The Signal Server repository hasn’t been updated since April 2020. There are a bunch of links about this here but I found this thread the most interesting.
To me, this is unforgivable behaviour. Signal always positioned themselves as “open source”, and the Server itself is under the best license for server software (AGPLv3 – which raises questions about the legality of this situation).
Signal’s whole approach to open source has constantly been underwhelming to say the least. Their budget-Apple attitude (secrecy, i.e. “we can never engage the community directly”, “we will never merge/accept PRs”, etc) has lead to its logical conclusion here, I guess. I have been somewhat of a “Signal apologist” thus far (I almost always defend them & I think a lot of criticism they get it very unfair) but yeah I’m over Signal now.
Another big problem with Signal is the fact that it’s centralized with the server being located in US. Even if the protocol itself is secure with the server not having access user data, this presents a huge risk since US government can simply force Signal to shut down the service at any time. The server can also potentially collect metadata about the users providing US security agencies with user connection graphs.
I think that Matrix approach is much more sound, and would always recommend it over Signal.