Integrity validation

> **idea/discussion:** just thinking aloud, comment whatever you think that could be wrong or could be improved.

Probably it will be possible to add the sha1 and sha512 on the commit description.

```
git commit -m "gitpkg" -m "{\"integrity\":{\"sha1\":\"<sha1 hash>\",\"sha512\":\"<sha512 hash>\"}}"
```

then the node package managers must validate against this.