In the project list, the package names link to brief information about each package. There, under the title “Latest release”, the version number of the latest release always links to /rel/$pkgname/latest.html. Periodically download this file and use diff(1) to detect changes. This will give you all information you need to update your package. If you are only maintaining a package for an old versions of a program, you can still do this, as the file may be updated with security announcement, corrections (maybe an old dependency is removed or a missed dependency is added), dependency updates (for example to specify the the software is compatible with a newer version of a library), new valid checksums (it happens that source code hosting services change details about how a tarball is generated, causing it's checksum to change for no apparent reason); but if you are only maintaining a package for an old version of a program, you may instead want to periodically download the file specific to the version you are maintaining, as those files will still be updated in these cases. You can also use [this script] to automate some parts of maintaining a package. It may be good to known that every single file on this domain (but not the subdomains) are signed except (of course the signature files themselves and) [a file] you periodically pull to see which key all files are currently signed with; just add .sig to the end of the URL.