I'm wondering if Joplin has ever done a third-party security audit of the application, particularly in regards to its encryption. I've been thinking of switching from another notes application which uses E2EE but I couldn't seem to find much information on whether or not Joplin has been audited or not since I'm looking into the possibility of syncing it with a Nextcloud provider.
If it hasn't been audited, does anyone have an idea of how risky it would be to rely on Joplin's encryption? And are there any alternatives to using Joplin's built-in encryption feature? (For example, maybe there's a way to do it using Cryptomator?)