Hello, thank you for the feedback. The tgz's are build directly from the repository with git archive --format tar $1 | bzip2 -- >../packages/bpmdj-$1.tar.bz2 but you are right that it is somewhat annoying to have files dumped directly in the same location where the archive is located. On a sidenote you might want to download the 4.2-pl1, since 4.2 (without patchlevel) will crash when the taglist is modified.
The source distribution tarballs for bpmdj (e.g., ftp://bpmdj.yellowcouch.org/bpmdj/bpmdj-v4.2.tar.bz2) are tarbombs. Not only is this is very poor etiquette, but unpacking them can result in data loss. To fix this, please make sure that you specify a single directory, not a list of files, as the argument to your tarball creation. That is, use [/home/foo/src]$ tar cjvf bpmdj-4.2.tar.bz2 bpmdj-4.2 instead of [/home/foo/src/bpmdj-42]$ tar cjvf bpmdj-4.2.tar.bz2 *