Development of Quickhash tends to be like buses. Nothing for a while, and then lots all at once.

v2.8.4 was the last version prior to implementing SQlite. And it was a fairly stable release all-in-all and it pleased a lot of people; I got very few proper bug reports in that time, and instead most of the asks were feature requests. At the time of writing, about 150K people downloaded that version, and some people still continue to do so. It was the main download for about 145 days until v3.0.0 eventually made an appearance which included SQlite for the first time after 3 months of development.

v3.0.0 as a zero-day release was actually only out for a few days because I noticed an issue with it (thanks to a user who reported the bug) relating to truncating of path lengths, and v3.0.1 arrived almost immediately after. It had a few more quirks that were also quickly rectified resulting in v3.0.2 which remained the stable version until just a few weeks ago when v3.0.3 and v3.0.4 came out.

v3.0.2 stuck around for quite a while (about 315 days, and is still available in the release archives) and it brought with it the first code-signed copies of the program in Feb 2018. I had received quite a lot of requests for a code-signed copy of the executable over the years, but Windows 10 made that need somewhat more apparent. But how does an open-source tool recoup the costs of providing code-signed copies? It was a bit of a dilemma so I eventually took the decision to invest in a Digicert certificate at a cost of some £230 and signed up with SendOwl.com to help distribute those signed copies (a further cost of $9 a month) in exchange for a small recouping fee of £1.99. All the while I made the same version available as an unsigned exe just as I always have done.

Overall, it was a success (note: applying for a code signing certificate is not a walk in the park!), but not as much as I was expecting given the amount of people who asked me to make a code-signed copy available. I recouped the investment and covered some of my other annual costs, just, selling 270 code-signed copies for both OSX and Windows  combined (bearing in mind I lost £0.30 to PayPal for every transaction!). That is a ratio of about 33% being OSX code-signed downloads, or 1 in every 3 being for OSX, with 2 in every 3 being for Windows. Which is very interesting, because the downloads for the unsigned version are very different. Since August 2017, unsigned Quickhash has been downloaded about 295K times for Windows compared to only 9.3K for OSX and 14.4K for Linux. If my math is correct, OSX therefore accounts for 2.98% of the overall download and Linux is 4.73%.

Windows OSX Linux Rough Period of Release No of Days
V3.0.4 1110 12 5 16/1/19 – 18/1/19 2
V3.0.3 1411 104 33 9/1/19 – 16/1/19 7
V3.0.2 151701 2978 3052 28/2/18 – 9/1/19 315
V3.0.1 4908 679 500 20/1/18 – 28/2/18 39
V3.0.0 1204 679 0 15/12/17 – 20/1/18 36
V2.8.4 135247 4935 10850 28/8/17 – 20/1/18 145
Totals 295581 9387 14440 544

319408 total downloads, give or take, from this individual website (excluding Sourceforge, Github, and the various software websites that host it) for v2.8.4 upwards. There is another 45K downloads of the earlier versions, starting from Dec 2016 when I first moved the project to this website.

So there is clearly a much higher demand for code-signed copies of the program for OSX compared to Windows. But as unsigned copies, all bets are off.

But the maths tell me that there is simply not enough of a demand for continued code-signed copies so v3.0.4 that was released the other day is probably going to be the last code-signed version because unless I renew the certificate, I won’t be able to code-signed new copies in the future.  Digicert have more than doubled their fee to $499 for an annual code signing certificate. That is more than twice what I paid last year and no discount is being offered to me as a renewal, nor open-source, customer. I simply do not believe there is a sufficient demand for code signed copies of the program to make it worth the hassle and cost, especially given it is an open-source project anyway. Unless someone wants to sponsor the project to make that possible (contact me if interested). This is further compounded by the analytics figures which show that ever since making the program available as a code-signed copy, 1012 users clicked the link to start to buy, but of those, only 270 actually completed to purchase.

But what an interesting review of the figures this has been. This dedicated website was opened in Dec 2016 after moving the project from Sourceforge where it was downloaded 500K times between 2011 to 2016. Then since 2016, it has been downloaded a further 345K times. So at about 845K downloads, I’m not far off a million downloads!

It must be said that a big part of this is thanks to the Linux distribution Zorin OS who kindly suggest use of Quickhash for verifying downloads of their ISO images. Ever since they linked to the project, the download stats have gone up considerably, so thank you, Zorin OS, for supporting another open-source project. Maybe one day Ubuntu or Linux Mint will do the same.

Remember you can donate as as much or as little as you like to this project at www.paypal.me/quickhashgui . It helps me out a lot. You can also get yourself mentioned at the same time as helping the project by submitting a testimonial.

The chart below gives a visual representation of the download ratios since v2.8.4 to v3.0.4.

QuickHash Download Stats

As an aside, but slightly related note, I thought it would be a useful time to also review the websites overall usage data. The screenshot below visitor stats for the last couple of years. It’s encouraging to see a generally increasing trend of activity.

Website Stats for Quickhash-gui.org