惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

GbyAI
GbyAI
博客园 - 三生石上(FineUI控件)
S
Securelist
U
Unit 42
The Cloudflare Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Simon Willison's Weblog
Simon Willison's Weblog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
B
Blog
T
Tenable Blog
The Hacker News
The Hacker News
The Register - Security
The Register - Security
IT之家
IT之家
博客园 - 【当耐特】
Spread Privacy
Spread Privacy
P
Privacy & Cybersecurity Law Blog
博客园_首页
T
Tailwind CSS Blog
人人都是产品经理
人人都是产品经理
C
Cybersecurity and Infrastructure Security Agency CISA
Know Your Adversary
Know Your Adversary
NISL@THU
NISL@THU
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
阮一峰的网络日志
阮一峰的网络日志
T
Tor Project blog
C
CERT Recently Published Vulnerability Notes
Apple Machine Learning Research
Apple Machine Learning Research
Stack Overflow Blog
Stack Overflow Blog
T
Threat Research - Cisco Blogs
T
The Exploit Database - CXSecurity.com
V
Vulnerabilities – Threatpost
A
Arctic Wolf
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
V
V2EX
aimingoo的专栏
aimingoo的专栏
大猫的无限游戏
大猫的无限游戏
Scott Helme
Scott Helme
L
LINUX DO - 热门话题
Cyberwarzone
Cyberwarzone
V
Visual Studio Blog
月光博客
月光博客
爱范儿
爱范儿
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
美团技术团队
G
GRAHAM CLULEY
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
H
Heimdal Security Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO

Homebrew

5.1.0 5.0.0 4.6.0 4.5.0 Homebrew’s new git signing key Homebrew and Workbrew 4.4.0 2023 Security Audit Homebrew’s Summer 2024 Hackathon 4.3.0 4.2.0 4.1.0 4.0.0 Maintainer Projects 3.6.0 3.5.0 Security Audit 3.4.0 3.3.0 3.2.0 Security Incident Disclosure 3.1.0 3.0.0 2.7.0 2.6.0 Homebrew tap with bottles uploaded to GitHub Releases 2.5.0 2.4.0 2.3.0 2.2.0 Homebrew Maintainer Meeting 2.1.0 2.0.0 1.9.0 1.8.0 Security Incident Disclosure 1.7.0 1.6.0 1.5.0 1.4.0 1.3.0 1.2.0 1.1.0 1.0.0
6.0.0
MikeMcQuaid · 2026-06-12 · via Homebrew

Today, I’m proud to announce Homebrew 6.0.0. The most significant changes since 5.1.0 are a new tap trust security mechanism, the new faster, smaller, default internal Homebrew JSON API, sandboxing on Linux, better defaults informed by our user survey, many brew bundle improvements, improved performance and initial support for macOS 27 (Golden Gate).

✨ Highlights since 5.1.0

🔐 Tap trust

Homebrew 6.0.0 introduces tap trust. A third-party tap can contain arbitrary, unsandboxed Ruby that runs on your machine, so Homebrew now requires taps (and tap-qualified formulae and casks) to be explicitly trusted before their code is evaluated or run. This reduces the risk from malicious or compromised taps while leaving the official Homebrew taps trusted by default. See the new Tap-Trust documentation for details.

⚡ Default internal JSON API

The internal JSON API is now the default, advancing the smaller API that Homebrew re-enabled and turned on for developers recently. It combines all Homebrew’s metadata into a single download, so brew updates faster and talks to the network less. It was opt-in via HOMEBREW_USE_INTERNAL_API since 5.0.0; that variable is now deprecated (see below).

🐧 Linux sandbox

The Linux Bubblewrap sandbox aligns Linux with macOS, where build, test and postinstall phases already run sandboxed. It is on by default for developers, Homebrew moved its macOS sandbox logic to share code, improved Linux sandbox behaviour (with Homebrew/homebrew-core setting the sandbox env in CI), hardened sandboxed install phases, sandboxed cask executable hooks, allowed logs in the build sandbox, installed Bubblewrap on hosted Ubuntu and skips sandbox setup for syntax-only jobs.

⚙️ Better defaults

📦 brew bundle

🏎️ Performance

Homebrew is faster across the board, with startup performance tweaks, a ~30% faster brew leaves, parallelised bottle tab fetching on upgrade and less work loading Ruby libraries at startup.

🍎 macOS 27 (Golden Gate)

Homebrew adds initial support for macOS 27 (Golden Gate).

🔮 Upcoming changes

🔒 Security

🚨 Security advisories

Homebrew published three security advisories:

🛡️ Other security improvements

🗑️ Deprecations

🎁 Features

🖥️ Casks

💻 Operating system support

🚰 Taps

ℹ️ brew info and brew tap-info

🆕 New commands, flags and output

🧊 Cooldowns, livecheck and bumping

⬇️ Downloads and fetching

🛎️ Services

🧪 Formulae and packaging

🪜 Install steps framework

🔀 Other changes

🧹 Internals, typing and refactors

🛠️ Continuous integration and developer tooling

📚 Documentation

Finally:

  • Homebrew is a non-profit project run entirely by volunteers, not employees. We need your funds to pay for software, hardware and hosting around continuous integration and future improvements to the project. Every donation will be spent on making Homebrew better for our users. Please consider a regular donation through GitHub Sponsors, OpenCollective and Patreon.
  • Homebrew/brew has no open issues at the time of writing 🎉.
  • Homebrew has a brand new brew.sh homepage style.
  • BrewUI is Homebrew’s upcoming official graphical interface. It’s not ready for general use yet.
  • The brew-rs experiment in moving parts of Homebrew’s Ruby frontend to Rust has concluded: benchmarks showed Homebrew’s Rust frontend only ahead on narrow, already-cached bottle fetches, not on representative full installs (pouring bottles, linking, writing metadata and health checks), so the performance focus has moved back to Ruby and to starting useful network and disk I/O sooner. We’ve added an FAQ entry explaining all of this. Our numbers come from honest, fully-compatible comparisons. Not all unofficial Homebrew frontends seem to apply the same rigor to their benchmarks, compatability or security: your mileage with those may vary.
  • Homebrew is increasingly a “package manager for everywhere”: Homebrew is recommended in Microsoft’s Windows Developer Config for WSL comfort, works well on Bazzite and now supports winget in brew bundle as a Windows-only feature.
  • The Homebrew team is aware of the supply-side security issues with other package managers. We’ve taken various steps to mitigate these risks for our users, some existing (e.g. macOS sandboxing, human review on all changes, environment filtering, all package maintainers are Homebrew maintainers), some new (e.g. Linux sandboxing, sandboxing reads of sensitive locations, cooldown from riskier ecosystems). We will continue to monitor the supply-side security landscape and take further steps as needed. See the new Supply Chain Security documentation we’ve added for details.
  • Homebrew has documented the principles behind our AI and LLM usage rules in a new Responsible AI Usage page.
  • Homebrew has joined the Open Source Resistance and you should too.

Thanks to all our hard-working volunteer maintainers, contributors, sponsors and supporters for getting us this far.

Latest Posts

  • 5.1.0 10 Mar 2026

    Homebrew 5.1.0 has been released. Homebrew’s most significant changes since 5.0.0 are expanded brew bundle support, brew version-install, new -full formula handling an...

  • 5.0.0 12 Nov 2025

    Today, I’d like to announce Homebrew 5.0.0. The most significant changes since 4.6.0 are download concurrency by default, official support for Linux ARM64/AArch64, tim...

  • 4.6.0 05 Aug 2025

    Today, I’d like to announce Homebrew 4.6.0. The most significant changes since 4.5.0 are opt-in concurrent downloads with HOMEBREW_DOWNLOAD_CONCURRENCY, preliminary ma...

  • 4.5.0 29 Apr 2025

    Today, I’d like to announce Homebrew 4.5.0. The most significant changes since 4.4.0 are major improvements to brew bundle/services, preliminary Linux support for cask...