Zeripath opinion on the Gitea migration implementation

For the record, in the context of fixing a security issue in the Gitea migration codepath @zeripath wrote:

We need to redesign the uploader/downloader framework to allow for stuff to be checked in a common and clean way so that no downloader can ever create an unsafe PR.