Package Details: signal 1.0.38-1

Git Clone URL: (read-only)
Package Base: signal
Description: Signal Private Messenger for the Desktop
Upstream URL:
Keywords: messenger secure
Licenses: GPL3
Submitter: onny
Maintainer: dbirks
Last Packager: dbirks
Votes: 66
Popularity: 29.041166
First Submitted: 2016-08-17 22:58
Last Updated: 2017-11-15 01:30

Latest Comments

Jonhoo commented on 2017-11-09 16:48

I'm with jplatte here. I'd much prefer removing the bundled version and using the package if possible.

jplatte commented on 2017-11-09 08:44

dbirks: Why not keep the dependency and use it though? I'd like to avoid having a separate copy of electron for each app that uses it.

dbirks commented on 2017-11-09 02:14

jplatte: Thank you for noticing that. I have removed electron from being a dependency.

Jonhoo commented on 2017-11-07 18:30

dbirks: I tweeted at them here: His fingerprint is A4931C09644C654B (from GitHub), and while it doesn't seem to be registered with any key providers, it is available through the GitHub API: (the second one in that list).

dbirks commented on 2017-11-07 18:17

Jonhoo: I like the idea of using git verify-tag. I saw the conversation you and mrxx were having on signal-desktop, and yes, I'm not finding Scott's key anywhere as well. Once we have that we can add it to the PKGBUILD.

mrxx: Sorry for the duplicated effort. Yes, it sure was out of date for weeks. I just adopted it yesterday, so I'll be staying on top of it in the future.

jplatte commented on 2017-11-07 13:22

It seems to me that this package bundles electron, but it also has a dependency on the electron package. Please fix this. One of the packages that gets this right is riot-desktop. The PKGBUILD for that is here:

Jonhoo commented on 2017-11-07 00:24

mrxx: this package was taken over by a new maintainer today (dbirks). I think we should work to merge the two so that `signal` is the only one.

mrxx commented on 2017-11-07 00:22

As this AUR package is out of date for weeks and the PKGBUILD is not suitable for the latest Signal version, I've created an up-to-date AUR package:

Jonhoo commented on 2017-11-01 22:43

It'd be awesome if this also checked the signatures on the tag representing the version it downloads. For example, 1.0.33 is here:, and can be verified with This would entail *not* downloading the .tar.gz, but instead doing a git checkout (probably a shallow one), and then using git-verify-tag to check the signature on the checked-out tag.

btreecat commented on 2017-10-31 20:10

New release as of 17/10/31

All comments