Note: Every update deletes the MMS media files and folder which is stored locally in your ephemeral cloud hosted service and not stored in the database.
- added autocomplete/search in dropdown under
Profile Settings>Get Numberto search through a long list of numbers
- stop sending MFA secret to client upon login
- doing so would allow anyone to generate the TOTP after logging in with user/pass
- fixed chat conversations not appearing (Issue #204)
- fixed a few leading slash issues with a helper function
- fixed socket.io-client import from throwing errors
- fixed build errors
- Ability to send PGP Encrypted email notifications of smses received
- fixed a few leading slash issues
- fixed hitting enter on OTP
- fixed path url 404 not found on new registrations
- added example in .env for custom application path for url obscurity purposes
- backend sockets implementation for testing the mobile app
- attachments file extension fixed
- App would randomly crash with some API pulls, hard to replicate. Added a lot of try/catch statements to contain it.
- Email settings: TO, FROM field labels corrected.
- Messages are removed from Twilio's internal logs with an API call. Sometimes it was failing to delete. Now message log deletion waits for confirmation from the API and retries 5 times if one is not received before giving up. Fixes issue #112
- Fixed issue #105 (images in mobile view were saving as .bin)
- Fixed version display
- TOTP toggle asks for confirmation before disabling
- Fixed issue with web browser based calling on a Twilio number.
- Hardware Key support added. You can add multiple security keys that support U2F (e.g., Yubikey, OnlyKey, Titan, etc).
- fixed issue #107, #110, email settings save issue, custom APPDIRECTORY caching issue.
- fixed issue 107, email settings save issue.
- fixed issue 103, inbound call option stays open even after call hangs up.
- Custom APPDIRECTORY route issue fixed
- Headers refined, directory exposure reduced
- Initial code added for Hardware Keys (function, frontend, library, conditions, db) (final testing remaining for the next release)
-
dial pad colors, alignment adjusted
-
Minor bug fixes
-
Open Source License added (GPLv3)
- Bug fixes
- Add dial pad and DTMF tones
- MFA - TOTP QR code (or manual entry) functionality added!
- Few more syntax edits for input sanitization (prevent NOSQL injections)
- Added cancel button on attachment window
- Added Secure Cookie session values
- Trust Proxy
- NOSQL injection protection of functions, input sanitization (100+ syntax edits)
- Secure functions (Math. to crypto.)
- Added compression
- Expose only directories needed, hiding root
- Text message overflow word break for very long links fixed
- Protections added as security headers for: XSS, NoSniff, HSTS, X-Powered-By, FrameGuard, DNS Prefetch, Content Security Policy.
- Pull down to refresh now updates the notification dot and the profile inside the dropdown
- Redirect issue to 404 fixed for non-custom directory
- UI: Error page update
- Security through Obscurity: Put in a random directory name in
.envunderAPPDIRECTORY. Your application will be served only on that subdirectory. People will not be able to browse to your app page (by discovering your public github page and deployment link) Example:
APPDIRECTORY 789gh8ag96lgw7ag8fghlkg
By default it is not defined. Full instructions here.
-
- fixes search bar cursor size on Chromium browsers (Chrome/Brave)
- Delete account error on empty password fixed
- SMS reply to shortcode bug fixed. If provider rejects it, you will see their error message.
- Minor changes in code to function names, variables, comments
-
- Fixed loading bar size and overlapping issues
- version is now viewable under Settings and Login page (removed from .env)
- Full message timestamps (M D, Y H:M)
- On compose message, contacts dropdown now clears after seleting a contact
- Update ribbon shows when there's a newer version available. Links it to the changelog
- Added plus icon for contact not in list
- New horizontal bar Loader visible as messages load
- Fallback URL added (redundancy, can host on 2 servers now with the same login). You will receive the sms/call on both servers.
- Removed error when deleting an already deleted number from Telnyx/Twilio
- Auto sorting contacts alphabetically by first name
- Searching through contacts
- Change username option added
- Change password option added
- Delete Account option added (will delete everything)
- Rate limiter feature added (mitigates brute forcing the app)
- New https variable added (will enable in next update)
- Search messages
- Search Contacts
- Set min number of phone digits in contacts to 5
- New profile creation switches to that profile now
- API delete icon doesn't show if there's nothing to delete
- Message bar clears when you switch profiles
- Settings
- Removed the Call Settings section
- Click on the
Settings cog>Profile Settings - Click
Get Numberagain, select the same number and hitsave. - Clicking save takes a few seconds, in the back end, it configures telnyx or twilio with calling capabilities in multiple places easily saving you 15-20 mins and countless hours of troubleshooting.
- If calling still doesn't work, click on the delete trash icon under profile settings (this removes settings from telnyx/twilio), and recreate the profile.
-
Settings
- Moved settings from the profile dropdown to its own icon
- Call settings added (instructions in the Wiki)
- Email settings added (instructions in the Wiki)
-
VoIP Calling
- Call any number from your desktop browser
- Receive calls on your number(s) on your desktop browser
- Call from you mobile phone browser or web app shortcut (can't receive as mobile browsers don't support browser notifications)
- Call from dialpad (manual entry or contact list dropdown)
- Call from chat window
- Call integration with Twilio and Telnyx
- Firefox instructions to enable browser access to microphone (in the Wiki)
-
SMS-to-Email Notifications
- Configure any SMTP server in the settings
- Enable notifications per profile with a checkbox
- (Coming soon: configure email delay, skip notification if message read within delay)
-
Firefox Setting:
- about:config
- permissions.default.microphone = 0
- (0=always ask (default), 1=allow, 2=block)
- If it was set to 2, then calling will not work. Change it to 0 and allow on the prompt when you make the call the first time.
- Multiple Bug fixes #58 #45
- Pull down to refresh moved to message list section
- Bug fix: number list refresh in API section
- Pull down to refresh on mobile (on full screen, home screen shortcut)
- Contact names integration in message list (with or without +1)
- Contacts: delete all button
- Contact upload limit (500)
- Memory issues/buffer crashes fixed for heroku
- manifest mobile shortcut icons (Progressive Web App look)
- Image upload path issue fixed
- Contacts
AddManuallyImportCSV fileExportCSV fileDropdownin compose message
- Bug Fix
- Send empty message error
- Double click send twice issue (delays till sent confirmation from server received)
- Sidebar dynamic sizing issue in mid-range (iPad or landscape) view
- NULL error issue when sending resolved
- Dark mode
refreshissue resolved ToPhone number brackets, hyphens now ignored (regex)
- Multiple/
concurrent loginsallowed - Cookie expiry
30 days
JWTtoken implementaiton inCookiesinstead of LocalStorage- Security/Vulnerability
patches
- Dopdown menu
red dotnotification - fixed login
loop errorfor db/session
- MMS
auto deletefunction (7 days) - Added
giffiletype - Separate
devenvironment - Ignore
uploadsfolder in commits, deletes on each build - Fixed uploads folder path
- Scrollable dropdown
- Minor aesthetics
- Signup bug fix
- version number added
- Untracked changes
- Twilio sms auto delete
- Drag/Drop functionality
- MMS
- Empty profiles
- Delete profiles
- Multiple profiles
- Dark/Light Mode
- Twilio integration
- Telnyx integration
- Theme colors
- Basic app development