Bug in application lock, allowing leakage of message content through notifications

[jsantos42]

trafficstars

Checklist

• [x] I can reproduce the bug with the latest version given here.
• [x] I made sure that there are no existing issues - open or closed - to which I could contribute my information.
• [x] I made sure that there are no existing discussions - open or closed - to which I could contribute my information.
• [x] I have read the FAQs inside the app (Menu -> About -> FAQs) and my problem isn't listed.
• [x] I have taken the time to fill in all the required details. I understand that the bug report will be dismissed otherwise.
• [x] This issue contains only one bug.
• [x] I have read and understood the contribution guidelines.

Affected app version

1.1.4

Affected Android/Custom ROM version

Android 15 / GrapheneOS 2025020500

Affected device model

Pixel 9 Pro

How did you install the app?

F-Droid / IzzyOnDroid

Steps to reproduce the bug

1. On the app settings, select toggle on the option Password protect the whole application.
2. Close the app and go to another app (e.g. a bank app). Do some operation that will make you receive an SMS (e.g. an OTP code).

Expected behavior

The notification content should be hidden, forcing you to unlock the app to read it. Otherwise, what's the point of locking it if we are leaking the info?

Actual behavior

The notification content (i.e. the OTP code) is perfectly visible to the user without the need to unlock the Messages application.

Screenshots/Screen recordings

No response

Additional information

No response