Provide a brew intaller/runtime in the AppImage format for Linux #19047
Comments
How would making the installer an opaque AppImage that can't be easily inspected improve trust? |
|
The way I see it - the AppImage would be built by an automated pipeline, ie. GitHub Actions, providing a signed artifact which would be posted on the releases page along with a checksum. This since standard practice for projects providing binaries via GitHub and would allow Homebrew users on Linux to obtain a binary for installing or using brew and be able to verify it's consistency at all times. I was mostly looking at an equivalent of the MacOS pkg file for Linux users, though I think it might be of use to also provide a checksum for the pkg installer file. |
|
None of that addresses your stated concern:
With AppImages, that requires unpacking the downloaded AppImage and checking all the files therein anyway, and given the mandated stuff that goes into an AppImage, I can think of a couple of places to hide Nasty Stuff that you might not catch. As the link you posted concludes:
Coming to the convenience factor that you mentioned, I don't remember the reason for the macOS .pkg, but I suspect it's to accommodate enterprise deployment, especially with its builtin support to specify an alternate user for installation. In any case, it's a one-off thing that's meant to be used and discarded, not kept around and mandating updates over time. As you note, there's ongoing discussion about AppImages/Flatpaks/etc. as the Linux cask equivalent, but that's quite unrelated to enabling AppImages for the base Homebrew install, especially since you want to sandbox (where possible) "Linux cask" installs, but not the base install. Different considerations exist for the latter, and all told, I'm not seeing much of a case for AppImages, Flatpaks or any other opaque package formats over the current |
|
Passing on this for now. We'll consider it if we see more requests in future and a maintainer or contributor steps up to implement it (which is what motivated the |
Verification
brew install wget. If they do, open an issue at https://github.com/Homebrew/homebrew-core/issues/new/choose instead.Provide a detailed description of the proposed feature
The installation of Homebrew via the bash/curl combo might lead to trust issues. Providing a self-contained Linux installer/runtime binary with checksum for verification (as is currently the case with MacOS thanks to #14265), could provide a better user experience and possibly simplify the update process.
The goal of this feature is not to add AppImage support into Homebrew for all aplications as proposed in #15808, but rather the
brewcommand itself. However, self-updating using the AppImage should be implemented and might open the door for additional software to be packaged as AppImage "casks".What is the motivation for the feature?
The installation of Homebrew via the bash/curl combo might lead to trust issues. AFAIK there is no way of verifying what will be executed unless downloading the script first, inspecting it and running it locally.
The problems with bash/curl installers are widely described in the following article:
https://medium.com/@esotericmeans/the-truth-about-curl-and-installing-software-securely-on-linux-63cd12e7befd
How will the feature be relevant to at least 90% of Homebrew users?
The binary will be self-contained, making it easier to install, update and uninstall Homebrew. It will also make things more resilient as the binary can be checked against corruption.
What alternatives to the feature have been considered?
The existing way Homebrew is installed and the MacOS pkg files which is incompatible with Linux.
The text was updated successfully, but these errors were encountered: