[sofixa]

> pacman or brew? really I don't care. Both install what I want with one command.

As long as you don't care about the fact that brew is slow as hell, or can't actually handle versions and dependencies properly (installed `gpg` the other day, it updated Python and SQLite and 50 other packages to the latest version, regardless of major or minor), yeah, it's a package manager. Kind of. It still boggles my mind Apple haven't replaced it with a better, official version.

[nerdponx]

MacPorts is going strong. Homebrew has more packages, but packaging for MacPorts is not any more difficult than packaging for Brew.

[thiht]

It's a desktop, not a server, you should only ever install latest packages instead of relying on fixed versions. If you need a specific version, install a version manager. I use brew with everything latest, except for node which I manage with nvm and it works great.

Brew is actually my favorite package manager for this reason.

[sofixa]

Yes, you should only install latest versions. That's not an excuse however for Brew to upgrade everything to the latest version any time you install an unrelated package. Even desktop software, especially for software developers, which are supposedly a big part of Apple's MacBook "Pro" customers, has dependencies and breaking changes in major updates.

[yamtaddle]

Linux user since 2000 or so. Mandrake, Fedora, Debian, Ubuntu, and Gentoo, all heavily, with a little use of some other distros (Void, Arch, probably some others I'm forgetting about).

All around, Brew's my favorite package manager I've used. And yes, I started with Macports, so I've used that too.

[Steltek]

Why? Objectively, it has huge flaws compared to Linux package managers (permissions, sudo, capricious renaming of binaries).

[yamtaddle]

Been using it since 2012 or 2013 across a half-dozen devices and I'm not sure what you mean by any of that.

[Steltek]

You can 'rm /usr/local/bin/*' without sudo. Or replace /usr/local/Homebrew/bin/brew with something malicious. That's laughable and I don't know how it gets a pass from everyone.

[yamtaddle]

> You can 'rm /usr/local/bin/*' without sudo.

... so? I can also rm most or all of my home directory without sudo, and that's far bigger problem. If this happened it would be a minor annoyance at worst. Also, this is 775 on my system, and most of the contents are 755, so it's not even true except for one of my users.

> Or replace /usr/local/Homebrew/bin/brew with something malicious.

If I go out of my way to make that globally writable, sure. I just checked mine, though, and it's not.

Unless you mean that a program running under my user could replace that file with something malicious without my knowing about it, but there are a bunch of other ways it could accomplish similar things if a malicious program is running under my account, so yeah, I'm gonna give it a pass on that. About the only thing it makes a little easier is putting malicious code in the hands of other users on the system if the compromised account has write access to that file, but hell, if the same thing happened on a Linux system the malware would probably have my sudo password and a ton of other even-more-important info before long anyway, so it's not like that's any better.

[pxc]

> [Homebrew gives your user ownership of /usr/local.] That's laughable and I don't know how it gets a pass from everyone.

A big part of it is that Mac users don't generally think of or treat macOS as a multiuser operating system. It's a single-user Unix, baby!! (:

But even without that choice, malicious aliases for brew, or PATH changes and a malicious ~/.local/bin/brew would be possible.

[raverbashing]

I unfortunately have to agree with brew criticism

It would be good if it was a bit smarter like the linux ones.

[lampe3]

I try to not install specific version but always the latest.

Also to not install something that needs sudo.

On windows I used Scoop. I installed fonts through scoop and to update them I first needed to uninstall them and then install them again.

But sure in the end nothing is better then pacman with aur.

[SpaghettiCthulu]

Slow as hell doesn't even begin to describe it. Running `brew update` regularly hangs (no output, even with maximum verbosity) on something for more than 2 minutes before moving on.