Adding more fluff to bsd.port.mk to support this style of code is fairly disturbing.
I don't like the github stuff too much, it's somewhat error-prone and there is regular traffic on ports-changes proving it. Adding a SECOND source of problems does not seem like the way to go. There's also the issue of getting reliable checksum tarballs... especially if that ends up involving REQUIRING dependencies just to be able to fetch things. That's something we tried to avoid and that is definitely bug-prone. That will lead, at the least, to quality-issue problems. And possibly to actual security issues. On platforms where it is possible to have release tarballs that don't change I would say that's still a much better choice. I would very much be in favor of people providing hosting services where this does not exist, and to have an actual FAQ of things to tell upstream so that they prepare actual properly tagged releases on platforms such as github.