That's an idea: why not make configure or make directly aware by default of the interest of signature, secure-hash or more automatic general security checks (like not building as root, etc.)? It could probably be tried behind-the-scene like most other checks and provide a final friendly report if security guarantees are achieved.
If that small PR is sufficient to fuel adoption among developpers (it already occured for things like sudo) within some years --fail-on-no-security-check could become the default.
BTW, ./configure && make && make install
is my prefered idiom.