A package manager should not make it that difficult to downgrade a package.
Otherwise -- homebrew's great.
> Usage: brew extract [options] formula tap
> Look through repository history to find the most recent version of formula and create a copy in tap/Formulaemail@example.com. If the tap is not installed yet, attempt to install/clone the tap before continuing.
Frustrating that my PR to create readline@7 was rejected. https://github.com/Homebrew/homebrew-core/pull/36782
I would at least like to see some mechanism to exclude a Formula from automatic gc of old versions besides brew pin. Libraries don't take up significant space, and they cause a world of hurt to delete out from under compiled binaries, so there is not a good argument for automatically deleting them.
But you can also just copy the previous version into the new readline directory.
cp /usr/local/Cellar/readline/7.0.5/lib/lib*.7.dylib /usr/local/opt/readline/lib/
Although this will break with the next readline update.
Otherwise the dependency management in Homebrew is even worse than I knew.
brew remove packagename
brew install packagename@versionnumber --force --overwrite
Edit: my pet gripe with brew is the services syntax. I want to use this:
brew services httpd restart
brew services restart httpd
In most cases, brew just works. That's great. But it's also used primarily by developers, and I can't imagine this is an uncommon scenario.
It seems it misses an "automatically" installed flag in order to remove the deps I didn't have specifically installed myself in the first place. Would be very great for brew to have that.
Now I avoid trying new apps through brew.
An indication of the formula downloading a pre-built binary or compiling it would be nice too, btw.
You can use `brew bundle dump` and `brew bundle cleanup` to achieve this (I often do the same).
I’m not aware of much else that fulfills this niche well - conda seems very very tied to precisely tested version combinations, and (from what I remember - tried and had problems) nix seems to want root/system level daemons.
Hello. Conda core contributor here. Do you have any more details? Would love to help.
We try to keep version constraints among dependencies as loose as possible. We do actively patch dependency metadata over time, putting upper version bounds on dependencies when incompatibilities eventually arise.
I'm curious why you feel this way.
A word of warning, however: Homebrew 2.0 removes your old formula from the Cellar when upgrading. If you want to disable this you must set HOMEBREW_NO_INSTALL_CLEANUP in your environment if you want to hold on to those older versions.
> We’re not willing to ship things we don’t support, sorry. I do not consider it acceptable to ship software that we are unable to test and we know will break. Even if I did consider that acceptable I’d be unwilling to accept the additional support burden that the maintainers have to take on from people submitting issues when they are clearly told not to (something that still happens often).
Clarification beyond that: fixing avoidable user issues is not what most of the maintainers want to spend most of their (volunteer, mostly evening and weekend) time on. Even immediately closing issues as WONTFIX takes more time to deal with than not getting an issue at all.
You may disagree with this (clearly some people do) but ultimately you cannot expect a volunteer run project to support more than they are willing to do. If we had people stepping up and saying "I will deal with all the support requests for this!" that'd be different but mostly we have people who want us to do the work for them.
I know this is still a different trust model, but, IMO, not too different.
I know reproducible builds are on the radar for Homebrew in the future, and that should ease some of your concerns too.
For a good thread on Homebrew security checkout https://twitter.com/c_pellegrino/status/1093195802871246848
It also means, though this is only a problem with third party channels, that it's possible to get into a situation where you can't even build from source at all. I was working with one of our custom packages, where for the life of me I could not figure out how to get the build to work. Turns out it had been hardcoded to run on a very specific machine, and assumed access to a very specific network file system, and I wasted about a week of my life trying to untangle those assumptions before giving up. If that software had been designed from the beginning with the idea that it ought to be possible to build from source from anywhere, we'd presumably be in a different situation now.
- it's faster for end-users
- it's more reliable (which both makes the user experience better for users and reduces the support burden for our volunteer maintainers)
To disable it, do either of
brew analytics off
Otherwise, I love it and it’s basically the one reason development on macOS is not a major PITA. So thank you to everyone making that possible!
They showed a shocking lack of judgement and an abundance of arrogance. I can't trust them anymore. I don't think others should, either.
The comment that Mike edited is the last one. Clicking on the "edited by MikeMcQuiad" allows you to see the different versions.
It’s also literally the opposite of quietly enabled  .
Is youtube-dl a service because it needs to be constantly updated, at great effort, to deal with new countermeasures and the like? Still looks like software to me.
If you were running the software for me (e.g. Gmail), then maybe Homebrew would qualify as a service.
> It’s also literally the opposite of quietly enabled
I discovered it when my firewall showed me an outbound connection to Google analytics. Homebrew spews so much stuff to the console, it's not something a regular user would read unless they looked for it. That was hardly sufficient disclosure.
You guys could have prompted for consent. You didn't. You still refuse to. And you won't entertain any suggestions that you do so unless it comes from a contributor. As I said in my original comment, your collective lack of judgement and refusal to consider the opinions of users is why I don't find you guys to be trustworthy anymore. I encourage everyone to find alternatives.
I’m not sure on whose systems you believe packages are built and tested, and from whose systems you feel Homebrew downloads bottles.
> it's not something a regular user would read unless they looked for it. That was hardly sufficient disclosure.
That notice was colored, it was typeset in bold, it was surrounded by newlines, and it sounded an audible bell. Blaming Homebrew for the fact that you missed that message says more about you than about Homebrew.
Is Ubuntu a service because Canonical builds and tests packages and hosts package repositories? I don't think many people would make that claim.
> That notice was colored, it was typeset in bold, it was surrounded by newlines, and it sounded an audible bell.
That's not the notice I got.
"Anonymous aggregate user behaviour analytics documentation: https://git.io/brew-analytics". No bold. No bell.
The notice you linked to was added in reaction to the outcry. The bold and bell were added at a later date.
The Homebrew maintainers continue to refuse to do the only ethical thing and PROMPT THE USER instead of making assumptions one way or another.
When it comes down to it, principle of least privilege applies here. Homebrew doesn't need to phone home to Google to install packages, so it shouldn't.
I have a work user and a personal user on my laptop. Brew won't let me use both at the same time without getting my hands dirty with creating groups, and even then it's not supported behaviour.
Can the blank be filled in?
If so I'd love to use Homebrew to manage dependencies on both Linux and OSX. (msys2 has my Windows build covered.)
What is the hassle you saw with Ubuntu MATE?
A lot of software that I use weren't available via APT so I had to go hunting via snap, flatpak and pip. Suddenly I had four different package managers to maintain and update. Every time I updated Ubuntu it was a mess to update where what repositories to update to. I was never successful in keeping my software up to date without a lot of googling and problem solving and it sucked.