Homebrew Cask and Security

homebrew security

Somewhat new to Homebrew. As I understand it, Homebrew Cask looks for apps in its Github repository. I don't know how they get there, but I assume that the app or the link which lives at Github is not supplied by the developers of the associated app. So, then, is a download from the Cask repository an exercise of trust in the Cask maintainers?


Solution 1:

Yes, and also trust that having the sources in the open and others using it, you don't need to be the first person to catch a bad act. The traceability of who checks in what hopefully is a deterrent to casual maliciousness.

You of course are more secure to not automate installs of unsigned software from the internet.

Related

How to approve iPhone if you have no other device?
Disable Left/Right Scrolling on Magic Mouse with Google Calendar
Is it possible to disable a specific key in OSX? [duplicate]
MacBook Air turns off whenever lid is closed after High Sierra update
How to get cpu/memory usage from command line output
PC hangs with striped screen and then three long beeps on start-up
Does ClassicShell.net truly lets one boot to the desktop on Windows 8?
Can I see the SMTP session log when Mail.app connects to an SMPT server?
Why cannot administrators delete registry keys when they run regedit as administrators?
How to slow down my WiFi speed in Thomson Speedtouch
Get active network adapter and set DNS via PowerShell
Command-Line FTP/HTTP download manager that supports multiple connections