Homebrew

Today, I’d like to announce Homebrew 4.5.0. The most significant changes since 4.4.0 are major improvements to brew bundle/services, preliminary Linux support for casks, official Support Tiers, Tier 2 ARM64 Linux support, Ruby 3.4 and several deprecations.

Over the next few days, Homebrew’s repositories will begin to transition from PGP-based signing to SSH-based signing for @BrewTestBot commits.

Homebrew is pleased to congratulate Workbrew on their 1.0 launch today. Workbrew is a company founded by several Homebrew members and the Project Leader, @MikeMcQuaid, to use Homebrew as the foundation of a secure software delivery platform. Workbrew’s product is out of beta and ready to solve your workplace’s problems with securing Homebrew at scale, so go check it out!

Today, I’d like to announce Homebrew 4.4.0. The most significant changes since 4.3.0 are official macOS Sequoia (15) support, INSTALL_RECEIPT.json files for casks, macOS Monterey (12) deprecation and various other deprecations.

Homebrew had a security audit performed in 2023. This audit was funded by the Open Technology Fund and conducted by Trail of Bits. Trail of Bits’ report contained 25 items, of which 16 were fixed, 3 are in progress, and 6 are acknowledged by Homebrew’s maintainers. Below is the scope of testing, findings by severity, and mitigation and acknowledgements.

The Homebrew Summer 2024 Hackathon brought together maintainers from across the globe to focus on enhancing security and performance aspects of Homebrew. Held July 16 to July 20 and hosted at IndyHall in Philadelphia, the event aimed to address issues identified in last year’s security audit from Trail of Bits, and to optimize the software’s performance. This post will share outcomes from the event, evaluate the effectiveness of the gathering, and serve as a blueprint for other open source projects who are considering in-person events as a way to make focused progress.

Today, I’d like to announce Homebrew 4.3.0. The most significant changes since 4.2.0 are SBOM support, initial bottle attestation verification, new command analytics and uninstall autoremove by default.

Today, I’d like to announce Homebrew 4.2.0. The most significant changes since 4.1.0 are some major performance upgrades (e.g. using Ruby 3.1, upgrading fewer dependencies), .env file configuration and macOS Sonoma support.

Today, I’d like to announce Homebrew 4.1.0. The most significant changes since 4.0.0 are significant improvements to the security/reliability/performance/usability of Homebrew 4.0.0’s new JSON API, the completion of the migration of analytics from Google Analytics in the US to InfluxDB in the EU and groundwork for later macOS Sonoma (14) support.

Today, I’d like to announce Homebrew 4.0.0. The most significant change since 3.6.0 enables significantly faster Homebrew-maintained tap updates by migrating from Git-cloned taps to JSON downloads.

Homebrew’s Project Leadership Committee has green-lit two paid projects by our maintainers this year and since both have hit some milestones recently we’d love to give you, our sponsors and users, an update on their progress.

Today I’d like to announce Homebrew 3.6.0. The most significant changes since 3.5.0 are preliminary macOS Ventura support, the need for --eval-all/HOMEBREW_EVAL_ALL and a migration to Ubuntu 22.04 as our CI platform.

Today I’d like to announce Homebrew 3.5.0. The most significant changes since 3.4.0 are improved brew update behaviour and Homebrew (on macOS) requiring at least OS X El Capitan (10.11).

Homebrew has had a paid security audit and addressed all flagged issues. This blog post has been a long time coming; apologies for the delay.

Today I’d like to announce Homebrew 3.4.0. The most significant changes since 3.3.0 are HOMEBREW_NO_ENV_HINTS to hide configuration suggestions, brew services supported on systemd on Linux, brew install --overwrite and Homebrew beginning the process to leave the SFC.