@bschaaf could you (or anyone responsible) please verify that the signature of the 4152-file is indeed correct and intact?
I created a virtual machine, installed a clean Debian 12 and tried the following:
Download public key
~/work$ wget https://download.sublimetext.com/sublimehq-pub.gpg
...
2023-08-28 13:14:41 (2,39 MB/s) - »sublimehq-pub.gpg« gespeichert [3817/3817]
Import public key
~/work$ gpg --no-default-keyring --homedir ./ --import sublimehq-pub.gpg
...
gpg: Schlüssel ADAE6AD28A8F901A: Öffentlicher Schlüssel "Sublime HQ Pty Ltd <support@sublimetext.com>" importiert
gpg: Anzahl insgesamt bearbeiteter Schlüssel: 1
gpg: importiert: 1
Download Sublime Text 4143 package and sig
~/work$ wget https://download.sublimetext.com/sublime_text_build_4143_x64.tar.xz
...
2023-08-28 13:15:16 (2,77 MB/s) - »sublime_text_build_4143_x64.tar.xz« gespeichert [17480384/17480384]
~/work$ wget https://download.sublimetext.com/sublime_text_build_4143_x64.tar.xz.asc
...
2023-08-28 13:15:58 (28,0 MB/s) - »sublime_text_build_4143_x64.tar.xz.asc« gespeichert [819/819]
Verify Sublime Text 4143 => correct signature
~/work$ gpg --keyring ./pubring.kbx --homedir ./ --verify sublime_text_build_4143_x64.tar.xz.asc sublime_text_build_4143_x64.tar.xz
...
gpg: Signatur vom Fr 11 Nov 2022 07:42:47 CET
gpg: mittels RSA-Schlüssel F57D4F59BD3DF454
gpg: Korrekte Signatur von "Sublime HQ Pty Ltd <support@sublimetext.com>" [unbekannt]
gpg: WARNUNG: Dieser Schlüssel trägt keine vertrauenswürdige Signatur!
gpg: Es gibt keinen Hinweis, daß die Signatur wirklich dem vorgeblichen Besitzer gehört.
Haupt-Fingerabdruck = 1EDD E2CD FC02 5D17 F6DA 9EC0 ADAE 6AD2 8A8F 901A
Unter-Fingerabdruck = E359 79B8 96E9 9725 6457 C632 F57D 4F59 BD3D F454
Download Sublime Text 4152 package and sig
~/work$ wget https://download.sublimetext.com/sublime_text_build_4152_x64.tar.xz
...
2023-08-28 13:19:18 (2,44 MB/s) - »sublime_text_build_4152_x64.tar.xz« gespeichert [16454288/16454288]
~/work$ wget https://download.sublimetext.com/sublime_text_build_4152_x64.tar.xz.asc
...
2023-08-28 13:19:53 (25,2 MB/s) - »sublime_text_build_4152_x64.tar.xz.asc« gespeichert [819/819]
Verify Sublime Text 4152 => wrong signature
~/work$ gpg --keyring ./pubring.kbx --homedir ./ --verify sublime_text_build_4152_x64.tar.xz.asc sublime_text_build_4152_x64.tar.xz
...
gpg: Signatur vom Mi 02 Aug 2023 12:01:01 CEST
gpg: mittels RSA-Schlüssel F57D4F59BD3DF454
gpg: FALSCHE Signatur von "Sublime HQ Pty Ltd <support@sublimetext.com>" [unbekannt]