Moved from SourceForge bug tracker:
I saw that you are providing signed checksums for your released files, which is awesome (not many projects do that)! :-)
Would it be possible to also (or instead?) provide detached signature files for the source tarballs? Debian has a tool "uscan", which checks for new releases. It is also capable to automatically verify the integrity of the downloaded sources, if detached signatures are available .
Create detached signature for source tarball (Closes #204)