|author||Jonathan Nieder <email@example.com>||Sun Jan 27 16:54:58 2019 -0800|
|committer||Jonathan Nieder <firstname.lastname@example.org>||Sun Jan 27 16:54:58 2019 -0800|
debian/watch: Download upstream source more securely Use https instead of http for transport for transport-layer privacy and integrity protection. More importantly, specify pgpsigurlmangle and a signing key to allow "uscan" to check that the tarball was genuinely released by Lasse Collin. Based on advice from Policy 4.11. While we're here, use the XZ compressed tarball, since it's a little smaller.