Go vendor archives ignore the nightly version override on testbuilds

I'm building a testbuild based on nightly, and I got this error:

Tag lyrebird-0.1.0 is signed with key 07948FFA64160A425BCD27EAC732B1D1C28F4E2F
Created /home/pierov/buildstuff/tor-browser-build/tmp/rbm-qAFmLF/rbm-JZemR/lyrebird-0.1.0.tar.gz
Build log: /home/pierov/buildstuff/tor-browser-build/logs/lyrebird-linux-x86_64.log
Finished build of project lyrebird - lyrebird-vendor-0.1.0-fdedf3.tar.gz
Error: Wrong sha256sum for /home/pierov/buildstuff/tor-browser-build/out/lyrebird/go_vendor/lyrebird-vendor-0.1.0-fdedf3.tar.gz.
Expected sha256sum: 8e9a5fd52f5a3a2b2b891389a224fcfc83b6c081658161bf40882b23fb58834c

But the sha256 is exactly the one for lyrebird-vendor-a4e3be7815ec-916bbf.tar.gz I got by running make go_vendor-lyrebird-nightly!

So, I looked again at the filenames, and it seems that we're trying to use the version from alpha builds instead of the git abbreviated hash for some reason.