I think it would be useful, if the build process would always print the SHA256 of the unsigned APK file before it is about to be signed or to be verified against a developer signature. Context: when reproducibility issues crop up, either I have to manually download the APK and calculate the hash myself (GitLab, tedious), or I could not investigate at all (build server, because I cannot download artifacts there). It would be much easier if there were one log line with the hash.