Hello, Unfortunately both proposed work-arounds have some issues:
1) Passing via api.github.com without authentication has a rate-limit of 60 requests per hour. 2) Passing via /tags does not give access to all tarballs listed on the releases page. Notable problem are those projects where tags does not include submodules. These are often listed on the releases page as <PROJECTNAME>-<VERSION>.tar.(gz|bz2|xz).
One such example of tarballs not available on the tags page (of many) is: https://github.com/cracklib/cracklib/releases/latest
In theory, it seems technically feasible to obtain the URL where the release tarballs are found. On the /releases/latest there is an include-fragment pointing to an URL /releases/expanded_assets. This URL contains the tarballs previously listed directly on the /releases/latest page.
I do not know if it is technically feasible for uscan to follow such a link.
With kindest regards, Sacha Hony
