Version 1.6.4 Is Missing 2 Files

Neither of those files are still in the plug-in. What are you comparing your checksum against? You should check it against the stable tag as declared in the readme; it sounds like you might be checking it against trunk.

This is WP-CLI’s verify-checksums command. Based on what I’m reading, it would be comparing against the following, which does seem to be pointed at the trunk:
https://downloads.www.ads-software.com/plugin-checksums/wp-accessibility/1.6.4.json

Based on the following open issue, they are looking at supporting edge cases where plugins update without new checksums being generated, but I don’t know if that would cover this case:
https://github.com/wp-cli/checksum-command/issues/46

Is this just something that www.ads-software.com is doing incorrectly when it generates plugin checksums? It would seem if this is common that checksum verification wouldn’t be very reliable.

That does seem weird. I could start using trunk again; but ever since I moved my development over to GitHub, the only use I really have for trunk is to update the current stable tag. Most of the files are up to date, but I haven’t been removing files that are out of use from there.

Yeah, it does seem like www.ads-software.com should give you the tools to say “this is my release branch, please base any automated statistics on this.”

In the end, given the other piece of the WP-CLI discussion linked earlier, I may just have to give up on being able to reliably automatically audit plugin integrity and leave it to file permissions to keep sites safe. If devs can change files without incrementing the version number (bad practice though that may be), I don’t need 200+ false alerts every time a popular plugin has something like that happen to it!