Windows Qt6 binaries for version 1.1.12 changed?

[yan12125]

Relevant components

• [x] Standalone tray application (based on Qt Widgets)
• [ ] Plasmoid/applet for Plasma desktop
• [ ] Dolphin integration
• [ ] Command line tool (syncthingctl)
• [ ] Integrated Syncthing instance (libsyncthing)
• [ ] Backend libraries

Environment and versions

• Versions of syncthingtray, qtutilities and c++utilities: 1.1.12
• Qt version: 6.2.1
• C++ compiler (name and version): N/A - using official binaries
• C++ standard library (name and version): mingw libstdc++ (?)
• Operating system (name and version): Windows 21H1

Bug description

When I downloaded Windows Qt6 binaries for the first time (roughly Nov 4, UTC+8), SHA256 checksums are:

85f96e48e4b2ecaca57f9081f4b38aafb8f5b97fc86f5643c2b9a4d5def2ac60 syncthingtray-qt6-1.1.12-i686-w64-mingw32.exe.zip
21d15b0ae5d697eef992c1d160d4e8409d63d7ed9d13d44b0abb9330c12d6b81 syncthingtray-qt6-1.1.12-x86_64-w64-mingw32.exe.zip

When I downloaded them again yesterday, checksums become:

b9c7b878df6388ecd95ac60131be43745bcfa07ab99bffcf9e6ebeef85ff6213 syncthingtray-qt6-1.1.12-i686-w64-mingw32.exe.zip
6c836b4dda70b28af23416a4a04c48876d80b2bff31e68d5afe80d28f325b0dc syncthingtray-qt6-1.1.12-x86_64-w64-mingw32.exe.zip

But I cannot find an explicit note about updated binaries. Maybe https://github.com/Martchus/PKGBUILDs/commit/790d0582dfd2d6ab7b543d0e16299fcfebc714ee is related?

Steps to reproduce

1. Download and check checksums

Expected behavior If binaries are updated, there is a note somewhere

Screenshots N/A

Additional context I maintain a Chocolatey package for Syncthingtray on Windows [1]. Its install script verifies downloaded files via checksums. Now Chocolatey complains about mismatched checksums [1].

Here is an idea - if binaries are signed by your gpg key like packages in the Arch Linux repo [ownstuff], I can verify updated binaries are still uploaded by the original author.

[1] https://community.chocolatey.org/packages/syncthingtray [2] https://gitlab.com/yan12125/chocolatey-packages/-/issues/1

[Martchus]

Yes, it is related to that rebuild, see https://forum.syncthing.net/t/yet-another-syncthing-tray/8502/151. I've been adding a note in GitHub's release section.

I could also sign the files before uploading them in the future.

[yan12125]

Got it, thanks for clarification and considering the signing idea!