I don't recall Signal ever having made implausible claims about traffic analytic attacks. I also don't buy into the idea that platforms are as trustworthy as their source release policies are orthodox.
The goalposts now seem to be at "someone might subpoena Signal's logs for some metadata", having moved pretty far from the original claim of "Signal's server code hasn't been updated because it has been secretly backdoored or intentionally weakened." It's difficult to see this as good faith security analysis rather than fearmongering.
What difference does this make? In your threat model the only serious countermeasure between you and state-level adversaries is a Logstash implementation?