Hi,
There has been an attack in regards to the AUR.
https://archlinux.org/news/active-aur-malicious-packages-incident/
There has been a list of all the packages affected.
https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/me...
I don't know how you build the htdig package, but it was listed when I was checking for malicious packages. I just don't know if your package you provide would be affected by it, even though I would assume none of you use the AUR to build it.
Regards, Shauna