Generated tarball contains malformed source code files

Gleam version: 1.11.1 OS: Arch Linux

When publishing a package, it appears to be possible for the files that end up in the tarball to be randomly messed up. After having no issues with publishing multiple iterations of a project of mine for a while, one version I published ended up having this issue, and it meant that when adding the package to any other projects, those projects would fail to build, even though there were no build issues when locally building the package that was published. For an example, see these two tarballs that were uploaded using gleam publish, both built from the exact same code (minus the version number bump in the gleam.toml): https://repo.hex.pm/tarballs/spacetraders_sdk-1.5.0.tar https://repo.hex.pm/tarballs/spacetraders_sdk-1.5.1.tar In the former there are multiple invalid source code files present, and in the latter (which had to be built on a separate machine to not generate an invalid tarball) there are no issues. I'm currently still unable to build a valid tarball with no messed up files on the original machine where the issue occurred. The machine that builds the invalid tarball is running Arch Linux and has tar version 1.35, while the machine that can build it successfully is running Debian and has tar version 1.34. So it's possibly a bug introduced in tar 1.35? I did find this bug report which is possibly related: https://savannah.gnu.org/bugs/?65210