Signed sources availability for packages

[AlexBaranowski]

Hello,

The nice addition to the official packages would be the availability of the source packages, for RHEL and its clones, the *.src.rpm packages. This is a common best practice and is sometimes required by company guidelines for using open source. The source package should be signed in same manner like compiled package.

While I appreciate the convenience of compiled packages, having access to the source code packages allows for greater transparency, customization, and potential troubleshooting.

Then the repository file could be updated to contain the official source packages repository disabled by default (like EPEL and other repos).

Best, Alex