RPM and Debian packages are signed - not individually, but by the distro - but this already provides some level of assurance. Of course this comes with an overhead, which is why e.g. python3-xxx packages in Ubuntu/Debian are usually older than those in PyPi, but security fixes are usually pushed by their maintainers.
@InternetRooky
RPM and Debian packages are signed - not individually, but by the distro - but this already provides some level of assurance. Of course this comes with an overhead, which is why e.g. python3-xxx packages in Ubuntu/Debian are usually older than those in PyPi, but security fixes are usually pushed by their maintainers.