# The verification is done from git tags and there are now signed tarballs.
source: orig-tarball-missing-upstream-signature *
source: debian-watch-could-verify-download debian/upstream/signing-key.asc *
