add(PackageSpec with rev) results in strict permissions #1382
Description
Reproducible on Julia 1.2 (docker run -it --rm julia /bin/bash):
# JULIA_DEPOT_PATH=/usr/local/share/julia \
julia -e 'using Pkg; Pkg.add([PackageSpec(name="CUDAapi", rev="v1.1.0")])'
Resolving package versions...
Updating `/usr/local/share/julia/environments/v1.2/Project.toml`
[3895d2a7] CUDAapi v1.1.0 #v1.1.0 (https://github.com/JuliaGPU/CUDAapi.jl.git)
Updating `/usr/local/share/julia/environments/v1.2/Manifest.toml`
[3895d2a7] CUDAapi v1.1.0 #v1.1.0 (https://github.com/JuliaGPU/CUDAapi.jl.git)
# find /usr/local/share/julia/packages/ -maxdepth 2 -mindepth 2 -exec ls -ld {} \;
drwx------ 4 root root 4096 Sep 13 11:03 /usr/local/share/julia/packages/CUDAapi/lP4MU
Whereas dropping the rev results in more accessible file permissions:
# JULIA_DEPOT_PATH=/usr/local/share/julia \
julia -e 'using Pkg; Pkg.add([PackageSpec(name="CUDAapi")])'
Resolving package versions...
Installed CUDAapi ─ v1.1.0
Updating `/usr/local/share/julia/environments/v1.2/Project.toml`
[3895d2a7] + CUDAapi v1.1.0
Updating `/usr/local/share/julia/environments/v1.2/Manifest.toml`
[3895d2a7] + CUDAapi v1.1.0
[8f399da3] + Libdl
[56ddb016] + Logging
# find /usr/local/share/julia/packages/ -maxdepth 2 -mindepth 2 -exec ls -ld {} \;
drwxrwxr-x 4 root root 4096 Sep 13 11:03 /usr/local/share/julia/packages/CUDAapi/lP4MU
Not sure if this is intended, but I ran into this while creating a Dockerfile that embeds known-good package versions.