Don't require checksums for local sources
Currently, abuild requires checksums regardless of where the data being checked comes from. While it makes perfect sense to checksum remotely downloaded files to ensure that they haven't sneakily been modified, this makes less sense for local files given that if an attacker can change the local file, they can presumably also change the APKBUILD that refers to it. Requiring local files to be checksumed adds an extra unnecessary step whenever you want to make changes to them and can be confusing for new contributors.
With that said, if I'm missing something here, I would be happy to hear.