Commit Graph

7995 Commits

Author SHA1 Message Date
79832ef86c Merge upstream/master into merge/upstream-full
Some checks failed
CI Code / Check coding style (pull_request) Failing after 7s
CI Code / Check spelling (pull_request) Successful in 17s
CI Code / Linux (debian) (pull_request) Successful in 7m1s
CI Code / Linux (ubuntu) (pull_request) Successful in 7m44s
CI Code / Code Coverage (pull_request) Successful in 7m35s
Lint / DCO (pull_request) Failing after 7s
Lint / conventional commits (pull_request) Failing after 45s
CI Code / Linux (arch) (pull_request) Successful in 9m23s
Build / ubuntu | func | signal (pull_request) Has been cancelled
Lint / coding style (pull_request) Has been cancelled
Lint / spellcheck (pull_request) Has been cancelled
Build / cygwin / build only (pull_request) Has been cancelled
CodeQL / analyze (pull_request) Has been cancelled
Merge profanity-im/profanity master (373 commits) into cproof fork.

Source changes (manual merge):
- src/command/: cmd_defs, cmd_funcs, cmd_ac — upstream g_new0, auto_gchar,
  launch_editor callback; keep our XEP-0308 LMC, force-encryption, CWE-134
- src/config/: preferences, tlscerts, account — upstream UNIQUE dedup,
  dynamic pad capacity; keep our db_history_result_t, scroll logic
- src/database.*: upstream g_new0 memory mgmt; keep our return types,
  add null-check fix for msg->timestamp
- src/omemo/, src/pgp/: upstream _gpgme_key_get_email, g_new0;
  keep our replace_id in omemo_on_message_send
- src/tools/: editor, http_upload, bookmark_ignore — upstream launch_editor
  callback API
- src/ui/: console, window, chatwin, mucwin, inputwin, buffer —
  upstream win_warn_needed/sent dedup, PAD_MIN_HEIGHT dynamic pads;
  keep our y_start_pos scroll, _truncate_datetime_suffix
- src/xmpp/: message, stanza, presence, roster_list, iq, session —
  upstream connection_get_available_resources; keep our LMC stanza logic
- src/common.c: fix format-security (cons_show)

Build system:
- Makefile.am: updated test paths to subdirectory structure, added
  test_cmd_ac, test_forced_encryption
- Restored autotools files deleted by upstream meson migration:
  bootstrap.sh, autogen.sh, m4/ax_valgrind_check.m4, configure-debug

Tests:
- Unit tests: upstream unittests.c base + our forced_encryption tests
  (482 passed, 0 failed across all 4 configurations)
- Functional tests: kept our version (93 passed, 0 failed)
  upstream version requires stbbr_for_xmlns not yet in our stabber fork
- Updated test stubs: stub_xmpp.c, stub_omemo.c from upstream

Compile fixes:
- src/common.c: cons_show(errmsg) -> cons_show("%s", errmsg)
- src/database.c: null-check before msg->timestamp access
- src/ui/console.c: size_t -> (int) cast for format width
- src/config/tlscerts.c: %d -> %zu for size_t
2026-04-11 13:28:26 +03:00
Michael Vetter
1ac05754be Merge pull request #2147 from balejk/omemo-heartbeats-fix
omemo: ignore key contents if there is no payload
2026-04-09 14:08:06 +02:00
Karel Balej
1458b09e27 fix(omemo): ignore key contents if there is no payload
For key transport messages, Monal at least doesn't append the
authentication tag to the plaintext key contents as that only makes
sense if the key was used to encrypt something. This causes the key
length check to fail and show the

	OMEMO message received but decryption failed.

error to the user which is confusing because there is no user-originated
message involved.

Skip the length check for key transport messages as profanity only uses
these to advance the ratchet and makes no use of the decrypted contents.

Signed-off-by: Karel Balej <balejk@matfyz.cz>
2026-04-09 09:52:10 +02:00
Michael Vetter
95eb1ef8e7 Merge pull request #2146 from profanity-im/wip
Misc improvements
2026-04-03 10:21:15 +02:00
Michael Vetter
4be8ec47fe docs: Add section about sanitizers to contributing.md
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-03 10:19:40 +02:00
Michael Vetter
27cb926061 ci: remove ASan from Valgrind check
ASan and Valgrind both intercept memory allocations and management at
runtime. Running them simultaneously might lead to conflicts in memory
tracking.

This change ensures that during the Valgrind phase of the build matrix,
only Valgrind is responsible for memory analysis, avoiding redundant
overhead and ensuring more reliable results.

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-03 10:03:03 +02:00
Michael Vetter
8af80a7ad5 ci: Run functional tests in CI
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-03 09:31:30 +02:00
Michael Vetter
6a7262f2b0 ci: Add CodeQL
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-03 09:22:04 +02:00
Michael Vetter
35bf9df0a9 refactor: Make Launching the editor more robust
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-03 08:40:14 +02:00
Michael Vetter
a643fd87cc docs: Remove autotools leftover from CONTRIBUTING.md
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-03 08:33:59 +02:00
Michael Vetter
2ad3bff8f0 docs: Add eval_password example
And show how to escape whitespaces.

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-03 08:32:31 +02:00
Michael Vetter
c0f96e9b60 Merge pull request #2145 from profanity-im/fix/2143
fix: restore TTY access for eval_password commands
2026-04-02 23:18:07 +02:00
Michael Vetter
196d3c3783 cleanup: Cleanup gitignore
Remove IDE specific entries, they belong in the global conf of the user.
Remove autotools specific files.

Ref: bc777c56b2
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-02 23:16:51 +02:00
Michael Vetter
c3718e3ae7 cleanup: Remove unused variable
This was forgotten in a refactor commit.

Ref: c43c9567df
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-02 22:47:26 +02:00
Michael Vetter
36ec2b0ae1 feat: implement asynchronous external editor support
Move from blocking fork/wait logic to nonblocking fork and
g_child_watch_add.

This ensures that the Profanity main loop continues to run while an
external editor is open. So we don't loose connection and react to
pings.

We change editor handling also in vcard and muc subject editing.
In the new implementation we are launching the editor and passing a
callback which we will use once the editor exited.

We use the recently added ui_susped() and ui_resume().

To not clutter the UI we need to check whether Profanity UI is suspended
and omit drawing in this case.

Fixes: https://github.com/profanity-im/profanity/issues/1888
Ref: 9b112904a9bc7250dc013d901187ca8622580d98
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-02 22:47:26 +02:00
Michael Vetter
fc66ddc2c1 refactor: Use helper functions in vcard related code
There was way too much repetition here.
This is in preparation for future changes regarding the editor.

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-02 22:47:26 +02:00
Michael Vetter
8675f7be0c fix: Fix removal of entries in account file
Commit 81f92f1fe introduced a selective update mechanism to
_accounts_save() to prevent overwrites when running multiple instances
by only modifying the specific account being saved.

Commit 5c484c fixed a problem with that commit regarding empty accounts.

It turns there was another bug introduced:
The new implementation only set the keys that existed in memory.
So removal of keys was not possible anymore.

Fixes: 81f92f1fed
Ref: 5c484c26ed
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-02 22:47:22 +02:00
Michael Vetter
c9a3823f13 fix: restore TTY access for eval_password commands
Replace g_spawn_command_line_sync with g_spawn_sync with the
G_SPAWN_CHILD_INHERITS_STDIN flag.
This is actually needed to so that interactive commands can access the
terminal.
Otherwise they cannot ask the user for the passphrase.

Ref: f5787fb31f
Fixes: https://github.com/profanity-im/profanity/issues/2143
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-02 16:38:34 +02:00
Michael Vetter
c49ee8d415 Merge pull request #2144 from profanity-im/fix/2124
fix: Fix crash when loading MAM for a contact with empty db
2026-04-02 16:12:27 +02:00
Michael Vetter
14c0c38acd fix: Fix crash when loading MAM for a contact with empty db
I think this bug happens when a user scrolls up a window, triggering
iq_mam_request_older() to load older history, in the case when the
database is empty for that contact.

The initial MAM fetch is triggered when the window is opened which
should get the latest history.

Fixes: https://github.com/profanity-im/profanity/issues/2142
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-04-02 13:37:49 +02:00
Michael Vetter
b56498adcb Merge pull request #2139 from profanity-im/fix/1844
Improve autocompleter and command parsing in relation to quoting
2026-04-02 12:31:58 +02:00
Michael Vetter
923dfea71e Merge pull request #2136 from profanity-im/db-dup
refactor(database): enforce unique archive_id for reliable deduplication
2026-04-02 12:31:26 +02:00
Michael Vetter
37463c0e43 Merge pull request #2141 from paulfertser/allow_libstrophe_as_subproject
chore: support building libstrophe as a subproject
2026-04-02 12:22:02 +02:00
Michael Vetter
dfe79038d4 Merge pull request #2140 from profanity-im/fix/1420
fix: handle X11 connection loss gracefully
2026-04-02 12:21:09 +02:00
Paul Fertser
5670ccb2b1 chore: support building libstrophe as a subproject
Allow building the latest libstrophe from upstream Git automatically when
-Dforce_fallback_for=libstrophe is passed.

Default to find and link against system-provided libstrophe stays the same.

Signed-off-by: Paul Fertser <fercerpav@gmail.com>
2026-04-02 13:07:04 +03:00
Michael Vetter
8eac31e5e1 fix: handle X11 connection loss gracefully
Use XSetIOErrorExitHandler on X11 to detect connection loss and
disable GTK features (tray, clipboard, notifications).

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
Co-authored-by: Paul Fertser <fercerpav@gmail.com>
2026-04-01 23:14:46 +02:00
Michael Vetter
c43c9567df refactor(database): use ON CONFLICT for deduplication
Replace 'INSERT OR IGNORE' with 'INSERT ... ON CONFLICT(`archive_id`) DO
NOTHING RETURNING id'. This is only available since sqlite 3.35.0.
So deduplication only happens for `archive_id` and we don't silently
ignore other errors or constraints (like not null).

We can now detect if an insertion was skipped due to duplication by
checking the result of 'RETURNING id'.

We don't print out when we don't insert duplicated messages since this
will happen often and will be too noisy. So we match the behaviour of
what Dino is doing.

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-31 15:27:33 +02:00
Michael Vetter
df1f1e5ef1 fix: ensure consistent unescaping and space handling
Unescape any character following a backslash. This fixes autocompletion
for names with escaped spaces.
For example: `/msg Thor\ Odinson hello`

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-30 18:33:59 +02:00
Michael Vetter
3997f34e5a Merge pull request #2137 from profanity-im/omemo-prekey
fix(omemo): standardize PreKey management to prevent decryption failures
2026-03-30 10:54:56 +02:00
Michael Vetter
bda5b0f844 fix(tools): implement backslash escaping for contact names
Implement backslash based escaping in the command parser and autocompletion
logic to handle contact names containing double quotes.
This stops the parser from splitting nicknames into multiple tokens, which
previously caused "Invalid usage" errors.

The parser now sees \ as an escape character for quotes and spaces in
_parse_args_helper, count_tokens and get_start. Autocomplete results are
escaped when they contain spaces, and search prefixes are unescaped before
matching. strip_arg_quotes() has also been updated to handle unescaping.

Fixes: https://github.com/profanity-im/profanity/issues/1844
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-29 00:15:23 +01:00
Michael Vetter
9b2f96fb45 chore: Update information on XEP-0077
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-28 00:49:22 +01:00
Michael Vetter
91e536b02d chore: Fix release years in doap file
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-28 00:49:19 +01:00
Michael Vetter
816617672e ci: Rename and sort Ci jobs
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-28 00:11:16 +01:00
Michael Vetter
247c44be30 fix(xmpp): verify 'by' attribute of stanza-id and MAM result
Implement security checks to ensure the 'archive_id' (XEP-0359) used
for database deduplication originates from a trusted source.

XEP-0359 Section 3.1: "The 'by' attribute MUST be the XMPP
address (JID) of the entity assigning the unique and stable stanza ID."
Furthermore, Section 4 (Security Considerations) specifies: "A client
SHOULD only trust <stanza-id/> elements from its own server or from
a MUC service it is joined to."

XEP-0313 Section 4.1.2: "The 'by' attribute of the <result/> element is
the JID of the archive being queried." and "If the 'by' attribute is not
present, the recipient MUST assume that the results are from their own
personal archive."

Let _handle_chat verify <stanza-id/> 'by' attribute matches our bare JID.
Let _handle_groupchat verify <stanza-id/> 'by' attribute matches the MUC
s bare JID.
Let _handle_mam verify the <result/> 'by' attribute matches the outer
message 'from' (archive JID). If 'by' is missing then 'from' matches our
own bare JID (personal archive).

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-27 23:57:59 +01:00
Michael Vetter
64fcdfaa0f refactor(database): enforce unique archive_id for reliable deduplication
Implement a UNIQUE constraint on the archive_id column (XEP-0359 stanza-id)
to prevent duplicate messages in the chat log. This addresses problems where
the same message could be stored multiple times if received via both MAM
and regular.

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-27 23:25:54 +01:00
Michael Vetter
68085f014f fix(omemo): standardize PreKey management to prevent decryption failures
Standardize how PreKeys are handled during OMEMO message reception to
align with XEP-0384 best practices.

Previously Profanity replaced a consumed PreKey by generating a new
one with the same ID. This behavior could lead to decryption failures if
multiple senders attempted to use the same PreKey ID before the client
could successfully update its bundle on the server.

Remove consumed PreKeys from the local store.
New PreKeys are generated in batches (100) when the local supply runs
low (< 10).
Republish OMEMO bundle after replenishment.

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-27 23:21:03 +01:00
Michael Vetter
259caea9c8 Merge pull request #2134 from profanity-im/feat/noautotools
feat: Remove autotools and adapt docu and scripts
2026-03-27 22:42:24 +01:00
Michael Vetter
ca156d58a2 Merge pull request #2135 from GunniBusch/feat/add-macos-homebrew-ci
ci: add macOS Homebrew CI
2026-03-27 22:40:42 +01:00
Leon Adomaitis
189f682518 ci: add macOS Homebrew CI
Signed-off-by: Leon Adomaitis <leon@adomaitis.de>
2026-03-27 22:24:36 +01:00
Michael Vetter
1d646a1afe ci: Let Debian build only with libomemo-c
So we can test if it works if libsignal isn't even installed on the
system.

Ref: 9a501e6ecd
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-27 21:58:38 +01:00
Michael Vetter
e169aa1426 ci: Set compiler path for Cygwin
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-27 21:58:34 +01:00
Michael Vetter
f5b7cdecb5 ci: Add libasan and libubsan to Fedora image
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-27 21:48:02 +01:00
Michael Vetter
c695b3a7b0 ci: Require gtk3-devel instead of gtk2-devel
Ref: 01c9a51c70
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-27 21:39:56 +01:00
Michael Vetter
bc777c56b2 feat: Remove autotools and adapt docu and scripts
We will only use Meson from now on.

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-27 21:33:44 +01:00
Michael Vetter
84e6eeae92 Merge pull request #2132 from profanity-im/feat/spellcheck
Add spellchecking
2026-03-27 14:32:01 +01:00
Michael Vetter
5e8987274f chore: Update RELEASE_GUIDE.md
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-27 10:01:02 +01:00
Michael Vetter
0dbc18cd7e Merge pull request #2133 from GunniBusch/fix/omemo-libary
fix(omemo): add missing includes for libomemo-c builds
2026-03-27 08:12:56 +01:00
Leon Adomaitis
9a501e6ecd fix(omemo): add missing includes for libomemo-c builds
Signed-off-by: Leon Adomaitis <leon@adomaitis.de>
2026-03-27 02:34:26 +01:00
Michael Vetter
ed2fdf88ac feat: Add /spellcheck list command
To list all available dictionaries.

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-26 23:34:13 +01:00
Michael Vetter
4922366366 feat: add spellcheck highlighting support
Introduce optional spellcheck highlighting in the input window using
the Enchant-2 library.

```
/spellcheck on
/spellcheck lang en_US
```

New theme color `input.misspelled`.

Fixes: https://github.com/profanity-im/profanity/issues/183
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
2026-03-26 23:34:06 +01:00