Re-build the uploaded tarballs with consistent

[sgjesse]

The tarballs uploaded are normally packaged by pub, but in principle other clients can upload as well. These tarballs have whatever owner-information and permission-information that the original files had on the users machine when the tarball is build.

Normally un-taring when getting packages will set owner to current user/group and permissions to current umask, as --no-same-owner and --no-same-permissions are default when running tar as a normal user.

However it still seems a bit odd to store tarballs with owner and permission information coming from the client machine.

One option could be to re-package the tarball with consistent user and permission information.

[mkustermann]

This is a known issue. And there is another reason why re-packing is good: The version of tar and gzip used can be very different for client uploaders (yes, different versions of tar/gz) - we've seen older clients not being able to unpack what newer clients uploaded.

Maybe we should move this bug to github?

[DartBot]

This issue has been moved to dart-archive/pub-dartlang#374.