Proposal: Always publish new builds on unique URLs #5
Description
The chatmail relay code recently had to be updated with new checksums in pull request chatmail/relay#705 because the content changed at the URL https://download.delta.chat/dovecot/dovecot-core_2.3.21%2Bdfsg1-3_amd64.deb. I would like to propose that we always treat downloadable artifacts as immutable, and never change them once they have been published. I would like to be able to consider the download server to be "an accreting collection of immutable things", as Rich Hickey once said. This helps ensure it is possible to recover or reconstruct older deployments with the exact content they were deployed from.
One way to do this would be to incorporate a unique build ID into the URL, so that even if the artifact is "the same version" but perhaps built differently, the URL it is stored on will be unique to that specific build of the artifact.
I'm very glad that the chatmail ecosystem is using checksums to validate artifacts before using them! I was deploying a fresh system and hadn't updated my local Git repo, so the checks are working as intended, which is excellent.