[woodruffw]

> While I use Homebrew on my Mac — it is a major risk. I am afraid that the project is not following strict security policies and will be compromised at some point. Evil package or evil version of brew can steal or modify my data.

This is a genuine question: what is your threat model, and what security policies would you like to see? It's hard to imagine a threat model that assumes an "evil version of brew" that doesn't also prevent you from installing any third-party software on your machine. Malicious packages are always possible, but Homebrew's integrity checks do an adequate (but improvable!) job of making such attacks auditable; I'm not aware of any successful supply-chain attacks mounted against Homebrew users.

I have a lot of experience with various package managers, and Homebrew is not particularly out of band with its peers (which should be read, partially, as a general indictment of packaging practices).

[anshargal]

It is not feasible to avoid installing any third-party software. Moreover I admitted that I use Homebrew.

However I don’t understand what makes Homebrew reliable. Homebrew is a non-profit project run entirely by unpaid volunteers.

I trust repositories controlled by corporations (RHEL, Ubuntu) or properly(?) governed non-profit organizations (Debian) more. Also I trust App Store more, because of sandboxing, static and dynamic analysis.

[woodruffw]

I don't understand the distinction you're making between Homebrew and other non-profit OSS orgs: Homebrew has a documented governance structure[1] and is hosted under a non-profit foundation.

The App Store exists primarily to distribute proprietary applications. Homebrew exists primarily to distribute open source packages. Comparing the two (and Apple's justified focus on sandboxing, etc.) feels like a mismatch.

[1]: https://docs.brew.sh/Homebrew-Governance

[anshargal]

Thank you for clarifications and thank you for your work on Homebrew. I hope that Homebrew approach is sufficient to make security risks acceptable.