All valid points. I thought we had more-or-less got past the “should we” and 
moved on to the “how should we”, 

I am not necessarily championing this, but people are submitting these, and 
there is demand.here are nearly 4000 cask installer formulae on brew now. If 
similar binary-only ports are going to be accepted, I was hoping for a 
mechanism to identify and control them somewhat, for the reasons you mention 
and more.

> 
> So, pretend I don’t know how Homebrew’s cask system works.  (I don’t.)  
> 
> 1) As a user, what is the advantage of this kind of system versus other 
> avenues for software (i.e. the Mac App Store or direct download of a dmg from 
> the developer web site)?  

convenience, really. You can install something with a short command instead of 
wading through finding the right installer on a website. Updates are handled 
transparently. You can install 10 or 20 software packages onto a set of systems 
with one command. You can make a list of the 75 software packages you like to 
have and install them all with one command. You can tell your grandmother how 
to install zoom with four words to paste into a terminal instead of a 
complicated set of download and install instructions. 

> Doesn’t most such software include an auto-updater?  

Sometimes.

> If so, won’t that conflict with MacPorts update handling?  

Yes.

> A potential disadvantage would be the time lag from a new version being 
> released until a new ‘cask’ is available, right?

Yes

> 
> 2) My impression is that developers of commercial software would, in many 
> cases, NOT want a third party (like MacPorts) to be distributing their 
> software.  From their perspective, a third party introduces considerably more 
> risk that users may end up with maliciously altered software.  Can we not 
> expect to get takedown notices from certain publishers?

I suggest if we agree to do this, we do not mirror any installers partly for 
this reason.  Each would have it’s SHA code, so security would be as good as 
whatever good security is now. 

Software developers seem OK with "brew cask”, based on their being 4000 of them 
so far, and I have seen software people open PRs to update their own casks when 
they release a new version — so in general, they seem OK. Dunno about details 
beyond that.


> 
> 3) Is the MacPorts mirror network willing to contribute bandwidth for 
> distributing non-open source software?  

I doubt it. There is no need to mirror these.

> Will we sour our relations with some of the mirrors if we use/abuse their 
> bandwidth this way?

Probably.

>  Why do we want to use our bandwidth that way?

We don’t.

> 
> Craig

Reply via email to