Brew Browser: Open‑Source Homebrew GUI with Dual‑Version Architecture, Security Scanning & Snapshots for Mac Developers

Brew Browser Overview

Homebrew is the indispensable package manager for macOS, but it only provides a CLI. Brew Browser fills this gap with a native desktop GUI that lets users browse installed packages, search thousands of formulae, view updates, manage services, and perform one‑click backups and restores.

🛠️ Dual‑Version Architecture

The project maintains two independent implementations that share a common data contract:

Tauri version (cross‑platform) – built with Tauri 2, SvelteKit, and Rust; runs on macOS 13+ and Linux; uses a built‑in updater with minisign signatures; already released and notarized.

Native Swift version (macOS flagship) – built with Swift 6, SwiftUI, and Liquid Glass; runs on macOS 26 (Tahoe) only; updated via Sparkle 2 with ed25519 signatures; 0.1.0 released last week.

Both versions expose about 55 type‑safe Tauri commands from the Rust backend, invoke the brew CLI via tokio::process for real‑time stdout/stderr streaming, dynamically resolve paths using brew --prefix and brew --cache, and bundle the full Homebrew directory (~6 MiB gzip) for offline use. Optional GitHub integration uses OAuth Device Flow with tokens stored in the system keychain.

Why Two Versions?

"They are not competitors – they have different, non‑overlapping tasks, because SwiftUI cannot run on Linux and Liquid Glass only supports macOS 26."

This strategy maximizes coverage (cross‑platform reach) while delivering a native experience for macOS users.

🚀 Core Features

1️⃣ Dashboard

Shows total installed packages, available updates, brew version, formula/cask distribution.

Category donut chart, storage usage breakdown, and a button to reveal the package in Finder.

Optional vulnerability cards display known CVEs.

2️⃣ Library

Filterable list of all formulae and casks with outdated badges, sortable columns, category chips, vulnerability filter, severity dots, and a slide‑over detail panel.

3️⃣ Discover

Search the full Homebrew catalogue (≈15 k packages) with name search or 19 category filters and multi‑select chip filters.

4️⃣ Trending

Shows popular packages from Homebrew’s official analysis API, including time‑window support, velocity index, and install‑trend sparklines.

5️⃣ Snapshots

Uses brew bundle to save and restore a Brewfile, enabling one‑click “Set up a new Mac”.

6️⃣ Services

Lists, starts, stops, and restarts launchd‑managed background services.

7️⃣ Security Scanning

Optional brew vulns command queries OSV.dev for known CVEs.

Shows CVE details, optional GHSA enrichment after GitHub login, severity markers, and an “upgrade fix” button.

8️⃣ Activity

Real‑time streaming of brew stdout/stderr with persistent session history across launches.

9️⃣ Keyboard Navigation

Cmd+K

opens a global command palette. Cmd+0 returns to the dashboard. Cmd+1~6 jumps to each module. Cmd+, opens settings.

🔒 Privacy & Security Design

Brew Browser is transparent about network activity. Twelve documented outbound calls are listed, each triggered by user action and controllable via Settings → Network. Highlights include:

Homebrew official analysis API (cached for 1 hour).

Homebrew directory JSON (bundled at build time, offline).

Cask homepage icon detection (max once per week, SSRF‑protected).

GitHub API (optional, 24‑hour cache).

GitHub OAuth (optional, only on login).

GitHub write operations (Star/Watch/File‑issue).

brew CLI calls (all brew invocations).

Default browser opening for package homepages.

Built‑in updater (optional, default off).

Enhanced trend history (optional).

Realtime category updates (optional).

Vulnerability scanning (optional).

The app has no telemetry, crash reporting, third‑party fonts, or user accounts. An offline mode can disable all network requests with a single toggle.

🔧 Installation Guide

macOS Users

# Install via Homebrew
brew tap msitarzewski/brew-browser
brew install --cask brew-browser

Or download the appropriate package from GitHub Releases and drag it into Applications.

Linux Users

Download the Linux package from GitHub Releases.

Build from Source

git clone https://github.com/msitarzewski/brew-browser
cd brew-browser
npm install
npm run tauri dev   # development mode (HMR)
npm run tauri build # build release package

cd native
swift build
./build-app.sh
open BrewBrowser.app

🛠️ Technical Architecture Deep Dive

Tauri Version Architecture

Uses Tauri 2 as the shell for minimal native footprint, SvelteKit + Svelte 5 for the SPA front‑end (adapter‑static), and Rust for the backend that calls brew and returns typed JSON. Package data is sourced from the official formulae.brew.sh JSON API. The MIT license ensures open‑source friendliness.

All brew calls are serialized with tokio::sync::Mutex to avoid concurrency conflicts.

Key Design Decisions

Shell: Tauri 2 for native WebView and true macOS app bundle.

Front‑end: SvelteKit + Svelte 5 for a static‑site‑generated SPA.

Back‑end: Rust, delegating all package logic to the existing brew CLI.

Package Management: Directly use brew CLI, no re‑implementation.

Data Source: Homebrew’s official formulae.brew.sh JSON API.

License: MIT.

💎 Why It’s Worth Watching

Dual‑version strategy offers both cross‑platform reach and deep macOS integration.

Privacy‑first approach with no telemetry, fully documented network calls, and an offline mode.

Optional CVE vulnerability scanning protects the Homebrew environment.

Snapshot feature enables one‑click backup and restore of Brewfiles.

Keyboard‑driven workflow accelerates navigation.

MIT‑licensed, no CLA or EULA, fully open source.

Active development: 600+ Stars in 20 days.

Transparent privacy controls via Settings → Network.

📋 Reference Resources

GitHub repository: https://github.com/msitarzewski/brew-browser
Website: https://brew-browser.zerologic.com
Design docs: https://github.com/msitarzewski/brew-browser/blob/main/docs/PLAN.md

Disclaimer

The content is for learning and exchange only. Use the tool in accordance with platform terms and applicable laws. For third‑party services, refer to the latest official policies.