You could at least add MD5 sums of the installers, hosted somewhere outside of SourceForge...
SourceForge is known to add malware/spyware/trojans/etc to projects hosted on their...