Provenance verification should be enabled by default with a restricted download size #1127
Description
Currently provenance verification is enabled only when the verify-provenance argument is passed to Macaron. To ensure consistency, this should be removed and set to always happen, but with a configurable limit on the maximum download size. If a download is prevented or aborted due to size limitations, a warning should be shown to the user so they can choose to take action. Additionally, the verification related code should be further streamlined to ensure consistency between source locations where it is called.