It looks like Signal isn't as open source as you thought it was anymore

[dogecoinbase]

If this code was _not_ in production, they had known vulnerabilites: https://github.com/signalapp/Signal-Server/commit/3432529f9c...

There is no interpretation of these events that's a good look, especially for a platform focused on privacy.

[kryogen1c]

we're talking about the code released today.

[dogecoinbase]

All of the code was released today. Up until earlier today, the most recent public commit on the repo was https://github.com/signalapp/Signal-Server/commit/3432529f9c... , the commit immediately prior to the previously unseen https://github.com/signalapp/Signal-Server/commit/95f0ce1816... "Support for advertising payment addresses on profile"

[kryogen1c]

Yes, they released a new feature so theres new code. The only way that violates open-source is if this code has been in production, which no one has any proof of.

Apparently everyone thinks opensource means real time access to development.

[dogecoinbase]

Please re-read my comment four posts upthread. It's possible that this code wasn't in production; if so, there were known vulnerabilities left open for months.