Since PQcrypt is a rolling release software based on liboqs , maybe as soon as we git clone liboqs locally during installation we must run a sha512 hash over the locally cloned repository and use sha512 hash output as build version, this hash should be added in encrypted messages , the receiver should check this build version with his own and discard message if build versions mismatch. This logic has to be done in code, or perhaps if any better mechanism exists we might think over it.
Since PQcrypt is a rolling release software based on liboqs , maybe as soon as we git clone liboqs locally during installation we must run a sha512 hash over the locally cloned repository and use sha512 hash output as build version, this hash should be added in encrypted messages , the receiver should check this build version with his own and discard message if build versions mismatch. This logic has to be done in code, or perhaps if any better mechanism exists we might think over it.