Since the rebase in 2018, I've been responsible for producing release binaries for all the releases so far (v0.12.x, v0.13.x, v0.14.x). The work of building the code itself is not that difficult since we ensure that the code builds fine via Continuous Integration (CI), but somehow it often took me quite some time to produce all the binaries (CLI & GUI for Mac / Win / Linux), especially for the GUI, mainly because releases happen rather intermittently (sometimes after almost a year) and some update in the Operating System can change the version of some packaged libraries (in particular, Qt and Boost in MinGW) which can cause some unexpected issues while building.
Here I propose to change this: I'd rather use binaries produced by the GitHub Actions CI directly as release binaries. This way may feel uneasy to someone who worries about the possibility of GitHub inserting some malicious code into the binary. My response to this concern is: I could be doing the same thing already, and if you're this kind of paranoia, you should build binary yourself. I'm comfortable trusting GitHub not doing something malicious for us, the AEON community, especially when it's so tiny in market cap. To me personally, the benefit of not having to spend so much time on producing release binaries far outweighs the negligible chance of GitHub going rogue, considering the long-term viability.
Since the rebase in 2018, I've been responsible for producing release binaries for all the releases so far (v0.12.x, v0.13.x, v0.14.x). The work of building the code itself is not that difficult since we ensure that the code builds fine via Continuous Integration (CI), but somehow it often took me quite some time to produce all the binaries (CLI & GUI for Mac / Win / Linux), especially for the GUI, mainly because releases happen rather intermittently (sometimes after almost a year) and some update in the Operating System can change the version of some packaged libraries (in particular, Qt and Boost in MinGW) which can cause some unexpected issues while building.
Here I propose to change this: I'd rather use binaries produced by the GitHub Actions CI directly as release binaries. This way may feel uneasy to someone who worries about the possibility of GitHub inserting some malicious code into the binary. My response to this concern is: I could be doing the same thing already, and if you're this kind of paranoia, you should build binary yourself. I'm comfortable trusting GitHub not doing something malicious for us, the AEON community, especially when it's so tiny in market cap. To me personally, the benefit of not having to spend so much time on producing release binaries far outweighs the negligible chance of GitHub going rogue, considering the long-term viability.