Would be nice to have checksums on the firmware files, etc. Nothing exotic or complicated. Probably sha256 would suffice just to make sure things get downloaded in one piece. I would guess the LimeSDR or LimeSuite has a check too but this makes it quite clear which firmware file is mentioned in links, discussions, etc.
The checksum could even be a part of the filename. I think that is a good way to go with firmware/gateware. That way if someone downloads from some "other" site they can know if it's legit.
Thanks @hTo137, noted.
It's also nice to have sha256sum etc. formatted files so the user can simply bulk check the downloads using
sha256sum -c FILES.sha256
git sha1 could also be a part of the filename. Then the users can tell which version it's built from.