homebrew-core
asdf
Our great sponsors
homebrew-core | asdf | |
---|---|---|
132 | 339 | |
13,184 | 20,393 | |
0.8% | 2.6% | |
10.0 | 7.9 | |
5 days ago | 5 days ago | |
Ruby | Shell | |
BSD 2-clause "Simplified" License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
homebrew-core
-
GitHub Disabled the Xz Repo
Is disabling the compromised repo the typical GitHub policy? My concern is there are monorepos used by package managers, like brew, that are a collection of thousands of projects [1]. These monorepos seem like a prime target for attack and if GitHub disables one because a malicious commit was merged then you've taken down an entire ecosystem.
-
Backdoor in upstream xz/liblzma leading to SSH server compromise
> Correct. Though we do not appear to be affected, this revert was done out of an abundance of caution.
-
Pyenv – lets you easily switch between multiple versions of Python
> right, but now you know even less about your setup when you some roadblock
This is the same with a binary though. And with homebrew, you can't follow patches or flags used or if they change.
- https://github.com/Homebrew/homebrew-core/blob/c964ad7fa53ad...
- Apple curl security incident 12604
-
Cowsay
definitely be careful about using fortune in a corporate environment or public space if you don't know what dat files you are using or you might just get an extremely unwelcome surprise.
I was practicing a presentation and used to use "fortune" all the time. I forget exactly what it output but I remember being absolutely mortified about what could have happened if that had popped up during an internal company tech talk.
Kudos to brew for keeping unsuspecting people safe
https://github.com/Homebrew/homebrew-core/commit/3fb3c4c3e55...
-
Ask HN: Trouble with a Stargate
I'm sorry to be asking this as I find it a bit silly, but it's blocking my PR [3], so could a few of you star the project on Github [1] to get my PR to run?
[1] https://github.com/laktak/chkbit-py
[2] https://brew.sh
[3] https://github.com/Homebrew/homebrew-core/pull/160018
- Simulate an Ubuntu-like VM inside macOS
- When open source platforms are worse than closed source
- Homebrew Rejects the Idea for Post-Install Notes
- Homebrew team's developer harassment. They won't remove my software?
asdf
-
Volta – Fastest Node version manager in Rust
Or if you need to manage more than just node, asdf has been around for over a decade and works great. You can use a .tool-versions to change runtimes for each project you have, in addition to managing your global runtime versions
-
Pyenv – lets you easily switch between multiple versions of Python
Why not just use a tool like asdf (https://asdf-vm.com/) or mise (https://mise.jdx.dev/)?
These tools have the advantage of not being multi-taskers and can manage version for all your tools. You wouldn’t need pyenv and npm and rvm and…
We’ve even started committing the .mise.toml files for projects to our repos. That way, since we work on multiple projects that may need multiple versions of the same tool, it’s handled and documented.
-
A Journey to Find an Ultimate Development Environment
The purpose of a version manager is to help you navigate or install any tools for development easily. Version Manager can be one tool for each dependency (e.g. NVM, g) or One tool for all dependencies (e.g. asdf, mise).
-
How to Install Your Python Version on Ubuntu
(asdf)[https://asdf-vm.com/] fully supports Python and almost any other language. I've been using it for Ruby, Python, Elixir, and other languages for years and never looked back.
-
Beginners Intro to Trunk Based Development
Secondly, our development environments must not drift, because then code may behave differently and a change could pass on our machine but fail in production. There are many tools for locking down environments, e.g nix, pkgx, asdf, containers, etc., and they all share the common goal of being able to lock down dependencies for an environment accurately and deterministically. And that needs to be enforced in our local workflow so we don't have to rely on CI environments for correctness. All developers must have environments that are effectively identical to what runs in CI (which itself should be representative of the production environment).
-
Practical Guide to Trunk Based Development
There are many ways this can be done (e.g nix, pkgx, asdf, containers, etc.), and we won’t get into which specific tools to use, because we'll instead cover the essential essence of preventing environment drift:
- Criando seu ambiente com ASDF
-
Kotlin version manager
I've really been enjoying asdf, which is a program that allows you to install specified versions of dev utilities as well as dynamically manage them via shims and .tool-versions files.
-
How do i keep my "devops tool" always up to date in a smart way ?
I use the asdf version manager.
-
Fish – Update on the Rust Port
You might check out rtx[1]
Its an asdf[2] rewrite, in rust, that can do most of the things nvm can
What are some alternatives?
yt-dlp - A feature-rich command-line audio/video downloader
SDKMan - The SDKMAN! Command Line Interface
asdf-python - Python plugin for the asdf version manager
pyenv - Simple Python version management
HomeBrew - 🍺 The missing package manager for macOS (or Linux)
rbenv - Manage your app's Ruby environment
homebrew-php - :beer: Homebrew tap for PHP 5.6 to 8.4. PHP 8.4 is built nightly.
nvm - Node Version Manager - POSIX-compliant bash script to manage multiple active node.js versions
osxfuse - FUSE extends macOS by adding support for user space file systems
volta - Volta: JS Toolchains as Code. ⚡
homebrew-cask-versions - 🔢 Alternate versions of Casks