2025-07-17 - 2026-07-17
Overview
60 Pull requests merged by 2 users
Merged
#157 ci(docker): add Docker publishing workflow and Dockerfile
Merged
#166 feat: obfuscate client identity and improve privacy (#165)
Merged
#159 fix(accounts): complete client.name to client.account_name rename
Merged
#152 fix(ai): unbreak CI and harden custom settings after chat-completions alignment
Merged
#143 fix(pgp): prevent plaintext fallback in PGP/OX encryption
Merged
#135 fix(ui): reclaim pad by dead space instead of absolute height
Merged
#137 build: untrack generated src/gitversion.h.in
Merged
#138 fix(xmpp): guard NULL domain in autoping disco warning gate
Merged
#80 new feature: warning if autoping is disabled
Merged
#130 Fix: issue #112 follow-ups — OTR strip, presence UAF, OMEMO load
Merged
#136 fix(ui): reserve pad height per message to prevent multi-line clip and scroll desync
Merged
#8 Light code cleanup
Merged
#133 fix(ui): raise pad redraw threshold above buffer cap to fix history scroll
Merged
#132 fix/plugin-post-display-incoming-only
Merged
#105 merge/upstream-full
Merged
#127 chore(chatlog): disable background message file logging (stage 1)
Merged
#126 feat(ai): add full JSON \uXXXX decoding with UTF-8 and surrogate pair support
Merged
#123 fix(ui): keep messages visible after scrolling in non-chat windows
Merged
#116 feat(history): nodb backlog — statusbar opt-in, /history off persistence, /privacy runtime switch, /correction fix
Merged
#121 Fix AI memory leaks
Merged
#113 [#110] Add AI client with multi-provider support and UI
Merged
#119 fix(ai): persistence/UX fixes, parser unification, prefs consolidation, plus test coverage
Merged
#115 fix(verify): per-contact context in output, drop noisy duplicate-stanza-id warning
Merged
#94 no-DB mode implementation
Merged
#108 CI: Simulate Pikaur flag duplication in Arch Linux builds (fix #55)
Merged
#106 Quickfix for pikaur build failures (not sustainable)
Merged
#103 perf(functests): speedup — profrc pre-baking, pty-close shutdown, parallel port pools
Merged
#98 fix: CWE-134 format string vulnerability and compiler flags audit
Merged
#101 CI: Separate docker build and test steps
Merged
#88 test: add functional tests for autoping and service discovery (XEP-0199, XEP-0030)
Merged
#95 Fix arch build
Merged
#92 Fix arch build
Merged
#89 fix(xmpp): show message for empty disco#items results (XEP-0030)
Merged
#47 [#49] harden NULL handling and resource lifecycle across UI and SQLite
Merged
#79 Improve Functional Test Stability and CI Reliability
Merged
#75 fix: secure git clones by removing insecure sslverify flag (#74)
Merged
#72 Test execution on CI optimization
Merged
#45 Fix scroll/paging state and buffer handling
Merged
#67 Refactor functional tests infrastructure
Merged
#65 fix(cmd): increase /connect max args from 7 to 9
Merged
#62 fix(cmd): cmd_time: avoid extra loop iterations for single option
Merged
#61 fix(cmd): ensure cmd_time stops iterating after matching option
Merged
#60 feat(xmpp): add comprehensive connection debug logging
Merged
#46 Fix arch build by adding pacman-key --init
Merged
#35 Add prof.get_current_window to Retrieve Current Window Title (API change)
Merged
#41 [GIT-40] Prevent automatic disabling autoping feature
Merged
#38 fix(scroll): handle edge case of extremely long messages
Merged
#37 [#36] Use dynamic buffer size to prevent unnecessary buffer cleanups
Merged
#33 Fix documentation so it does not cause warnings by parsers
Merged
#31 Improve API documentation; add autotests for it
Merged
#29 tests: update cmocka include in forced encryption tests
Merged
#28 Merge upstream (Profanity) changes
Merged
#25 Fix LMC autocompletion to suggest corrected message content
Merged
#23 Prevent crash with malformed JID in /sub command
Merged
#21 Prevent crash in /caps with malformed JID input
Merged
#18 Add /force-encryption command
Merged
#17 Add asynchronous external editor support
Merged
#15 Fix #14: Add features in caps_init to avoid redundant presence updates
Merged
#13 Update name and license
Merged
#12 Merge upstream changes
6 Pull requests proposed by 2 users
Proposed
#97 WIP: security: validate <delay>'s from and <stanza-id>'s by attributes
Proposed
#129 WIP: fix(database): make v2->v3 chatlog migration deterministic and FK-safe
Proposed
#141 wip: revert: restore pre-upstream-merge baseline (tree of 3b673150b)
Proposed
#153 fix(editor): follow live terminal size in external editor
Proposed
#163 WIP: feat(ai): support both responses and chat-completions APIsfeat/ai-api-type
Proposed
#167 feat: improve autocomplete for JIDs
37 Issues closed from 3 users
Closed
#140 [CI] Add automated Docker Hub publishing workflow
Closed
#165 Increase software and version privacy
Closed
#142 PGP messages are not being encrypted if key is expired
Closed
#39 OMEMO issues
Closed
#43 Display of message bigger than ncurses buffer
Closed
#51 Investigate extensive memory usage
Closed
#139 Build system modifies tracked src/gitversion.h.in
Closed
#1 Warn on server connection if autoping is disabled, but supported
Closed
#122 OMEMO error mem leaks
Closed
#112 Follow-up issues for PR #105
Closed
#109 Reenable build flags
Closed
#64 Merge Profanity's latest upstream updates into CProof
Closed
#114 nodb backlog
Closed
#120 [AI-feature] Memory leaks
Closed
#110 Add embedded AI support
Closed
#48 Add no-db options
Closed
#55 [CI] Detect flag collisions caused by Pikaur's configuration logic
Closed
#85 Make security audit for CWE-134
Closed
#84 Add tests for XEP-0030 Service Discovery
Closed
#93 Arch build is broken
Closed
#90 XEP-0030: Empty disco#items result silently ignored
Closed
#49 Unsafe code
Closed
#58 Minor optimizations and improvements
Closed
#78 Functional tests are failing during CI
Closed
#74 ci security: Remove -c http.sslverify=false from git clone commands
Closed
#26 Slow build time
Closed
#73 Add fault injection testing CI infrastructure
Closed
#44 Extra Page Down to quit from Scrolling state
Closed
#36 Scroll is getting stuck
Closed
#59 Enable functional tests
Closed
#34 Add prof.get_current_window API to Retrieve Current Window Title
Closed
#30 Insufficient API documentation
Closed
#32 Broken API documentation generation mechanism
Closed
#24 Incorrect Autocompletion in /correct Command
Closed
#22 Crash in /sub Command with Malformed JID Input
Closed
#20 Crash in /caps Command with Malformed JID Input
Closed
#14 Users appear online multiple times
78 Issues created by 2 users
Opened
#14 Users appear online multiple times
Opened
#20 Crash in /caps Command with Malformed JID Input
Opened
#22 Crash in /sub Command with Malformed JID Input
Opened
#24 Incorrect Autocompletion in /correct Command
Opened
#26 Slow build time
Opened
#30 Insufficient API documentation
Opened
#32 Broken API documentation generation mechanism
Opened
#34 Add prof.get_current_window API to Retrieve Current Window Title
Opened
#36 Scroll is getting stuck
Opened
#39 OMEMO issues
Opened
#40 Autoping connection_support false negative
Opened
#42 Branding
Opened
#43 Display of message bigger than ncurses buffer
Opened
#44 Extra Page Down to quit from Scrolling state
Opened
#48 Add no-db options
Opened
#49 Unsafe code
Opened
#50 Add autotests for plugins
Opened
#51 Investigate extensive memory usage
Opened
#52 PGP locking issue
Opened
#53 Fix Fedora build: h264 codec fetching from Cisco is failing
Opened
#54 Improve plugin update mechanism
Opened
#55 [CI] Detect flag collisions caused by Pikaur's configuration logic
Opened
#56 Add multithread support on Python API
Opened
#57 Add test coverage badge
Opened
#58 Minor optimizations and improvements
Opened
#59 Enable functional tests
Opened
#64 Merge Profanity's latest upstream updates into CProof
Opened
#66 TODOs and Disabled Tests in Functional Tests
Opened
#70 Add fault injection code in tests
Opened
#71 Verify library compatibility across supported distributions
Opened
#73 Add fault injection testing CI infrastructure
Opened
#74 ci security: Remove -c http.sslverify=false from git clone commands
Opened
#76 Offline functionality
Opened
#77 Add FPS counter
Opened
#78 Functional tests are failing during CI
Opened
#81 Refactor ProfAccount Structure into Smaller Components
Opened
#82 Move binaries to build folder
Opened
#83 Add perf tests
Opened
#84 Add tests for XEP-0030 Service Discovery
Opened
#85 Make security audit for CWE-134
Opened
#86 auto-fallback to UTF-8 locale when MB_CUR_MAX exceeds limit
Opened
#87 Add cons_show_warn()` function
Opened
#90 XEP-0030: Empty disco#items result silently ignored
Opened
#91 Issue: XEP-0030 Violation - disco#items errors are silently ignored
Opened
#93 Arch build is broken
Opened
#100 Enable additional compiler warning flags
Opened
#102 fix: validate stanza-id 'by' attr and route MUC MAM correctly (XEP-0359, XEP-0313)
Opened
#109 Reenable build flags
Opened
#110 Add embedded AI support
Opened
#111 Improve shell support
Opened
#112 Follow-up issues for PR #105
Opened
#114 nodb backlog
Opened
#120 [AI-feature] Memory leaks
Opened
#122 OMEMO error mem leaks
Opened
#124 Add /history clean (and per-jid variant) to wipe existing chat history
Opened
#125 SQLite history load merges LMC corrections regardless of PREF_CORRECTION_ALLOW
Opened
#128 _migrate_to_v3: deterministic dedupe, explicit column list, and LMC foreign-key sweep
Opened
#134 Harden pad reclaim: trigger on dead space instead of absolute pad height
Opened
#139 Build system modifies tracked src/gitversion.h.in
Opened
#140 [CI] Add automated Docker Hub publishing workflow
Opened
#142 PGP messages are not being encrypted if key is expired
Opened
#144 Security compliance: assessment, planning
Opened
#145 [Security] Harden the AI/LLM client — block cleartext egress, enforce TLS verification, add timeouts
Opened
#146 [Security] Protect local data at rest — owner-only file permissions, DB integrity checks, secret-free logs
Opened
#147 [Security] E2EE & transport correctness — TLS policy floor, OMEMO/OTR/PGP fixes, downgrade/cert-failure visibility
Opened
#148 [Security] Harden untrusted-input handling — remote-DoS guards, memory safety, injection defenses
Opened
#149 [Security] Build & supply-chain security — blocking CI security gates, toolchain hardening, source/dependency pinning
Opened
#150 [Security] Credential & plugin trust — safe secret handling and plugin signature verification before dlopen
Opened
#151 [Security] Security process & documentation — vulnerability disclosure, release security gate, policies
Opened
#154 Readline buffer limit
Opened
#156 Improve OpenAI API support by AI module: responses by default with fallback to chat/completions
Opened
#160 [privacy] Revise version display default
Opened
#161 Add config autotests
Opened
#162 (merge regressions) Make adequate migration client.name -> client.account_name
Opened
#164 ref: standardize nickname->jid autocomplete and autoconvertion in cmd_defs
Opened
#165 Increase software and version privacy
Opened
#168 Segfault on disco#info result without a from attribute
Opened
#169 OMEMO cannot bootstrap against prosody-class servers
1 Unresolved Conversation
Open
#11
Scroll is stuck if user goes offline