26
votes
Signal's server repo hasn't been updated since April 2020
Link information
This data is scraped automatically and may be incorrect.
- Title
- Where is new Signal Server code? Why not share Signal?
- Authors
- topalatna, ippefre, jaypatelani, Leptopoda, willemk, Herohtar, Crypto, newuser, muncescu
- Published
- Jun 16 2020
I don't use or recommend signal because of stuff like this. They want to have the benefits of being (called) FOSS without enforcing FOSS practices around their code. That is why I'm hoping for the Matrix protocol to succeed. The original group behind Matrix are really bad at branding (Riot, Element, even Matrix, what is it with all this weird names? I don't get it and I've ranted about this before), but one thing that I believe they are doing correctly from a FOSS perspective is being transparent. They have weekly podcasts to inform about the status of the project, they have a blog, they have a specification, they allow for multiple front-ends to coexist (even though all of them suck at the time of writing), all of their repositories seem to be public and up to date, the head of New Vector can be found multiple times answering people on Hacker News. It is really unfortunate that matrix based chats are still too complicated for average people to use (I've also mentioned my concerns about this before and while progress has been made it is still nowhere near enough).
FluffyChat is very pretty and has a better designed UI compared to Element, but it is very slow, when running on a browser it makes my laptop's fans work at maximum speed, loading old messages is very slow, and scrolling any element of the UI feels extremely sluggish. I never tried SchildiChat.
Never tried the Andorid version, how is the battery consumption?
@Deimos, the link to a comment in a deleted topic doesn't seem to be working, it takes me to the topic instead. Is this a bug?
Sorry if I'm not supposed to ask about this stuff here as opposed to opening an issue on Gitlab.
Yeah, like the others mentioned—it's a problem with the comment being underneath a collapsed Noise comment. It's a problem I know about, and there are a few other similar ones as well.
I think the best fix for it will be changing so that links to comments go to a separate view that only shows the linked comments (and maybe some context), instead of just linking to a location on the normal comments page. That doesn't work well when combined with some of the other behaviors like collapsed comments.
Doesn't have to do with the topic being deleted, has to do with the linked comment being beneath one that has been collapsed.
The silence from devs on this is concerning. If they announced this with some reasoning it would be understandable. But to do this without announcement or reason and to ignore questions really undermines confidence in the app.
I'm a long time user of Signal and I've spent quite a bit of time and energy convincing my peers to join me on the platform was well. This issue is one of seemingly many that continue to give me pause about my continual use of the platform. More conversation on the issue:
https://community.signalusers.org/t/where-is-new-signal-server-code-why-not-share-signal/15068
https://libredd.it/r/signal/comments/lw5u2q/
https://lemmy.ml/post/55595
Thoughts? My position is that my continual use and promotion of Signal almost entirely hinges on Signal's response to this issue at this point. Finding another application that touts the feature set of Signal while being stupid simple and easy to migrate non-technical friends to will be tough, but I see little alternative.
Well since you asked...
Thoughts are that the people behind Signal are humans, humans are fallible (forget to update, didn't notice their repo update failed, the dev responsible for the push is lazy/having personal issues that saps their will/memory/drive), they'll get the repo updated, and it's exceedingly unlikely that it's not updated due to anything inappropriate.
I can't blame Signal for not actively communicating with the "FOSS community" as that takes time, money, and (as is apparent in all of your links) they tend to be extremely demanding, jump to conclusions, threaten to leave (as if their individual exodus due to a perceived slight from lack of direct response to them would magically collapse the project), and doing so has very little chance of being a net positive for the project at this stage. Individual communication on the myriad of platforms that this is being discussed (especially as each one seems to have "why aren't they talking to us here!" undertones) is an utter waste of time and while it is important to have seemingly constant feedback at the start of a project, the exponential increase in the number of users has had a similar increase in the number of people in the "FOSS community" that expect to be communicated with directly and believe their viewpoint to be valid, important, or even essential to the continued existence of the project.
Simply put: Yes, the repo is outdated, but I have every reason to believe that they're just busy working on things other than making sure that a single repo has been updated as every single organization has things that slip through the cracks and are caught later.
Honestly I think that compared to most FOSS projects, when it comes to money, Signal can't complain about not being able to do things due to the lack of resources as they got 50M from the Whatsapp founder some years ago. Moreover, from the moment they start accepting donations, with this:
as the webpage's opening statement, they have the moral obligation to at least try and honor it.
Sure they can. The amount of money they have has no bearing on whether or not paying someone to deal with the community is a smart use of those resources.
Have they not? Is the lack of a current update to a single repo evidence that they haven't fulfilled the moral obligation to at least try and honor it?
From my point of view, since other projects do it with less or even no money it is not a smart use of those resources. And the result is people starting to complain for not being able to scrutinize the code.
That is downplaying it a bit. Server side code is the most important repository, since it is what tells you as a user of what they are keeping about you. We already have the ( as far as I know currently impossible to solve) issue of not being able to surely know which version of a piece of software is running on the other party's computer. Not having access to the most recent code being developed is total lack of transparency.
Which implies ill will and circles back to my point that based on the entire history of Signal good faith is the safest, and most likely correct, assumption.
I didn't understand this last sentence, sorry. From which party do you mean "ill will"?
On Signal's part.
Could be confusion on both our parts. I see "total lack of transparency" as a malicious act in regards to a FOSS project, so if Signal does have a lack of transparency on the code it has to be purposeful and therefore ill will. I don't believe it is on purpose and so I don't think it's a lack of transparency.
Not sure if that clears up my point or not, but let me know.
Oh ok, I got it. But I don't agree as I don't think that it has to be one of those options. They could simply not care enough to bother and have the repository up to date. They might think that it doesn't benefit them directly so they don't do it. So it doesn't have to necessarily be malice or on purpose for some hidden reason.
However from the user's perspective transparency is one characteristic that you would expect from a institution that claims to be on the "users' side". In the end, there is always trust involved, but some actions make it easier or harder to trust.
Edit: changed "in the limit" to "in the end", turns out that the former makes no sense in English.