* correct typo in readme
* include log
* decrypt file server response, remove debug, handle crypt before _sendToProxy, improve json parsing failure logging
* support file uploads on file proxy, fix _sendToProxy calling
* bump form-data to 3.0
* initial refactor of feaure flag detection statements in serverRequest()
* fix send-message line-height with multiple lines
* fix lint
* fix position of delete account modal
* Profile picture upload, fixes and copy
* Various changes suggested by redesign overview
* Scrolling button updated and animations to modals
* Display subscriber count for open chats
* Prevent illegal username and passwords
* Delete channel / group merge
* Solidification of minor changes w appview injections
* hide description field in group panel for now
* fix join publicgroups pulls
* increase min height respecting ratio
* allow space inside a display name but not at start or end
* fix height of leftpane overlay view
* add back typing indicator and read receipt setting under privacy
* Auto-focus new open chat input box
* Password lock screen and delete data screen
* touchups
* Resolving Bilb revisions
* Disable link previews as default per Kee on signup
* remove date, we have git
* add missing semicolon
* _sendToProxy pass headers/handle response refactor, lint
* fix my yarn conflict/resolve
* include IV in server response
* Sealed sender support
* Support sealed sender for friend requests
* fix lint
* Remove unused destinationRegistrationId; lint
* Update messages.json
* pull RSS through file proxy
* fix unit tests: remove not used count in scrolldown view and assert svg
present
* Disable auto-joining default loki open groups
* session-id-editable-textarea
* fix the textscramble for sessionID on registration
* speed up lint, add lint-full/format-full, make sure use lint-full
* add skipToken to establishConnection options, smuggle out secureRpcPubKey
* get latest version through snode proxy, remove clearfix from ExpiredAlertBanner
* expose semver and LokiAppDotNetServerAPI because we can't get ourKey from storage early enough
* update note
* fix upgrade link, wrap expiredWarning in span for styling, use br to clear the float, trim trailing whitespace
* designalify
* designalify
* designalify user agent
* continue designalification
* make expired banner legible
* remove ugly TLS hack
* disable unauthorization rejection when making https requests limited to lokiRpc
* Update main.js
Aspect ratio amendment
* Constants rework
* local commit
* event listeners
* address missing comma for lint
* fix header sessions message section
* fix profile image size conversation list with pending friend request
* textarea centering
* refresh files in group in group panel
* Looking into keyboard navigation
* Remove P2P
* cache eslint on `lint` but not `ready`
* Cleanup media view formatting
* force locale to be EN until our files are updated and translated
* Simplification of keyup
* Updated all icon references
* SASS fixup
* fix disabled state of message input on sent friendrequest
* trim pubkey when user can enter one to remove whitespaces
* remove lZ in path which fixes errors on svg and does not alter rendering
* fix text scramble animation on registration
* reload app on ctrl-r or f5 from anywhere
* add back file which should have not been deleted
* fix lint and clean code
* fix lint
* add .loki to have a self-signed cert
* Remove mixpanel
* use local shortcut instead of global shortcut
otherwise, ctrl+r is only caught bu the last loaded instance
* open the conversation when accepting a friend request
also, it does what is needed to show the new friend in the friend list
* make sure token comms are done over fileProxy, other notes, logging adjustment
* leftpane sections titles are Wasa bold
* minor refactor
* onboarding messageview
* linter
* fix padding buttons overlay
* do not render session-id-editable border when textarea disabled
* textarea sessionID SpaceMono font
* various touchups
* fix font of description to sfprodisplay
* reduce triple dots conversation header icon size
* reduce size of conversationHeader title font size
* fix font for session-search-input
* make conversationlistitem title font wasa
* fix green and white border under title in leftpane
* fix panel-text-divider font-size and family
* disable completely borders for profile images
* make profile image which where 48pixels big 36 noew, as no more border
* Complete conditional message onboarding
* cache file deletions
* Link preview warning on setting toggle
* Messages.json amendments
* Join channel generalisation
* Localise global vars
* remove eslintcache
* rm global launchcount
* Remove source field from envelope
* Session public chat icon
* CLosed groups ui initial listprops
* Desktop: enable useSnodeProxy feature flag
* file proxy needs to be able to talk to snode
- disable TLS check for fileProxy
- lokiHttpsAgent => snodeHttpsAgent (since we use for two different things now)
* enable useSealedSender too per Maxim
* lint
* lint
* window.extension.expiredPromise version
* better error checking
* use promise version to see if we're expired
* fix typo
* lint
* put back seemingly now required process.env.NODE_TLS_REJECT_UNAUTHORIZED
* fix querystring in file-proxy
* lint
* fix typo
* Remove more references to signal.org
* make sure TLS is forced on open groups, improve serverRequest error message
* Closed groups UI
* function params changes
* turn off snode proxy logging
* include useful info on error
* actually validate URL before starting up a bunch of timers
* Closed groups overlay integration
* move comments from connecting_to_server_dialog_view
* use attempt from window object to reduce code duplication
* refactor out validServer()
* lint
* lint caught typo
* Rename BACKGROUND_FRIEND_REQUEST to SESSION_REQUEST.
Don't trigger friend request logic if a message is aimed at a group.
* Linting
* Closed group joining completed w/o backend
* Fix friend request messages being sent to users you don't have a session in closed groups.
Disable typing messages and read receipts in groups.
Send out session request messages if you don't have a session with a member in the group.
* Remove unneeded boolean condition.
* Closed group update message stylgin
* constants renaming
* Message deletion fix
* gruntify
* fix grunt error
* expose isRss, don't close uncloseable Rss conversation on deleteMessages
* remove copyId and block user on RSS feeds
* remove options from RSS feed that don't make any sense and don't work
* fix grunt error
* squelch RSS duplicate messages
* extension.expiredStatus(), adjustable timers, improve guards
* allowing sending of messages if we're still waiting to hear back
* markRandomNodeUnreachable() refactor, notes/logging
* improve logging
* improve logging
* no need to validate empty token, support lokinet/getession file domains, mark broken snodes as bad, improve logging
* try to address travis-osx lint complaints
* not designed to have a period at the end of titleIsNow
* put period back at the end
* Catch a stray loki messenger
* fix stray loki messenger
* loki messenger isnt a thing
* lint
* Fix open group joining.
* guards incase there are no members yet, fixes dialog not showing up
* fixed file server holding up message sender init.
fix joining closed groups.
* Clean
* Don't wait for file server to return tokens when establishing home connection.
* Disable join public chat prompt
Co-authored-by: Audric Ackermann <audric.bilb@gmail.com>
Co-authored-by: Ryan Tharp <neuro@interx.net>
Co-authored-by: Vince <vincent@loki.network>
Co-authored-by: Maxim Shishmarev <msgmaxim@gmail.com>
- A new design for the import flow. It features:
- Icons at the top of every screen
- Gray background, blue buttons, thinner text
- Simpler copy
- A new design for the install flow. It features:
- Immediate entry into the QR code screen
- Animated dots to show that we're loading the QR code from the server
- Fewer screens: 1) QR 2) device name 3) sync-in-progress
- When not set up, the app opens directly into the install screen, which has been streamlined. The `--import` command-line argument will cause the app to open directly into the import flow.
- Support for two different flavors of builds - the normal build will open into the standard registration flow, and the import flavor will be exactly the same except during setup it will open directly into the import flow.
- A new design for the (dev-only) standalone registration view
- When these install sequences are active, the OS File menu has entries to allow you to switch the method of setup you'd like to use. These go away as soon as the first step is taken in any of these flows.
- The device name (chosen on initial setup) is now shown in the settings panel
- At the end of a light import, we hand off to the normal device link screen, starting at the QR code. On a full import, we remove the sensitive encryption information in the export to prevent conflicts on multiple imports.
- `Whisper.Backup.exportToDirectory()` takes an options object so you can tell it to do a light export.
- `Whisper.Backup.importFromDirectory()` takes an options object so you can force it to load only the light components found on disk. It also returns an object so you can tell whether a given import was a full import or light import.
- On start of import, we build a list of all the ids present in the messages, conversations, and groups stores in IndexedDB. This can take some time if a lot of data is in the database already, but it makes the subsequent deduplicated import very fast.
- Disappearing messages are now excluded when exporting
- Remove some TODOs in the tests
* Re-enable libtextsecure unit tests, get passing, run in CI
* Save prekeys optimistically, track confirmed, new clean behavior
* Eliminate potential conflicts when rotating on startup
* Remove last symlink: get libtextsecure tests running on windows
* Add AES-GCM encryption for profiles
With tests.
* Add profileKey to DataMessage protobuf
// FREEBIE
* Decrypt and save profile names
// FREEBIE
* Save incoming profile keys
* Move pad/unpad to crypto module
// FREEBIE
* Support fetching avatars from the cdn
// FREEBIE
* Translate failed authentication errors
When AES-GCM authentication fails, webcrypto returns a very generic error. The
same error is thrown for invalid length inputs, but our earlier checks in
decryptProfile should rule out those failure modes and leave us safe to assume
that we either had bad ciphertext or the wrong key.
// FREEBIE
* Handle profile avatars (wip) and log decrypt errors
// FREEBIE
* Display profile avatars
Synced contact avatars will still override profile avatars.
* Display profile names in convo list
Only if we don't have a synced contact name.
// FREEBIE
* Make cdn url an environment config
Use different ones for staging and production
// FREEBIE
* Display profile name in conversation header
* Display profile name in group messages
* Update conversation header if profile avatar changes
// FREEBIE
* Style profile names small with ~
* Save profileKeys from contact sync messages
// FREEBIE
* Save profile keys from provisioning messages
For standalone accounts, generate a random profile key.
// FREEBIE
* Special case for one-time sync of our profile key
Android will use a contact sync message to sync a profile key from Android
clients who have just upgraded and generated their profile key. Normally we
should receive this data in a provisioning message.
// FREEBIE
* Infer profile sharing from synced data messages
* Populate profile keys on outgoing messages
Requires that `profileSharing` be set on the conversation.
// FREEBIE
* Support for the profile key update flag
When receiving a message with this flag, don't init a message record, just
process the profile key and move on.
// FREEBIE
* Display profile names in group member list
* Refresh contact's profile on profile key changes
// FREEBIE
* Catch errors on profile save
// FREEBIE
* Save our own synced contact info
Don't return early if we get a contact sync for our own number
// FREEBIE
* Add certificate pinning on https service requests
Make https requests to the server using node apis instead of browser apis, so we
can specify our own CA list, which contains only our own CA.
This protects us from MITM by a rogue CA.
As a bonus, this let's us drop the use of non-standard ports and just use good
ol' default 443 all the time, at least for http requests.
// FREEBIE
* Make certificateAuthorities an option on requests
Modify node-based xhr implementation based on driverdan/node-XMLHttpRequest,
adding support for setting certificate authorities on each request.
This allows us to pin our master CA for requests to the server and cdn but not
to the s3 attachment server, for instance. Also fix an exception when sending
binary data in a request: it is submitted as an array buffer, and must be
converted to a node Buffer since we are now using a node based request api.
// FREEBIE
* Import node-based xhr implementation
Add a copy of https://github.com/driverdan/node-XMLHttpRequest@86ff70e, and
expose it to the renderer in the preload script.
In later commits this module will be extended to support custom certificate
authorities.
// FREEBIE
* Support "arraybuffer" responseType on requests
When fetching attachments, we want the result as binary data rather than a utf8
string. This lets our node-based XMLHttpRequest honor the responseType property
if it is set on the xhr.
Note that naively using the raw `.buffer` from a node Buffer won't work, since
it is a reuseable backing buffer that is often much larger than the actual
content defined by the Buffer's offset and length.
Instead, we'll prepare a return buffer based on the response's content length
header, and incrementally write chunks of data into it as they arrive.
// FREEBIE
* Switch to self-signed server endpoint
* Log more error info on failed requests
With the node-based xhr, relevant error info are stored in statusText and
responseText when a request fails.
// FREEBIE
* Add node-based websocket w/ support for custom CA
// FREEBIE
* Support handling array buffers instead of blobs
Our node-based websocket calls onmessage with an arraybuffer instead of a blob.
For robustness (on the off chance we switch or update the socket implementation
agian) I've kept the machinery for converting blobs to array buffers.
// FREEBIE
* Destroy all wacky server ports
// FREEBIE
Add the buildExpiration config and add it to the renderer's config
object. Use grunt to write the build expiration to
config/local-production.json which will override the default value (no
expiration) in production. Finally, run this grunt task as part of the
build process.
// FREEBIE
Add environment-specific configs under `./config` and integrate with the
build system. Also changes package.json `files` from blacklist to
whitelist.
// FREEBIE
Mikunj Varsani
Beaudan
sachaaaaa
Mikunj
jcktm
Scott Nonnenberg
Scott Nonnenberg
Lilia