Can we host the binaries on the Releases tab?

[AnthonyMastrean]

I would have more confidence in the authenticity and accuracy of the binaries if they were hosted on this project's releases tab.

I can't really tell that this software is related to this project (unless I followed the link in the wiki) and I'm not sure what version I'm getting. Although, it looks like this is a ClickOnce app, so maybe its self-explanatory?

[lovettchris]

Yes it is clickonce. Clickonce has a signed manifest that encodes the URL of the publishing location (which stops pirates & hackers in their tracks). But it also means the click once publishing process needs to know the final URL of the released app at build time, and I don't know how to do that on Github, yet... but I'll look into it.

[AnthonyMastrean]

Oh, I see. I feel like a binary link in Releases should be deterministic. I have a project with a release and a ZIP. It looks like it constructs the URL from the file and release name.

https://github.com/AnthonyMastrean/chocolateypackages/releases/tag/NugetPackageManager.2.7.41101

[lovettchris]

ClickOnce can be done in GitHub, but it's a pain. Right now I have a simple "publish" button from VS, and so that is simpler for now. Besides my name is in the digital certificate, so that should be good enough verification for anxious installers.