Veracity of formula

(Woodstock) #1


Given that the intention of homebrew is to be user contributed, and primarily bottled (not from source) , how are submitted bins verified non-malicious?

I say this because although there are clearly well intentioned people, verifying a SHA256 of a bin does not certify the veracity of the src.

So clearly a malicious user could contribute a subtly malicious build with valid SHA digest.

Surely -s (build from source) should be the default. Why are bottles preferred given this weakness?

(Claudia) #2

@john_alan I made an attempt to answer your question in a Twitter thread.
Feel free to follow up there (or here) in case you have any further questions or concerns.

(Woodstock) #3

@claui wow! Great answer! Will respond there and thank you.