OpenSSL 1.1.1 EOL

[MelihDarcanxyz]

As I've taken notice, this project uses OpenSSL 1.1.1 which has came to the end-of-life. I'm not sure if it's easier said than done, but OpenSSL dependency should be bumped since the current version is insecure.

Searched for issues before opening this, but didn't see anything related to this. So I thought I should at least point to this so if necessary, there will be some action taken.

https://www.openssl.org/blog/blog/2023/03/28/1.1.1-EOL/

[richardshiue]

Hi @MelihDarcanxyz, thanks for raising this issue. May I ask where did you observe that we're using the openssl 1.1.x series? AFAIK we have been using openssl 3 for some time now.

[MelihDarcanxyz]

To be honest, I was really hesitant about opening an issue and searched thoroughly before opening because I've tried to install AppFlowy from NixOS 23.05 branch which means May of 2023. I checked for dependencies on the repository, skimmed through the code, scanned existing issues / discussions. But I couldn't find any mention of this EOL, so thought it's best to open an issue.

Sorry for taking your time if that's the case. Thanks for developing such a great software.

[richardshiue]

Ahh I see. No worries, it's always best to make sure. I'm not too sure what's the version of AppFlowy that's on the NixOS repo, but we stopped dynamically linking to OpenSSL 1.1.x around end of August. I was kinda worried a dependency might have gone unnoticed

I'll be closing this issue for now. I encourage you to install the latest version and try out with the newest features!