Check signature of apps uploaded into store

there apparently can be apps on the store with broken signatures.

the one I saw this with is

https://apps.nextcloud.com/apps/secsignid

apparently there is a whole bunch of files in the signature which arent in the actual download of the app (development stuff like gitignore for example)

shouldnt the store check the signatures before publishing them?