All the homebrew packages have checksums and are versioned in git, so if the upstream website is compromised and a malware installer is put in place of the package, `curl | bash` will just install the malware, while `brew` would start erroring out and refuse to install after downloading something with a different checksum.
You also get an audit log in the form of the git repo, and you also ensure everyone's downloading the same file, since `curl | bash` could serve different scripts to different IPs or user-agents.
I don't think brew does proper build sandboxing, so like `./configure.sh` could still download some random thing from the internet that could change, so it's only a bit better.
If you want proper sandboxing and thus even more security, consider nix.
A rare occurrence these days. I suppose a lot of it has to do with shrinking attention spans and instant gratification and the lack of effort required to do so many things that required even a little bit of effort before
I started reading books again and deleted Tiktok since I noticed my attention bad had gotten so bad. Can't imagine people GROWING UP with this stuff. My parents were worried I played runescape too much when I was young but compared to Tiktok that's some advanced stuff.
