Homebrew had a security audit performed in 2023. This audit was funded by the Open Technology Fund and conducted by Trail of Bits. Trail of Bits’ report contained 25 items, of which 16 were fixed, 3 are in progress, and 6 are acknowledged by Homebrew’s maintainers. Below is the scope of testing, findings by severity, and mitigation and acknowledgements.| Homebrew
Today, I’d like to announce Homebrew 4.3.0. The most significant changes since 4.2.0 are SBOM support, initial bottle attestation verification, new command analytics and uninstall autoremove by default.| Homebrew
Today, I’d like to announce Homebrew 4.2.0. The most significant changes since 4.1.0 are some major performance upgrades (e.g. using Ruby 3.1, upgrading fewer dependencies), .env file configuration and macOS Sonoma support.| Homebrew
Today, I’d like to announce Homebrew 4.1.0. The most significant changes since 4.0.0 are significant improvements to the security/reliability/performance/usability of Homebrew 4.0.0’s new JSON API, the completion of the migration of analytics from Google Analytics in the US to InfluxDB in the EU and groundwork for later macOS Sonoma (14) support.| Homebrew