Let’s use Signal as an example. How confident can I really be that the app I’m getting from the App Store was built using the code that I see in GitHub?<p>It would be fantastic if Apple & Google gave developers the option of having their source code securely hosted and linked to from an app’s product page. Or at least some kind of cryptographic signature (a simple hash digest?) that could be used to foster more confidence.<p>I’m not an app developer, and my simple Google searching hasn’t come up with a satisfying answer.