[ar-nelson]

This could be implemented as an import assertion[1]:

import foo from 'http://example.com/foo' assert { sha256sum: '...' }

This feature would even be useful in the web platform in general. Would also be nice to see an assertion for importing plain text files (not just JSON files) and assertions for per-module Deno permissions.

[1]: https://github.com/tc39/proposal-import-assertions

[xg15]

I think for the web platform, there is already Subresource Integrity [1] which follows the same idea. Unfortunately, it works at the level of script tags, so can't be used inside a script. But maybe this could be a starting ground for making a proposal.

[1] https://en.m.wikipedia.org/wiki/Subresource_Integrity