Neither WinGet nor Homebrew packages/formulae provide authenticity checks. They have integrity checks for file transfer. That’s it. Where did the file come from when it was entered into the respective repository? No statement.
Whether Authenticode provides a sufficient authenticity check is yet another question, of course. Still, file integrity verification is just a side-effect.
alt Hacker News
Neither WinGet nor Homebrew packages/formulae provide authenticity checks. They have integrity checks for file transfer. That’s it. Where did the file come from when it was entered into the respective repository? No statement.
Whether Authenticode provides a sufficient authenticity check is yet another question, of course. Still, file integrity verification is just a side-effect.