Laslo Hunhold:
I know no package manager that implements this model (tell if there is one).
https://wiki.debian.org/SecureApt Another cool project: https://hannes.nqsb.io/Posts/ConexBut since suckless doesn't have an OS (yet), the debate is not about package managers, but source releases. And are many, many software projects out there that sign their releases with OpenPGP.
-- ilf Über 80 Millionen Deutsche benutzen keine Konsole. Klick dich nicht weg! -- Eine Initiative des Bundesamtes für Tastaturbenutzung
signature.asc
Description: PGP signature