We need a strong link between the source repo URL and our buildserver. HTTP
redirects have a number of issues, and are unnecessary in our use case.
Once this is complete, then the buildserver can set http.followRedirects to
false, and we could also set the buildserver to fetch source over Tor to
avoid targetting it. Right now, gitlab.com only allows git fetches over
Tor if it is hitting a direct URL. gitlab.com/s redirect logic will
trigger Cloudflare captures otherwise.
* https://bugs.debian.org/79002
* https://www.debian.org/security/2019/dsa-4371
* https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2021/CVE-2021-38000.html
* fdroidclient#1041
YAMLLoadWarning: calling yaml.load() without Loader=... is deprecated, as
the default Loader is unsafe. Please read https://msg.pyyaml.org/load for
full details.
