if the package author provides a checksum or signature, it should be verified when downloading #6
Description
Only one of these is necessary (either checksum or signature). Figure out which makes the most sense before implementing this.
{{ message }}