[jakobegger]

Hosting the downloads themselves via HTTPS is completely useless if the link to that file is transferred over HTTP.

[manigandham]

Link to the repo/releases page...

[jakobegger]

Jesus Christ, you really don't understand, do you?

If the original website is insecure, everything could be faked, including the link to the releases page.

If HN readers don't understand this, who does?