Excellent link.
The following is even more concerning than absence of digital software signatures:
Quote [Q]: do you not sign your releases? · Issue #3158 · simplex-chat/simplex-chat · GitHub
[…] once the builds are migrated to the environment we control. While the builds are run on the servers we don’t control, […]
So at time of writing, SimpleX doesn’t even control their build environment.
I am surprised they didn’t fix this since 2023. Local builds and digital software signatures is a lot easier to implement than a lot other features of SimpleX.
This makes me doubt the whole project.
Seems we’ll need a new comparison table entry:
local builds on developer controlled machine (not using cloud infrastructure for builds)
This issue and absence of digital software signatures should be documented on the SimpleX wiki page.
Context: