd44f777b0d47f72c47835f53245c310752

Unbreak Criterion's HTML reports (#764 => #769) Our benchmarking harness has decided that it's time for some INNOVATION and for starters released a version which has disabled generation of HTML reports by default, changed their location from current directory to the proper shared target directory, and strongly suggests migrating away from running benchmarks with "cargo bench" in favor of their own "cargo criterion". Well, okay, that's a fine rabbit to chase later, but for now let's at least unbreak our build by adapting to the new reality. (cherry picked from commit d230f57475c079e0baa72c6d9c91256c4edba858) Also added the same path update for CircleCI which is still running for the stable branch.

view details

Alexei Lozovsky

commit sha dd06bdfa02e9d2ef1c501eb5b317263de8edbf46

Run examples only with Python 3 (#765 => #771) * Do not install Python 2 for examples pip has dropped support for Python 2 some time ago -- a version of Python that has been EOL for about a year now. Themis does not support Python 2 officially, yet we're still test with it as long as it's practical. Well, it stopped being practical for this CI job because Ubuntu has removed "python-pip" package from their repos. Remove all lines which install Python 2 testing environment. * Run examples only with Python 3 For quite some time we have been running this job only with Python 3. Now that Python 2 environment installation has been removed, it no longer makes sense to pretend that we'll enable it back. Just run everything with "python3". (cherry picked from commit 68827dac4debc40bf63f3d1936be8bda9fc2fe6c)

view details

Alexei Lozovsky

commit sha e2421dbcc3943ab38dbb8e6258dd4daf9d3cf8d9

Use new trait order in generated code (#758 => #772) Recent release of bindgen 0.56.0 resulted in a change in the order of the derived traits in the generated code. The changelog does not say anything about that, but I doubt this is considered a notable change. However, it breaks our build system which meticulously checks for any changes in the generated code compared to checked in version. It does this so that we don't miss any changes. Well, the CI is going to be using bindgen 0.56.0 from now on, let's use the new trait order as well, whatever it is. (cherry picked from commit 3f8f9b88edd8edcfcbf3ab63c3c492ff2d091998)

view details

Alexei Lozovsky

commit sha b97979f9b1ef962671f4364bd8f4d458e5736af1

Update code style checking job to Ubuntu 20.04 (#761 => #773) One of the GitHub Actions jobs is using a pristine Ubuntu container because whatever is provided by GitHub Actions runners causes conflicts when some of the packages are installed. That container has been using Ubuntu 19.10. Ubuntu 19.10 "Eoan Ermine" has reached end of life on 2020-07-17. Normally EOL only means that the distribution stops receiving updates after that date. However, eventually it gets purged from the repositories as well. This is exactly what has happened recently, and since then the builds are all red because they are not able to install packages for a missing distribution. Upgrade to Ubuntu 20.04 LTS "Focal Focca". This should last us at least until 2030 or something. Or well, until GitHub becomes more attentive to whatever stuff they put in their sources.list. (cherry picked from commit 647fb0cc8c3939ec17a5fd4e89795846358c5eee)

view details

Alexei Lozovsky

commit sha 40b25e2f8ea69baad0bcd22e00e316023def259f

Migrate to "afl++" from "afl" (#766 => #770) * Migrate to "afl++" from "afl" The original "afl" [1] has been abandoned and is not maintained since 2017. "afl++" [2] is its replacement. Since it's a fork, it has mostly compatible command line, and more features. [1]: http://lcamtuf.coredump.cx/afl/ [2]: https://github.com/AFLplusplus/AFLplusplus The original afl is currently being phased out from distributions. In particular, it's gone from whatever repo list GitHub Actions use, breaking our build. Migrate to "afl++" instead. Not all operating systems ship with "afl++" though. For example, it's still not available in binary form on macOS via Homebrew. Therefore, don't jump the gun and don't update the Makefile to use "afl++"-only features. (However, it would be nice to use them if available.) * Pin "fuzzing" job to Ubuntu 18.04 As noted in the comment, GitHub Actions runners are schizophrenic and sometimes believe that they come from the future where the latest Ubuntu image works correctly. Don't let them be fooled, use 18.04 for now. (cherry picked from commit 0c6a44de5d1a5cf9a0e587d40c973c018c2658e5) Ignore changes in CHANGELOG.md, there is no "Unreleased" section on the "stable" branch. It will get here in due time.

view details

Alexei Lozovsky

commit sha 1b414fabf78c0a6347def37881a1c4d80be572bc

Fix warnings from Clippy (#793 => #794) Recently released Rust 1.51 includes new Clippy with new warnings: error: name `GetPublicKeyForID` contains a capitalized acronym --> src/wrappers/themis/rust/tests/secure_session.rs:663:6 | 663 | type GetPublicKeyForID = Box<dyn FnMut(&[u8]) -> Option<EcdsaPublicKey>>; | ^^^^^^^^^^^^^^^^^ help: consider making the acronym lowercase, except the initial letter: `GetPublicKeyForId` | = note: `-D clippy::upper-case-acronyms` implied by `-D warnings` = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#upper_case_acronyms error: aborting due to previous error Shut up, Clippy, I name my types however I want to!^K I mean, yes, sure, O Wise Stationery, I will immediately rename the entity as prescribed and will refrain from such practice any further. (cherry picked from commit 734a62433aa82c9f626cc8ca159fba412d85e399)

view details

Alexei Lozovsky

commit sha 423adb5a9b531a584fde18f1569bdb9b04193c37

Update zeroize to "1" (#799 => #800) This is the only dependency of RustThemis and they have managed to break even that. Some bright maintainer head over there thought that it would be a great idea to just yank all 0.x versions from crates.io, breaking our build. (Since RustThemis is a library, we're not using Cargo.lock. If a dependency is yanked, we can't build our stuff.) Well, thanks for not breaking the API in 1.x at least. You're still better than the Tokio team. Note that zeroize requires reasonably new stable version of Rust toolchain. With 0.5.2 this has been 1.31, now it's 1.47. (The current stable version is 1.51. RustThemis tracks that version.) (cherry picked from commit 9b3fc0106c8811fb513bbda126ab818e94c33fd9)

view details

julepka

commit sha 0900b1292c25ea4ebb8e57747ad1a5e220786615

Merge pull request #804 from cossacklabs/stable Merged stable into release/0.13

view details

julepka

commit sha 68b485b8017098fce723e0839ecb9543d32463f6

SPM support with XCF (#789) (#806) * Add SPM support with XCF (#789) * add SPM support with XCF * add swift SPM test project * add macOS swift SPM example, updated iOS one * updates per pr comments * removed cl-openssl from Themis.xcodeproj + edits per pr comments + extra comments * removed example projects * updated xcodeproj version * updated Package.swift * updated changelog * Update CHANGELOG.md Co-authored-by: vixentael <vixentael@users.noreply.github.com> Co-authored-by: vixentael <vixentael@users.noreply.github.com> * fixed automerge issue * fixed typo Co-authored-by: vixentael <vixentael@users.noreply.github.com>

view details

julepka

commit sha 9acb6e67cb5be3b63b415fae1aea73e865f3bb1c

Merge pull request #807 from cossacklabs/release/0.13 0.13.7 release process: merge release/0.13 to stable

view details

julepka

commit sha 26782f5747e9e71c4ee2e383cf84076d98349658

OpenSSL 1.1.1k for iOS/macOS XCF and SPM

view details

julepka

commit sha ada30153238b31ec6c836da687f83df8ac8eca7d

Merge pull request #808 from julepka/openssl1.1.1k-SPM OpenSSL 1.1.1k for iOS/macOS XCF and SPM

view details

julepka

commit sha 8a4d3d78abfe076d321beef6fb55f1b453e3d85b

Merge pull request #809 from cossacklabs/release/0.13 merge release 0.13.8 into stable

view details

julepka

commit sha ce76f32ab2d40b9ada53a6d8a320375e52a128b5

Merge branch 'stable' into 'master'

view details

push time in 21 hours

PR opened cossacklabs/rubygems.org

Bump rqrcode from 1.2.0 to 2.0.0

Bumps rqrcode from 1.2.0 to 2.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/whomwah/rqrcode/releases">rqrcode's releases</a>.</em></p> <blockquote> <h2>Version 2.0.0</h2> <h2>[2.0.0] - 2021-05-06</h2> <h3>Added</h3> <ul> <li>A new <code>use_path:</code> option on <code>.to_svg</code>. This uses a <code><path></code> node to greatly reduce the final SVG size. <a href="https://github-redirect.dependabot.com/whomwah/rqrcode/issues/108">#108</a></li> <li>A new <code>viewbox:</code> option on <code>.to_svg</code>. Replaces the <code>svg.width</code> and <code>svg.height</code> attribute with <code>svg.viewBox</code> to allow CSS scaling. <a href="https://github-redirect.dependabot.com/whomwah/rqrcode/issues/112">#112</a></li> <li>A new <code>svg_attributes:</code> option on <code>.to_svg</code>. Allows you to pass in custom SVG attributes to be used in the <code><svg></code> tag. <a href="https://github-redirect.dependabot.com/whomwah/rqrcode/issues/113">#113</a></li> </ul> <h3>Changed</h3> <ul> <li>README updated</li> <li>Rakefile cleaned up. You can now just run <code>rake</code> which will run specs and fix linting using <code>standardrb</code></li> <li>Small documentation clarification <a href="https://github.com/smnscp"><code>@​smnscp</code></a></li> <li>Bump <code>rqrcode_core</code> to <code>~> 1.0</code></li> </ul> <h3>Breaking Change</h3> <ul> <li>The dependency <code>rqrcode_core-1.0.0</code> has a tiny breaking change to the <code>to_s</code> public method. <a href="https://github.com/whomwah/rqrcode_core/blob/master/CHANGELOG.md#breaking-changes">https://github.com/whomwah/rqrcode_core/blob/master/CHANGELOG.md#breaking-changes</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/whomwah/rqrcode/blob/master/CHANGELOG.md">rqrcode's changelog</a>.</em></p> <blockquote> <h2>[2.0.0] - 2021-05-06</h2> <h3>Added</h3> <ul> <li>A new <code>use_path:</code> option on <code>.to_svg</code>. This uses a <code><path></code> node to greatly reduce the final SVG size. <a href="https://github-redirect.dependabot.com/whomwah/rqrcode/issues/108">#108</a></li> <li>A new <code>viewbox:</code> option on <code>.to_svg</code>. Replaces the <code>svg.width</code> and <code>svg.height</code> attribute with <code>svg.viewBox</code> to allow CSS scaling. <a href="https://github-redirect.dependabot.com/whomwah/rqrcode/issues/112">#112</a></li> <li>A new <code>svg_attributes:</code> option on <code>.to_svg</code>. Allows you to pass in custom SVG attributes to be used in the <code><svg></code> tag. <a href="https://github-redirect.dependabot.com/whomwah/rqrcode/issues/113">#113</a></li> </ul> <h3>Changed</h3> <ul> <li>README updated</li> <li>Rakefile cleaned up. You can now just run <code>rake</code> which will run specs and fix linting using <code>standardrb</code></li> <li>Small documentation clarification <a href="https://github.com/smnscp"><code>@​smnscp</code></a></li> <li>Bump <code>rqrcode_core</code> to <code>~> 1.0</code></li> </ul> <h3>Breaking Change</h3> <ul> <li>The dependency <code>rqrcode_core-1.0.0</code> has a tiny breaking change to the <code>to_s</code> public method. <a href="https://github.com/whomwah/rqrcode_core/blob/master/CHANGELOG.md#breaking-changes">https://github.com/whomwah/rqrcode_core/blob/master/CHANGELOG.md#breaking-changes</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/whomwah/rqrcode/commit/309c11caf3e8b10bf657fbf5458fc78ddfdb84a5"><code>309c11c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/whomwah/rqrcode/issues/115">#115</a> from whomwah/dr-release-2.0.0</li> <li><a href="https://github.com/whomwah/rqrcode/commit/c65202a6fb8284ed2ab0cdf454ecddab7885d82f"><code>c65202a</code></a> Update README and CHANGE</li> <li><a href="https://github.com/whomwah/rqrcode/commit/c2de15c9b353bf37d5f8d92a53df45ed3180500e"><code>c2de15c</code></a> Update bundler open-ended dependency</li> <li><a href="https://github.com/whomwah/rqrcode/commit/f15f61e1c2aca1fa840c15fe5a7ef619c250124f"><code>f15f61e</code></a> Add Gemfile.lock to project</li> <li><a href="https://github.com/whomwah/rqrcode/commit/e83d5a30c3a47f9835972cfdd879c38dd498a3cc"><code>e83d5a3</code></a> Update changelog</li> <li><a href="https://github.com/whomwah/rqrcode/commit/37c901a0ffb82cba7b001fa3f578edab54e06b14"><code>37c901a</code></a> Add changelog (<a href="https://github-redirect.dependabot.com/whomwah/rqrcode/issues/114">#114</a>)</li> <li><a href="https://github.com/whomwah/rqrcode/commit/c1ad41927e1add9766b8962e517157afb74e3ead"><code>c1ad419</code></a> Bump release to 2.0.0 and to 1.0.0 for core</li> <li><a href="https://github.com/whomwah/rqrcode/commit/67785b4cc0e450d5e8d1f10ded443a48f617e1ba"><code>67785b4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/whomwah/rqrcode/issues/113">#113</a> from whomwah/dr-attributes</li> <li><a href="https://github.com/whomwah/rqrcode/commit/8ae141b824e5958dd50f194e8d226ad3ffa2d34d"><code>8ae141b</code></a> feat: Add custom SVG attributes</li> <li><a href="https://github.com/whomwah/rqrcode/commit/bd4529b89b9ba8b0bd34c07120e8e742b434a66a"><code>bd4529b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/whomwah/rqrcode/issues/112">#112</a> from whomwah/dr-viewbox</li> <li>Additional commits viewable in <a href="https://github.com/whomwah/rqrcode/compare/v1.2.0...v2.0.0">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

</details>

+7 -5

0 comment

1 changed file

pr created time in 2 days

create barnchcossacklabs/rubygems.org

branch : dependabot/bundler/rqrcode-2.0.0

created branch time in 2 days

pull request commentcossacklabs/homebrew-tap

Drop CircleCI support

@vixentael, @shadinua, *attracts attention*

ilammy

comment created time in 2 days

PR opened cossacklabs/themis

Reviewers
Update embedded BoringSSL C-BoringSSL dependencies

Bump the submodule with new changes. There is nothing major for us, but keep syncing it up.

Some interesting parts:

  • 81a998a63 Bump minimum CMake version
  • a0b49d63f aarch64: support BTI and pointer authentication in assembly
  • 80e3f957e Support 4096-bit keys in FIPS mode
  • 83a3f462c Add AES-GCM AEADs with internal nonce generation

This is a branch in the main repo, feel free to hijack it and keep the PR open for longer if you don't want multiple BoringSSL updates before the 0.14 release.

Checklist

  • [X] Change is covered by automated tests
  • [X] The coding guidelines are followed
  • [X] Changelog is updated
+7 -1

0 comment

2 changed files

pr created time in 2 days

create barnchcossacklabs/themis

branch : boringssl-update

created branch time in 2 days

push eventilammy/themis

Alexei Lozovsky

commit sha abeafbd44f777b0d47f72c47835f53245c310752

Unbreak Criterion's HTML reports (#764 => #769) Our benchmarking harness has decided that it's time for some INNOVATION and for starters released a version which has disabled generation of HTML reports by default, changed their location from current directory to the proper shared target directory, and strongly suggests migrating away from running benchmarks with "cargo bench" in favor of their own "cargo criterion". Well, okay, that's a fine rabbit to chase later, but for now let's at least unbreak our build by adapting to the new reality. (cherry picked from commit d230f57475c079e0baa72c6d9c91256c4edba858) Also added the same path update for CircleCI which is still running for the stable branch.

view details

Alexei Lozovsky

commit sha dd06bdfa02e9d2ef1c501eb5b317263de8edbf46

Run examples only with Python 3 (#765 => #771) * Do not install Python 2 for examples pip has dropped support for Python 2 some time ago -- a version of Python that has been EOL for about a year now. Themis does not support Python 2 officially, yet we're still test with it as long as it's practical. Well, it stopped being practical for this CI job because Ubuntu has removed "python-pip" package from their repos. Remove all lines which install Python 2 testing environment. * Run examples only with Python 3 For quite some time we have been running this job only with Python 3. Now that Python 2 environment installation has been removed, it no longer makes sense to pretend that we'll enable it back. Just run everything with "python3". (cherry picked from commit 68827dac4debc40bf63f3d1936be8bda9fc2fe6c)

view details

Alexei Lozovsky

commit sha e2421dbcc3943ab38dbb8e6258dd4daf9d3cf8d9

Use new trait order in generated code (#758 => #772) Recent release of bindgen 0.56.0 resulted in a change in the order of the derived traits in the generated code. The changelog does not say anything about that, but I doubt this is considered a notable change. However, it breaks our build system which meticulously checks for any changes in the generated code compared to checked in version. It does this so that we don't miss any changes. Well, the CI is going to be using bindgen 0.56.0 from now on, let's use the new trait order as well, whatever it is. (cherry picked from commit 3f8f9b88edd8edcfcbf3ab63c3c492ff2d091998)

view details

Alexei Lozovsky

commit sha b97979f9b1ef962671f4364bd8f4d458e5736af1

Update code style checking job to Ubuntu 20.04 (#761 => #773) One of the GitHub Actions jobs is using a pristine Ubuntu container because whatever is provided by GitHub Actions runners causes conflicts when some of the packages are installed. That container has been using Ubuntu 19.10. Ubuntu 19.10 "Eoan Ermine" has reached end of life on 2020-07-17. Normally EOL only means that the distribution stops receiving updates after that date. However, eventually it gets purged from the repositories as well. This is exactly what has happened recently, and since then the builds are all red because they are not able to install packages for a missing distribution. Upgrade to Ubuntu 20.04 LTS "Focal Focca". This should last us at least until 2030 or something. Or well, until GitHub becomes more attentive to whatever stuff they put in their sources.list. (cherry picked from commit 647fb0cc8c3939ec17a5fd4e89795846358c5eee)

view details

Alexei Lozovsky

commit sha 40b25e2f8ea69baad0bcd22e00e316023def259f

Migrate to "afl++" from "afl" (#766 => #770) * Migrate to "afl++" from "afl" The original "afl" [1] has been abandoned and is not maintained since 2017. "afl++" [2] is its replacement. Since it's a fork, it has mostly compatible command line, and more features. [1]: http://lcamtuf.coredump.cx/afl/ [2]: https://github.com/AFLplusplus/AFLplusplus The original afl is currently being phased out from distributions. In particular, it's gone from whatever repo list GitHub Actions use, breaking our build. Migrate to "afl++" instead. Not all operating systems ship with "afl++" though. For example, it's still not available in binary form on macOS via Homebrew. Therefore, don't jump the gun and don't update the Makefile to use "afl++"-only features. (However, it would be nice to use them if available.) * Pin "fuzzing" job to Ubuntu 18.04 As noted in the comment, GitHub Actions runners are schizophrenic and sometimes believe that they come from the future where the latest Ubuntu image works correctly. Don't let them be fooled, use 18.04 for now. (cherry picked from commit 0c6a44de5d1a5cf9a0e587d40c973c018c2658e5) Ignore changes in CHANGELOG.md, there is no "Unreleased" section on the "stable" branch. It will get here in due time.

view details

Alexei Lozovsky

commit sha 1b414fabf78c0a6347def37881a1c4d80be572bc

Fix warnings from Clippy (#793 => #794) Recently released Rust 1.51 includes new Clippy with new warnings: error: name `GetPublicKeyForID` contains a capitalized acronym --> src/wrappers/themis/rust/tests/secure_session.rs:663:6 | 663 | type GetPublicKeyForID = Box<dyn FnMut(&[u8]) -> Option<EcdsaPublicKey>>; | ^^^^^^^^^^^^^^^^^ help: consider making the acronym lowercase, except the initial letter: `GetPublicKeyForId` | = note: `-D clippy::upper-case-acronyms` implied by `-D warnings` = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#upper_case_acronyms error: aborting due to previous error Shut up, Clippy, I name my types however I want to!^K I mean, yes, sure, O Wise Stationery, I will immediately rename the entity as prescribed and will refrain from such practice any further. (cherry picked from commit 734a62433aa82c9f626cc8ca159fba412d85e399)

view details

Alexei Lozovsky

commit sha 423adb5a9b531a584fde18f1569bdb9b04193c37

Update zeroize to "1" (#799 => #800) This is the only dependency of RustThemis and they have managed to break even that. Some bright maintainer head over there thought that it would be a great idea to just yank all 0.x versions from crates.io, breaking our build. (Since RustThemis is a library, we're not using Cargo.lock. If a dependency is yanked, we can't build our stuff.) Well, thanks for not breaking the API in 1.x at least. You're still better than the Tokio team. Note that zeroize requires reasonably new stable version of Rust toolchain. With 0.5.2 this has been 1.31, now it's 1.47. (The current stable version is 1.51. RustThemis tracks that version.) (cherry picked from commit 9b3fc0106c8811fb513bbda126ab818e94c33fd9)

view details

julepka

commit sha 0900b1292c25ea4ebb8e57747ad1a5e220786615

Merge pull request #804 from cossacklabs/stable Merged stable into release/0.13

view details

julepka

commit sha 68b485b8017098fce723e0839ecb9543d32463f6

SPM support with XCF (#789) (#806) * Add SPM support with XCF (#789) * add SPM support with XCF * add swift SPM test project * add macOS swift SPM example, updated iOS one * updates per pr comments * removed cl-openssl from Themis.xcodeproj + edits per pr comments + extra comments * removed example projects * updated xcodeproj version * updated Package.swift * updated changelog * Update CHANGELOG.md Co-authored-by: vixentael <vixentael@users.noreply.github.com> Co-authored-by: vixentael <vixentael@users.noreply.github.com> * fixed automerge issue * fixed typo Co-authored-by: vixentael <vixentael@users.noreply.github.com>

view details

julepka

commit sha 9acb6e67cb5be3b63b415fae1aea73e865f3bb1c

Merge pull request #807 from cossacklabs/release/0.13 0.13.7 release process: merge release/0.13 to stable

view details

julepka

commit sha 26782f5747e9e71c4ee2e383cf84076d98349658

OpenSSL 1.1.1k for iOS/macOS XCF and SPM

view details

julepka

commit sha ada30153238b31ec6c836da687f83df8ac8eca7d

Merge pull request #808 from julepka/openssl1.1.1k-SPM OpenSSL 1.1.1k for iOS/macOS XCF and SPM

view details

julepka

commit sha 8a4d3d78abfe076d321beef6fb55f1b453e3d85b

Merge pull request #809 from cossacklabs/release/0.13 merge release 0.13.8 into stable

view details

julepka

commit sha ce76f32ab2d40b9ada53a6d8a320375e52a128b5

Merge branch 'stable' into 'master'

view details

Alexei Lozovsky

commit sha e08a50e0f4684dd596c8381bed33dda320c2bed3

Build BoringSSL with Xcode (#743) * BoringSSL intermediate file generator Start off by adding a utility script to generate intermediate files required by BoringSSL build. Normally, this step is performed by the build system configuration (e.g., CMake). It requires a number of utilities such as Perl and Go to generate the error list and all the assembly code. Once this is done, the intemediate files will be checked into the repository and reused. This script will be executed as part of Make rule for updating BoringSSL. It is not expected to be used manually, but you can certainly do this. Note that BoringSSL's "util/generate_build_files.py" script is pretty picky. It expects the BoringSSL source tree to be located in "src" directory, it works only with Python 2, and it spews out generated files into the current directory and expects them to stay there. Also note that we save not only the generated source files but also the "boringssl.gypi" file. Our build system does not use GYP, but its project file is the easiest one to parse. We'll use it later to get the list of all BoringSSL source files to use. * BoringSSL intermediate files Run "third_party/boringssl/generate_build_files.sh" and check in the generated files. * Build BoringSSL with Xcode Add "BoringSSL" group to Xcode project, currently without any files. Also add "BoringSSL (iOS)" and "BoringSSL (macOS)" targets building static libraries "libboringssl.a" for iOS and macOS respectively. These are currently placeholder and next commits in this pull request will fill them in with files to compile and adjust compilation settings. * Script for updating BoringSSL targets of Xcode project BoringSSL does not have a native build system for iOS *and* macOS. It is possible to coerce CMake into generating some Xcode project which might work, but it requires installing custom toolchains, and it's not very reliable nor convenient for us. Therefore, we take the matter into our own hands and update existing Xcode project manually, using the intermediate build files generated earlier. The "third_party/boringssl/update_xcodeproj.rb" script will read the GYP file, extract the source file lists, and update Themis.xcodeproj to use those source files appropriately. Files will be added to the "BoringSSL" file group, the source files will be added to the compilation steps, this includes both C/C++ source code and assembly as well. We're using CocoaPods' "xcodeproj" gem and write the script in Ruby because that's the most stable and battle-tested programmatic way to manipulate Xcode projects. * Update Xcode project from BoringSSL's GYP file Run the "third_party/boringssl/update_xcodeproj.rb" script and update the Xcode project with BoringSSL file list. * Configure BoringSSL targets Adjust Xcode project configuration for building BoringSSL. - Build "arm64e" architecture for iOS, like we do for Themis. - Build assembly files only for relevant architectures. This one is very tricky to do and works only due to pure luck. Xcode does not really offer a convenient way to include/exclude individual files based on architecture. However, there are two settings which more or less allow it: EXCLUDED_SOURCE_FILE_NAMES and INCLUDED_SOURCE_FILE_NAMES. We set up those settings to exclude the assembly files by default, but include them back for relevant SDKs and architectures. Real iOS devices use ARM64 (and ARMv7 for iOS 10 which we still support) so they need the ARM assembly stuff. macOS devices use x86_64 but can run x86 apps (until 10.15), so we include both x86 and x86_64 assembly stuff. New Apple Silicon devices will use ARM64, but BoringSSL does not include ARM assembly for macOS yet (and we can't blindly use the one designed for iOS devices). iOS Simulator does not simulate any hardware acceleration so we add OPENSSL_NO_ASM preprocessor definiton to block assembly usage in BoringSSL build and use pure software implementation there. Similarly, we currently use OPENSSL_NO_ASM for arm64 on macOS too because BoringSSL build expects hardware acceleration, but we can't provide it (yet). - Disable compilation warnings. Since BoringSSL is a third-party project, we don't have any direct control over its code and can't fix the warnings it produces. And it produces quite a few. Inhibit all warnings there and don't bother. * New make target: update_boringssl Add a utility target "update_boringssl" to update BoringSSL: pull the latest source code into the submodule and run all the update scripts. Xcode project editing scripts are run only when running on macOS since that's required to test the updates, and likely to perform them in the first place. * Update to latest BoringSSL Run the "make update_boringssl" target and update to latest BoringSSL. This includes both the submodule update and the Xcode build files. * Remove "Recovered references" after merge Merging Xcode's project XMLs is so much fun! It's easier to just redo the work on top of the updated project. * Use whatever Python is available in the system Recent versions of BoringSSL are now able to work with either Python 3 or Python 2, so we don't particularly care about that anymore. Just launch *some* Python and we're good. * Update to latest BoringSSL (once again) Run "make update_boringssl", commit whatever the updates are. * Remove "arm64e" architecture from iOS builds Just build with the standard architecture set. Don't try building arm64e which tends to cause multiple arcane issues without providing any value. Apple has been recommending to "test your builds" with it, but it has never recommended deploying applications that use it. So screw it. * Include ARM assembly for macOS as well Try using ARM assembly files generated for iOS during macOS builds too. I don't have an M1 laptop so I have no clue if it actually works, but it certainly does compile. Maybe it does not use those fast paths, but vOv Add those new files into Xcode project. * Actually include ARM files into macOS builds Update the source file exclusion/inclusion rules to build ARM64 assembly files for macOS builds. * Don't set OPENSSL_NO_ASM for macOS anymore Now that we actually have some assembly in there, try using it. I'm not sure that it's actually being used though, too lazy to disassmeble. * Adjust changelog to mention only BoringSSL update Since it's likely that BoringSSL-based builds of Themis won't make it into the 0.14.0 release, let's not put more that we can eat onto the plate. This patch set is going to just add BoringSSL targets to the Xcode project and a new "update_boringssl" target for Make, that's it. * Remove BoringSSL mentions from Objective-C and Swift sections Since there is no user-visible impact of these changes on Objective-C and Swift users, there is no point in adding those lines there, right?

view details

Alexei Lozovsky

commit sha e0e5f60de3c33963209a7c168cee43f531fe239c

Add "src/soter/boringssl" into Xcode project Start by adding the source files we'll need for compilation. And don't ask me what are all those other changes in there, I have no clue.

view details

Alexei Lozovsky

commit sha 8b99988099227cde0285a85ad4e7d1670dbac4ee

Xcode targets for building Themis with BoringSSL A couple new targets will build Themis with BoringSSL as opposed to Carthage-provided OpenSSL: - Themis (iOS) - BoringSSL - Themis (macOS) - BoringSSL Note that these come *without* shared schemes. This is to prevent Carthage from building them and overwriting OpenSSL-based builds. The targets build the same framework -- "themis.framework" -- and Carthage is too stupid to put results into separate directories or something.

view details

Alexei Lozovsky

commit sha be7049290131b0183b0c767525da410d8a578361

Build BoringSSL variant of Soter for BoringSSL builds Replace "src/soter/openssl/*" with "src/soter/boringssl/*" in source file lists for BoringSSL-based builds.

view details

Alexei Lozovsky

commit sha 3973363a36b4ac4be570bb39c41158ec27d8a595

Use embedded BoringSSL headers Make sure that we can locate BoringSSL headers during builds.

view details

Alexei Lozovsky

commit sha d26f624b7a1a425aa60a6f739967f867a16f6be7

Configure BoringSSL preprocessor definitions Define some things that configure Themis for BoringSSL. Normally these are defined by the Makefile, but we don't have that in Xcode, obviously.

view details

push time in 2 days

pull request commentcossacklabs/themis

Build Themis + BoringSSL with Xcode

because .framework doesn't support iOS simulator on M1

XCFs are composed from frameworks so this wouldn't change much. @julepka's scripts are working just fine, with one less dependency.

I suggest to merge #743 and #810 to a separate branch

Fair call. Though, it might be a bit painful to merge it back later.

ilammy

comment created time in 2 days

delete branch ilammy/themis

delete branch : iBoringSSL

delete time in 2 days

PR opened cossacklabs/product-docs

Reviewers
Themis SPM Update
+15 -3

0 comment

3 changed files

pr created time in 2 days

PR closed cossacklabs/themis

Merge stable into master (PR for visibility)

Finishing with our SPM release we need to do the final merge stable -> master. This PR is for visibility to show the result I'm getting. If it is ok, I'll push my changes to master after this PR is reviewed.

What were the conflicts: .circleci/config.yml - resolved in favor of master .github/workflows/test-core.yaml - resolned in favor of master Package.swift - resolved in favor of stable Themis.xcodeproj/project.pbxproj - resolved in favor of stable master with updated version CHANGELOG.md - edited manually

+5619 -14

4 comments

72 changed files

julepka

pr closed time in 2 days

push eventcossacklabs/themis

Alexei Lozovsky

commit sha abeafbd44f777b0d47f72c47835f53245c310752

Unbreak Criterion's HTML reports (#764 => #769) Our benchmarking harness has decided that it's time for some INNOVATION and for starters released a version which has disabled generation of HTML reports by default, changed their location from current directory to the proper shared target directory, and strongly suggests migrating away from running benchmarks with "cargo bench" in favor of their own "cargo criterion". Well, okay, that's a fine rabbit to chase later, but for now let's at least unbreak our build by adapting to the new reality. (cherry picked from commit d230f57475c079e0baa72c6d9c91256c4edba858) Also added the same path update for CircleCI which is still running for the stable branch.

view details

Alexei Lozovsky

commit sha dd06bdfa02e9d2ef1c501eb5b317263de8edbf46

Run examples only with Python 3 (#765 => #771) * Do not install Python 2 for examples pip has dropped support for Python 2 some time ago -- a version of Python that has been EOL for about a year now. Themis does not support Python 2 officially, yet we're still test with it as long as it's practical. Well, it stopped being practical for this CI job because Ubuntu has removed "python-pip" package from their repos. Remove all lines which install Python 2 testing environment. * Run examples only with Python 3 For quite some time we have been running this job only with Python 3. Now that Python 2 environment installation has been removed, it no longer makes sense to pretend that we'll enable it back. Just run everything with "python3". (cherry picked from commit 68827dac4debc40bf63f3d1936be8bda9fc2fe6c)

view details

Alexei Lozovsky

commit sha e2421dbcc3943ab38dbb8e6258dd4daf9d3cf8d9

Use new trait order in generated code (#758 => #772) Recent release of bindgen 0.56.0 resulted in a change in the order of the derived traits in the generated code. The changelog does not say anything about that, but I doubt this is considered a notable change. However, it breaks our build system which meticulously checks for any changes in the generated code compared to checked in version. It does this so that we don't miss any changes. Well, the CI is going to be using bindgen 0.56.0 from now on, let's use the new trait order as well, whatever it is. (cherry picked from commit 3f8f9b88edd8edcfcbf3ab63c3c492ff2d091998)

view details

Alexei Lozovsky

commit sha b97979f9b1ef962671f4364bd8f4d458e5736af1

Update code style checking job to Ubuntu 20.04 (#761 => #773) One of the GitHub Actions jobs is using a pristine Ubuntu container because whatever is provided by GitHub Actions runners causes conflicts when some of the packages are installed. That container has been using Ubuntu 19.10. Ubuntu 19.10 "Eoan Ermine" has reached end of life on 2020-07-17. Normally EOL only means that the distribution stops receiving updates after that date. However, eventually it gets purged from the repositories as well. This is exactly what has happened recently, and since then the builds are all red because they are not able to install packages for a missing distribution. Upgrade to Ubuntu 20.04 LTS "Focal Focca". This should last us at least until 2030 or something. Or well, until GitHub becomes more attentive to whatever stuff they put in their sources.list. (cherry picked from commit 647fb0cc8c3939ec17a5fd4e89795846358c5eee)

view details

Alexei Lozovsky

commit sha 40b25e2f8ea69baad0bcd22e00e316023def259f

Migrate to "afl++" from "afl" (#766 => #770) * Migrate to "afl++" from "afl" The original "afl" [1] has been abandoned and is not maintained since 2017. "afl++" [2] is its replacement. Since it's a fork, it has mostly compatible command line, and more features. [1]: http://lcamtuf.coredump.cx/afl/ [2]: https://github.com/AFLplusplus/AFLplusplus The original afl is currently being phased out from distributions. In particular, it's gone from whatever repo list GitHub Actions use, breaking our build. Migrate to "afl++" instead. Not all operating systems ship with "afl++" though. For example, it's still not available in binary form on macOS via Homebrew. Therefore, don't jump the gun and don't update the Makefile to use "afl++"-only features. (However, it would be nice to use them if available.) * Pin "fuzzing" job to Ubuntu 18.04 As noted in the comment, GitHub Actions runners are schizophrenic and sometimes believe that they come from the future where the latest Ubuntu image works correctly. Don't let them be fooled, use 18.04 for now. (cherry picked from commit 0c6a44de5d1a5cf9a0e587d40c973c018c2658e5) Ignore changes in CHANGELOG.md, there is no "Unreleased" section on the "stable" branch. It will get here in due time.

view details

Alexei Lozovsky

commit sha 1b414fabf78c0a6347def37881a1c4d80be572bc

Fix warnings from Clippy (#793 => #794) Recently released Rust 1.51 includes new Clippy with new warnings: error: name `GetPublicKeyForID` contains a capitalized acronym --> src/wrappers/themis/rust/tests/secure_session.rs:663:6 | 663 | type GetPublicKeyForID = Box<dyn FnMut(&[u8]) -> Option<EcdsaPublicKey>>; | ^^^^^^^^^^^^^^^^^ help: consider making the acronym lowercase, except the initial letter: `GetPublicKeyForId` | = note: `-D clippy::upper-case-acronyms` implied by `-D warnings` = help: for further information visit https://rust-lang.github.io/rust-clippy/master/index.html#upper_case_acronyms error: aborting due to previous error Shut up, Clippy, I name my types however I want to!^K I mean, yes, sure, O Wise Stationery, I will immediately rename the entity as prescribed and will refrain from such practice any further. (cherry picked from commit 734a62433aa82c9f626cc8ca159fba412d85e399)

view details

Alexei Lozovsky

commit sha 423adb5a9b531a584fde18f1569bdb9b04193c37

Update zeroize to "1" (#799 => #800) This is the only dependency of RustThemis and they have managed to break even that. Some bright maintainer head over there thought that it would be a great idea to just yank all 0.x versions from crates.io, breaking our build. (Since RustThemis is a library, we're not using Cargo.lock. If a dependency is yanked, we can't build our stuff.) Well, thanks for not breaking the API in 1.x at least. You're still better than the Tokio team. Note that zeroize requires reasonably new stable version of Rust toolchain. With 0.5.2 this has been 1.31, now it's 1.47. (The current stable version is 1.51. RustThemis tracks that version.) (cherry picked from commit 9b3fc0106c8811fb513bbda126ab818e94c33fd9)

view details

julepka

commit sha 0900b1292c25ea4ebb8e57747ad1a5e220786615

Merge pull request #804 from cossacklabs/stable Merged stable into release/0.13

view details

julepka

commit sha 68b485b8017098fce723e0839ecb9543d32463f6

SPM support with XCF (#789) (#806) * Add SPM support with XCF (#789) * add SPM support with XCF * add swift SPM test project * add macOS swift SPM example, updated iOS one * updates per pr comments * removed cl-openssl from Themis.xcodeproj + edits per pr comments + extra comments * removed example projects * updated xcodeproj version * updated Package.swift * updated changelog * Update CHANGELOG.md Co-authored-by: vixentael <vixentael@users.noreply.github.com> Co-authored-by: vixentael <vixentael@users.noreply.github.com> * fixed automerge issue * fixed typo Co-authored-by: vixentael <vixentael@users.noreply.github.com>

view details

julepka

commit sha 9acb6e67cb5be3b63b415fae1aea73e865f3bb1c

Merge pull request #807 from cossacklabs/release/0.13 0.13.7 release process: merge release/0.13 to stable

view details

julepka

commit sha 26782f5747e9e71c4ee2e383cf84076d98349658

OpenSSL 1.1.1k for iOS/macOS XCF and SPM

view details

julepka

commit sha ada30153238b31ec6c836da687f83df8ac8eca7d

Merge pull request #808 from julepka/openssl1.1.1k-SPM OpenSSL 1.1.1k for iOS/macOS XCF and SPM

view details

julepka

commit sha 8a4d3d78abfe076d321beef6fb55f1b453e3d85b

Merge pull request #809 from cossacklabs/release/0.13 merge release 0.13.8 into stable

view details

julepka

commit sha ce76f32ab2d40b9ada53a6d8a320375e52a128b5

Merge branch 'stable' into 'master'

view details

push time in 3 days

Pull request review commentcossacklabs/themis

Merge stable into master (PR for visibility)

 _Infrastructure:_ - JavaThemis for Android and desktop Java is now published in the Maven Central repository ([#786](https://github.com/cossacklabs/themis/pull/786), [#788](https://github.com/cossacklabs/themis/pull/788)). - MSYS2 builds for Windows are now checked by CI ([#791](https://github.com/cossacklabs/themis/pull/791)). +## [0.13.8](https://github.com/cossacklabs/themis/releases/tag/0.13.8), April 30th 2021++**Hotfix for Apple platforms:**++- Updated OpenSSL to the latest 1.1.1k for SMP and attached `themis.xcframework`. (iOS and macOS).+- New Swift and Objective-C example projects: SPM for iOS and macOS.

This line tells that new OpenSSL version is available with SPM (using XFC) or by just adding XCF to the project without SPM. It is important because OpenSSL 1.1.1k is still not available for Themis via CocoaPods and Carthage (it will be our next step). It is not about announcing SPM in general.

julepka

comment created time in 3 days

Pull request review commentcossacklabs/themis

Merge stable into master (PR for visibility)

 _Infrastructure:_ - JavaThemis for Android and desktop Java is now published in the Maven Central repository ([#786](https://github.com/cossacklabs/themis/pull/786), [#788](https://github.com/cossacklabs/themis/pull/788)). - MSYS2 builds for Windows are now checked by CI ([#791](https://github.com/cossacklabs/themis/pull/791)). +## [0.13.8](https://github.com/cossacklabs/themis/releases/tag/0.13.8), April 30th 2021++**Hotfix for Apple platforms:**++- Updated OpenSSL to the latest 1.1.1k for SMP and attached `themis.xcframework`. (iOS and macOS).+- New Swift and Objective-C example projects: SPM for iOS and macOS.

SMP is symmetric multiprocessing. SPM is Swift Package Manager. You want the latter.

Ditto below.

Though, I don't think we need to mention attaching themis.xcframework at all, neither here in highlights, nor in platform-specific details. Attaching a new binary is now a standard procedure for SPM. SPM support has been announced in 0.13.7, from now on users can rely on this support until further notice.

julepka

comment created time in 3 days

delete branch cossacklabs/rubygems.org

delete branch : dependabot/bundler/rails-6.1.3.1

delete time in 3 days

PR closed cossacklabs/rubygems.org

Bump rails from 6.1.1 to 6.1.3.1 dependencies

Bumps rails from 6.1.1 to 6.1.3.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/rails/rails/releases">rails's releases</a>.</em></p> <blockquote> <h2>6.1.3.1</h2> <h2>Active Support</h2> <ul> <li>No changes.</li> </ul> <h2>Active Model</h2> <ul> <li>No changes.</li> </ul> <h2>Active Record</h2> <ul> <li>No changes.</li> </ul> <h2>Action View</h2> <ul> <li>No changes.</li> </ul> <h2>Action Pack</h2> <ul> <li>No changes.</li> </ul> <h2>Active Job</h2> <ul> <li>No changes.</li> </ul> <h2>Action Mailer</h2> <ul> <li>No changes.</li> </ul> <h2>Action Cable</h2> <ul> <li>No changes.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/rails/rails/commit/85c6823b77b60f2a3a6a25d7a1013032e8c580ef"><code>85c6823</code></a> v6.1.3.1</li> <li><a href="https://github.com/rails/rails/commit/853d594d99bff0558824eb6d831b8e3e6a703789"><code>853d594</code></a> Upgrade to Marcel 1.0.0</li> <li><a href="https://github.com/rails/rails/commit/7c55e373be1d40a72581cb6d4131eb2d9e0c2fcb"><code>7c55e37</code></a> Replace mimemagic with mini_mime</li> <li><a href="https://github.com/rails/rails/commit/5aaaa1630ae9a71b3c3ecc4dc46074d678c08d67"><code>5aaaa16</code></a> Preparing for 6.1.3 release</li> <li><a href="https://github.com/rails/rails/commit/e322277be55452665cba6ea6925d2e93a3a04092"><code>e322277</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rails/rails/issues/41463">#41463</a> from jhawthorn/isolated_engine_controller_subclasses</li> <li><a href="https://github.com/rails/rails/commit/4f5e6b5317ea6d96b146a9f562c429f77071dfba"><code>4f5e6b5</code></a> Revert "Merge pull request <a href="https://github-redirect.dependabot.com/rails/rails/issues/41232">#41232</a> from code4me/fix-malformed-packet-master"</li> <li><a href="https://github.com/rails/rails/commit/7f343cb23cb0acbffb34f0d9018551aa2c84151f"><code>7f343cb</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rails/rails/issues/41454">#41454</a> from ghiculescu/patch-2</li> <li><a href="https://github.com/rails/rails/commit/7ff5f60f13c470ca436c75f6102524b0cb6a5b2c"><code>7ff5f60</code></a> Fix branch for <code>rails new --edge</code></li> <li><a href="https://github.com/rails/rails/commit/eddb809b92808de50235a7975106ff974bee540f"><code>eddb809</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rails/rails/issues/41441">#41441</a> from jonathanhefner/apidocs-inline-code-markup</li> <li><a href="https://github.com/rails/rails/commit/43870f3ec5ad6588ca61fb91349215b7295ad693"><code>43870f3</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/rails/rails/issues/41436">#41436</a> from santib/fix-active-storage-sharpening-docs</li> <li>Additional commits viewable in <a href="https://github.com/rails/rails/compare/v6.1.1...v6.1.3.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

</details>

+61 -63

1 comment

1 changed file

dependabot[bot]

pr closed time in 3 days

pull request commentcossacklabs/rubygems.org

Bump rails from 6.1.1 to 6.1.3.1

Superseded by #25.

dependabot[bot]

comment created time in 3 days

create barnchcossacklabs/rubygems.org

branch : dependabot/bundler/rails-6.1.3.2

created branch time in 3 days