Whisperfish

Whisperfish 1.0.0 (planned)

The milestone on GitLab for this release (th

Many big plans!

• The Big Refactoring, including cleanup of spaghetti, building with the official SDK, ...
• Registration as a secondary device, if you prefer running the official Android Signal app as main device.

Whisperfish 0.6.0 (planned)

The milestone on Gitlab for this release

Features

• Feature parity with, and modernized version of Whisperfish 0.5.

Whisperfish 0.6.0-beta.32

Small improvements

• Allow retrying attachment downloads from the UI
• Try to reduce notification flooding on startup
• Update emoji support to Emoji 15.1
• Don't reset the text field on incoming messages
• Improve logging

Whisperfish 0.6.0-beta.31

Some small fixes

• Fix text field not showing up.
• Send note-to-self messages as sync messages to show up on the "right side" of sync conversations

Whisperfish 0.6.0-beta.30: Prague edition.

Fixes issues with groups not updating, and linking not working. Includes a custom-built webrtc library.

• Fix linking and initial link synchronisation (implement master key and other sync messages)
• Fix wrong indication/disambiguation in UI between session resets and identity resets
• Some initial patches to get WF to compile on OBS (some day, Chum!)
• More compact logs
• Expiry timer versions (disable expiry timer changes in groups for now)
• Read receipts
• Cleaner migration paths when `rsync`-ing Whisperfish data directories from nemo to defaultuser phones
• Rewrite Qt model logic to allow asynchronous model updates
• Fix a lot of UI glitches; a.o., unread count on cover
• Introduce a whole lot of new UI glitches; please report them!
• Initial voice/video call boiler plate
• "Missed voice call" / "Missed video call" notifications for direct calls (no group calls)
• Message requests
• Fix sending attachments, including to Apple users (implement attachment V4 protocol)

Whisperfish 0.6.0-beta.29

(Mostly, finally) implement PNI

Should fix many crashes

Changes

• Implements PNI endpoint receiving, PNI-sent endpoint receiving
• Performance improvement for blurhash rendering
• Empty GV2 update message fixes
• libsignal bump
• Use Speech Note automatic model instead of English

Whisperfish 0.6.0-beta.28

Massive UI performance improvement (works around recomputing session fingerprint basically every time you stare at the screen.)

Whisperfish 0.6.0-beta.27

Fixes for voice note transcription, blurhash performance improvement, registration fixes.

Whisperfish 0.6.0-beta.26

Voice note updates

Changes

• Contact linking to Sailfish contacts (useful for username/ACI contacts)
• Ignore playlists in audio player
• Correction in attachment deletion on deleted messages
• Graceful failure on body range errors
• Recording of voice notes
• Local transcription of (English) voice notes using Speech Note

Whisperfish 0.6.0-beta.25

PNI support, fixes registration

Changes

• Support PNI (except for pre-beta-25 linked devices)
• Nicely display service messages (joined group, changed group, ...)
• Fix an edge case crash in message mark up rendering
• Fix a crash on PNI-only contacts
• Fix audio message playback with a headset connected
• Generate blurhash when sending pictures
• Fix broken shareplugin

Whisperfish 0.6.0-beta.24

Faster

(registration is still broken)

Changes

• Fixes for expiring messages
• Fixes for rendering spoilers containing URLs
• Sending multiple attachments in a single message
• A lot of performance improvements
• Typing messages are back!
• Fix a bug with deleted formatted messages

Whisperfish 0.6.0-beta.23 "FOSDEM release"

Sever cool new features! I tagged this during the Sailfish OS dinner on FOSDEM-Saturday :-)

(registration is still broken!)

Changes

• Implement disappearing messages (a huge effort by direc85 and myself)
• Implement message style rendering (mentions, bold/italics/...)
• Implement receiving message edits
• Preparatory work for phonenumber privacy (PNP/PNI)
• Delete message notifications on remote message deletion
• Some other small clean ups that were long overdue

Whisperfish 0.6.0-beta.22

Several cool fixes and features.

Changes

• Fix a crash when downloading certain attachments
• Update from Rust 1.52 to Rust 1.75 to allow for many many many new cool things!
• Inline voice message player (highly overengineered!)
• Show identified delivery status in debug mode for group messages on per-recipient basis
• Fix a crash when messages are received on deleted group sessions
• Performance improvements on loading sessions and receiving read receipts
• Fix RUSTSEC-2020-0071 RUSTSEC-2021-0139 RUSTSEC-2021-0146 RUSTSEC-2021-0145 RUSTSEC-2021-0127 CVE-2023-42444 and CVE-2023-42447 (although unaffected by any of these)
• Update Emojis to version 15
• Some initial work for receiving stories and distribution lists
• Fix deleting messages with attachments
• Decrypt attachments on a threadpool instead of on the executor (fixes lag/unresponsiveness on receiving attachments)
• Update libsqlite/sqlcipher to 3.41/4.5.0
• Rework logging subsystem for more concise and more useful logs

Whisperfish 0.6.0-beta.21

Several small fixes

Changes

• Embedded QR code scanner for device linking on Sailfish 4 and higher.
• More relaxed parsing of SMS-based confirmation codes
• Don't close keyboard when using send or enter
• Detect and  handled deleted contacts in groups
• Some fixes relating to attachment fetching, including a crash
• Update blurhash decoding, should be a lot faster
• More correct message for empty session view
• Disable sending messages in UI for unregistered contacts
• Fix marking of unregistered contacts
• Hide archived conversations in cover page
• Add cargo-deny to catch CVE's in the future
• Add setting to hide recipient phone number in conversation page
• Fix relating to profile fetching
• Correctly handle nullable E164's and other nullable fields
• Vendor OpenSSL: no more separate build for SailfishOS 3!
• Fix reaction UI not updating, among other UI fixes to reactions

Whisperfish 0.6.0-beta.20

Post-quantum end-to-end encryption, registration fix, and much more.

Changes

• Post-quantum (Kyber) key-exchange
• Fix build version number in CI/About page (maybe, I hope)
• Fix the info row lock size in developer mode
• Fix muting conversations
• Fix disappearing messages timer resets
• Store attachment pointers in database, preparation work for attachment download retries.
• New, more fine grained notification privacy options
• Show blur hash while attachments are downloaded
• Emoji-react to messages (hold message, swipe away, then tap the emoji)
• Fix logs on panic
• Implement a captcha test page
• Handle remote message deletions, implement remote message deletion
• Show original attachment file name, if available
• Implement attachment exporting
• Fix unidentified sending mode resets on profile key reception
• Fix registration and linking for new registration protocol

Registration

Signal overhauled their registration procedure. In my eyes, the new API flow has been redesigned to allow for registrations without phone number in the future. Signal has, meanwhile, introduced usernames, which will allow you to hide your phone number from contacts and groups. I hope to get this into Whisperfish soon™ too.

Post-quantum key exchange

Signal recently introduced post-quantum key exchanges for their end-to-end encryption protocol. This is, as far as I know, the first broad and permanent real-world deployment of post-quantum cryptography, and follows the very recent NIST standardization of Kyber. Signal is yet to announce this change officially, but it has been in production for two weeks. I expect Signal to roll out a rekey event for all sessions, and at that time announce the roll-out.

The deployment is a hybrid of X25519 and Kyber. This means that if the new Kyber system is horribly broken next week, your sessions will still be secure in the classical sense.

Practically speaking, the current change means that every new session with a contact will be protected against capture-now-decrypt-later attacks by (currently non-existing) cryptographically-relevant quantum computers, under the condition that Kyber remains as secure as it is thought to be.

I expect Signal to trigger session renewals or rekeying events to additionally protect existing sessions from the “quantum threat”.

Whisperfish 0.6.0-beta.19

Hotfix for the refactoring bug introduced in beta 18

Whisperfish 0.6.0-beta.18

Fixes group updating, since Signal changed their API calls, first steps toward PNI support

Changes

• Database refactoring, phone numbers and UUID are now strong types
• Fixes a hang on unregistered startup
• Fix group update API calls
• Show roles of group members
• Graceful handling of ^C
• Show translation contributors in About.qml, automatically update the About.qml page
• Fix self-recipient bugs
• Reset page stack when closing in daemon mode
• Add PNI column to recipient (currently unused)
• Fetch self-PNI
• Fix archive/pinned UI bugs
• Fix profile image display when clicking notifications for groups
• Fixes related to message notification counter
• Split storage module into separate crate, preparation for more refactoring
• Show the profile picture in the sharing dialog
• Fix RTL support in cover
• Fix detail attachment display for non-image/video attachments
• Fix the "show more" tag placement for long text messages
• Many small fixes

Whisperfish 0.6.0-beta.17

Sealed sending release!

Changes

• Fixes the profile page not loading
• Fix multiple settings page and profile page issues
• Implement automatic identity key reset
• Implement draft messages
• Fix captcha display and submission
• Ignore NullMessages and implement PlaintexContent
• Implement sealed sending
• Cleaner logging thanks to minimized Display implementations for database types
• Log Qt and QML via simplelog
• Keep identity key in memory, instead of reading from storage
• Stop trying to send messages to unregistered users, store registration state in db
• Consider empty sessions as read, fixes incorrect unread message count
• Expose logging settings in Settings page
• Bump emoji.js

Whisperfish 0.6.0-beta.16

Fix an issue during registration, and some QoL improvements

Changes

• Fix an issue during registration, introduced after the refactoring
• Close Whisperfish when updating
• Implement auto-login for password-protected setups
• Cleanup profile view page, allow viewing fingerprint and changing profile
• Allow starting a new conversation from group view

Whisperfish 0.6.0-beta.15

Overhauls the QML binding system. This should fix all UI inconsistencies, except for a few that are now introduced.

Changes

• Capture panics to log
• Log Qt errors to Rust
• Allow capturing logs to a file via a configuration option
• Cleaner display of reactions
• Show message action buttons on one row in landscape mode
• Add a placeholder for sticker messages, instead of showing "This message is empty"
• Use upsert clauses thanks to SQLite and Diesel update (slight performance win and code cleanup)
• Remove defunct incognito mode
• Fix displaying version in About menu
• Allow opening direct message from group member list
• Refactor QML session/message singletons (performance win, future proofing, and UI consistency)
• Allow registration with reCAPTCHA and hCAPTCHA

Whisperfish 0.6.0-beta.14

Bugfix release for most of the bugs we introduced in beta.13, and some fixes for changes upstream.

Changes

• Attempt to handle HTTP 428 by responding with a reCAPTCHA challenge
• Handle device mismatches (fixes sending to contacts that change their linking setup)
• Attempt at fixing a crash at startup related to profile uploading
• Fix a crash when opening an empty session
• emoji.js now supports out-of-date emoji packages as fallback
• Fix typing notification display of names in certain conditions
• Marking as read fix for mismatched sessions
• Cleaner formatting for linked device display

Whisperfish 0.6.0-beta.13

Profile fetching and updating, avatar displaying, sender key and unidentified sender support at receiver side, and much more.

Changes

• Disable defunct "send new message" functionality
• Don't crash when Signal desktop sends a SyncMessage about a story.
• Use move_rows instead of reinserting upon new message reception
• Big refactoring work by Lucien XU
• Send messages via the Websocket instead of the PushService
• Display avatars
• Display Signal profile names, with preference for local contact names in settings
• Implement displaying and sending quotes
• Use Emoji font for displaying reactions when configured as such
• Move (signed) prekeys, identities, sessions into database
• Implement sender keys and unidentified sending at the receiver side for much improved privacy
• Many, many, other tiny and big things.

Whisperfish 0.6.0-beta.12

Hotfix release for the new Signal root certificate

Changes

• Update root CA certificate for Signal production server (4096 bits RSA instead of 2048!)
• Multiple fixes for SailfishOS 3.4
• Fix storage migration corner case
• Fix some registration issues
• Fix cover scrolling behaviour
• Big update of libsignal-protocol version
• Misc layout and input field improvements
• Refactored some storage and Sailfish platform code

Whisperfish 0.6.0-beta.11

Mostly bugfixes for bugs that we introduced in beta.10, but also implements Whisperfish as secondary device. This release is basically completely due to direc85 and Gabriel Margiani; thank you both!

Changes

• Add `sailfish-qml` to dependencies for registration to work on new installs (thanks to direc85!)
• Fix config.yml migration code (thanks to direc85!)
• Improve handling SMS verification field input (#444 and #443, thanks to direc85!)
• Implement secondary device mode (thanks to Gabriel Margiani and ntninja!)
• Fix background mode (thanks to Gabriel Margiani and direc85!)
• Start a Catalan translation (thanks to Jaume Singlavalls!)
• Play a quiet message when a message arrives when the application is active (thanks to direc85)
• Fix sending to UUID-only contacts (thanks to Gabriel Margiani, fixed in an unrelated MR)
• Keep up with technical debt (several merge requests and pushes)

Whisperfish 0.6.0-beta.10 (code sprint edition!)

Many quality-of-life updates and technical debt fixes, thanks to the code sprint of Matti and Ruben!

Changes

• Update to Emoji 14 (thanks to direc85)
• Correct attachment showing for out-of-order downloads
• Allow resetting identity key through developer options
• Cover page design showing messages showing typing indicators (in cooperation with direc85)
  • Initial design
  • Fine tuning by direc85
• Implement typing indicators for groups and direct messages (turn on in settings)
• Implement captcha rendering through external application, and hence fix registration (thanks to direc85)
• Spit share plugin and compile them separately for Sailfish 3 or 4 (thanks to direc85)
• Fix message queuing and resending
• Migrate session records and identity storage to database
• Update libsignal-client (long overdue, cooperation with Gabriel Féron)
• Redesign registration page to combat phone number entry confusion (thanks to direc85)
• Work around Signal-Desktop issue with JPEG's sent as PNG's (thanks to direc85)
• Optimize Emoji rendering (thanks to direc85 and Mirian Margiani)
• Add RemovableMedia to privileges for sending Pictures from the SD card
• Implement archiving and pinning of sessions (thanks to direc85)
• Multiple UI fixes (thanks to direc85)
• Allow sending pictures directly from within Whisperfish (thanks to direc85)
• Give a warning for old Whisperfish versions (thanks to direc85)
• Show multiple attachments up to five

Whisperfish 0.6.0-beta.9

Fixes for stuff in beta.8, mostly.

Changes

• Fix for emoji reaction parsing that could cause a crash
• Fix a crash when manually refreshing a group
• Fix config file location after the Sailjail implementation
• Fix creating debug symbols in CI and offline, run LTO on CI. Debug symbols are now hosted alongside nightl RPMs (and probably also here, let's see how the CD copes)
• Add new config paths to MyBackup paths

Whisperfish 0.6.0-beta.8

A bunch of quality-of-life updates, and SailfishOS 4.4 compatibilty! Direc85 did a lot of work in this release. If you consider donating to me for Whisperfish, please also consider buying direc85 a coffee.

Changes

• Display reaction emoji correctly
• Compute and show safety numbers.
• Collection of small UI improvements, thanks to direc85
  • Upscale colored images
  • Use the largest size icon everywhere (crispier UI)
  • Install all the harbour-whisperfish.png icon sizes (launcher icon always looks the best)
  • Disable click-message-to-reply signal until implemented (less accidental visual noise)
  • Increase the cover page icon size a bit (looks a little less empty)
• Remove notification on Whisperfish when message has been read on a linked device, thanks to direc85
• Show your own phone number as "Note to Self", with a note icon, thanks to direc85.
• Implement "Reset secure session"
• Lots of background and backend updates for a bit more stability
• Implement muting a session, thanks to direc85
• Implement SailJail in SailfishOS 4.4
• Implement showing emoji reactions
• Implement a captcha workaround

Whisperfish 0.6.0-beta.7

Edition "omg OpenSSL".

Changes

• Device linking scheme sgnl:// is now supported, allows to link secondary devices again.
• Restructured storage crypto code (thanks to Mutluler!)
• Begin of the Basque translation (thanks to Sergio Varela)
• Fix notification icon and adds multiple resolution icons (thanks to Matti Viljanen/direc85)
• Start using the SailfishOS SDK instead of the hacked-together RubdosSDK. This paves the path to supporting multiple other operating systems and possibly a Linux desktop client. Proof of concept Ubuntu-Touch version exists (thanks Tim and the Axolotl hackers!)
• Separate builds for SailfishOS 3-series and SailfishOS 4-series available on OpenRepos, which solves the incompatibility with SailfishOS 4.3's lack of OpenSSL 1.0. Storeman/zypper should automatically select the correct version for your operating system.

Whisperfish 0.6.0-beta.6

Edition "invert the event loop". Write-up here: https://github.com/woboq/qmetaobject-rs/issues/102#issuecomment-919798690

Features

• GUI performance improvement (thanks to the event loop inversion)
• Load time improvement through more database indexing (thanks to Matti Viljanen)
• Add "refresh group" option for stubborn groups.

 

Fixes

• SailfishOS 4.2 compatibility (thanks to the event loop inversion)
• Order messages by date instead of by id (thanks to Matti Viljanen)
• Fix message and session deletion (thanks to Matti Viljanen
• Fix notifications on SailfishOS 3.x (thanks to Matti Viljanen)

Whisperfish 0.6.0-beta.5

Fixes

• Reception of messages with attachments, but without accompanying text
• Show contact/payment/deletion/group call update messages as "unimplemented" instead of empty.

Whisperfish 0.6.0-beta.4

Features

• MyBackup compatibility, thanks to Nathan!
• Display group changes and message timer changes in chat.

Fixes

• Fix usage of configured attachment path
• Fix the many empty messages sent by Android and iOS clients for profile key pushes

Translations

• Add Lithuanian, by Gediminas Murauskas
• Updates to Greek, French, Turkish, Dutch, and Vlaams. Thanks to all contributors!

Whisperfish 0.6.0-beta.3

Emergency release for the HTTP-500 "nothing can be send" bug and the BadKeyType bug.

Fixes

• Identity key read errors
• Update local storage format quirks for future Signal versions

Whisperfish 0.6.0-beta.2 (yanked)

Emergency release for the HTTP-500 "nothing can be send" bug.

Features

• My Backup compatibility (thanks to Nthn).
  • You need to reset all sessions manually after a reset, if they had been touched after taking the backup.
• Share to Whisperfish functionality (thanks to Gabriel Margiani)
  • Enabling on SailfishOS 4.0 needs some additional work.
• Database VACUUM option in settings (thanks to Igor Makarov)
• Initial work to decouple Whisperfish from SailfishOS (thanks to Be)
• Migrated to libsignal-client.

Fixes

• The infamous "I can't send anything anymore" HTTP-500 issue
• Crash on certain session resets

Whisperfish 0.6.0-beta.1

The milestone on Gitlab for this release

Features

• GroupsV2 compatibility
  • Notably, you can only be added to a group, invites are not yet implemented.
• Complete migration to UUID-based sessions.
• Device linking (Signal Desktop)
• Register without storage password, thanks to Gabriel Margiani!
• Slight cleanup of the registration page, thanks to ntninja!
• HUGE overhaul of the UI, thanks to Mirian Margiani! You won't recognise Whisperfish anymore. Pinky promise.
  • Setup for all the new Signal features: quotes, multiple attachments, stickers/gifs, ...
  • New video and image pages.
  • Linking/saving contacts from the UI
  • Emoji pack support, check our wiki for installation.
  • Clean-up of the group view page, in part thanks to Thomas Michel!
• Simple daemon functionality, thanks to Gabriel Margiani!
• Link-time optimization: 20% smaller RPMs and executables
• Option to minimize notifications, useful in e.g. busy groups, thanks to flypig.

Translations

• We have a Weblate account now!
• Portuguese translation, thanks to Yield and Antonio Maretzek!
• Czech translation, thanks to PawelSpoon!
• Turkish translation, thanks to Oğuz Ersen!
• Nowegian translation, thanks to Allan Nordhøy!
• Many, many, many, MANY cleanup operations on Dutch, German, French, and Spanish, thanks to Nathan, Dryo, and J. Lavoie!

Fixes

• More stable reconnection management. Flight mode and network changes should now work as expected.
• Access contacts through the Nemo QML interface instead of raw contacts.db. This interface will probably be more stable than the raw SQLite, and keeps compatibility across 3.x and 4.x.
• A "privileged file" allows us to read contact lists again on SailfishOS 4.0
• More or less fixed video playback
• Fix lingering notifications on session activation, thanks to flypig!
• JPEG rotation is now correct in Whisperfish (but not yet on Android), thanks to Mirian Margiani.
• Image zoom is more intuitive for images that are almost the same size as the screen, thanks to Mirian Margiani.

Whisperfish 0.6.0-alpha.9

Fixes startup on upgraded contact database.

Whisperfish 0.6.0-alpha.8

Features/fixes

• Captcha filing at registration time, thanks to Gabriel Margiani! Seriously, this was a huge undertaking.
• Sailfish 4.0.45 compatibility, except for registration (#229, bug report on forum).

Whisperfish 0.6.0-alpha.7

Features

• Reactions show up as "R@number:EMOJI", instead of empty balloons. Thanks to Markus for this!
• Multiple password attempts! Thanks to Igon Makarov

Fixes

• Create the correct attachments download directory, should fix attachments downloading for new installations.
• Some phone numbers (notably with dashes, parantheses or dots) did not show up with names.
• New members in a group show up, group renames come through.
• Group members show up as names, not phone numbers, thanks to Thomas Michel.
• Fixes copying message to clipboard, thanks to Thomas Michel.
• Auto-focus password field, thanks to Markus.

Whisperfish 0.6.0-alpha.6

Features

• The conversation page got a complete overhaul in design. I hope you like it.

Fixes

• Fix a race condition during registration, which may corrupt the settings file.
• Sent messages update the session view
• More names show up correctly in session view (please file an issue if it's still buggy!)
• Session sections
• Sent attachments show up as thumbnails
• Some translation work in the (currently disfunctional) Device List page

Whisperfish 0.6.0-alpha.5

Features

• Sending new messages to a single contact, clean-up of contact selection
• Started French language translation
  • French translation finished (thanks Thibaut Vandervelden)
• Spanish translation got a lot of clean-up (thanks carlosgonz)
• Settings page looks a lot nicer

Fixes

• Settings page revamped, looks a lot cleaner
• attachment_dir was not set on settings init.
• Contact DB fix for non-nemo users (new 3.4 installs, alternate users)
• Show build ID in about screen
• Notifications with vibration and sound

Whisperfish 0.6.0-alpha.4

The milestone on Gitlab for this release

Features:

• Sending attachments
• Registration via voice and text
• Connection status feedback
• Aarch64 version

Under the hood:

• Partial support new UUID-based identifiers
• Initial tooling for future database migrations
• Pre-key refreshing
• Attachment failure log (set attachment_log=true in harbour-whisperfish.conf)

Whisperfish 0.6.0-alpha.3

The milestone on Gitlab for this release

• Sending direct and group messages, notably no attachments.

Whisperfish 0.6.0-alpha.2

The milestone on Gitlab for this release

• Receiving messages and their attachments

Whisperfish 0.6.0-alpha.1

The milestone on Gitlab for this release

• Move the base code over to Rust, for easy linking to libsignal-protocol-c.
  I made a write-up about Qt, Sailfish and event loops on my blog.
• Implement most of the GUI and bind to the database (thank you, Markus, for all the work!)

• GUI performance improvement