-
-
Notifications
You must be signed in to change notification settings - Fork 10.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update Bartender 5.0.52 SHA #174106
Update Bartender 5.0.52 SHA #174106
Conversation
Note that the checksum mismatch is because version 5.0.52 was silently updated to include an analytics framework. See this reddit comment for details. As a PSA, this change, and the signing certificate change, are related to its transfer to new ownership. |
@aaronkollasch - thanks for the note. I don't use the app but if you could summarize for me please - the community using this app seems unhappy by the change, but has it been identified as outwardly malicious or compromised? |
By the looks of the reddit thread the new owners of this app are questionable at best. Which really sucks 🙁 because I like this app. Here's a quote from @core-code which explains the state of things a bit better:
I'm also a MacUpdater user/subscriber so I trust the above a whole lot more then the new owners. |
Ice seems like a good alternative. I've already removed Bartender as I don't trust analytics and "new owners". Doesn't give me the warm and fuzzies. Thank you @core-code the write up above was awesome. 😍 Anyway enough off topic from me. If you need any more info please let me know. |
Let's open a discussion on this instead of keeping in a closed PR. I think the information here is enough for anyone coming across this anew, but I'd like to maintain an open dialogue on if we need to pull this in the future, pending research outcomes. |
Yes please a discussion would be great. Doesn't seem like anything malicious in here yet, but you never know when an app magically changes hands. There are plenty of open source examples that support that logic. |
Discussion thread: https://github.com/orgs/Homebrew/discussions/5427 |
Important: Do not tick a checkbox if you haven’t performed its action. Honesty is indispensable for a smooth review process.
In the following questions
<cask>
is the token of the cask you're submitting.After making any changes to a cask, existing or new, verify:
brew audit --cask --online <cask>
is error-free.brew style --fix <cask>
reports no offenses.Additionally, if adding a new cask:
brew audit --cask --new <cask>
worked successfully.HOMEBREW_NO_INSTALL_FROM_API=1 brew install --cask <cask>
worked successfully.brew uninstall --cask <cask>
worked successfully.Looks like there's a SHA mismatch when installing / reinstalling: