Conceptually speaking, the allowlist approach (enumerating goodness) would be to install homebrew in a distrobox container in order to isolate it, and only distrobox export selected binaries from the distrobox container, right? I imagine there’s an important reason I’m forgetting about why we used to do that but then moved to just running homebrew on the host…after reviewing Bluefin is feature complete - #6 by j0rge , it seems like the initial reasoning at the time for going back the homebrew on the host (after the discovery of the workaround to only change PATH in interactive shells) was to keep the UX and system architecture simpler to understand?
1 Like