Comment by leonidasv
10 hours ago
The post is about Linux vulnerabilities, but given the recent supply chain attacks, I'd be especially careful with Homebrew: https://x.com/i/status/2052106143271354859
10 hours ago
The post is about Linux vulnerabilities, but given the recent supply chain attacks, I'd be especially careful with Homebrew: https://x.com/i/status/2052106143271354859
Often convenience and security are at odds, but `export HOMEBREW_NO_AUTO_UPDATE=1` is more convenient and more secure.
Problem here is Brew does things in an anti-unix way by default, the auto updating of packages being the prominent reason.
I personally switched away from macOS with this being one of the reasons, after having realized brew will eventually compromise my system with their antics.