brew-browser 0.7.0 / Brew Browser native 0.3.0 — Bundles
Signed + notarized release. Tauri is the macOS 13+ / Linux build; native is the
macOS 26 SwiftUI build. The two version numbers track the same feature batch
(native 0.3.0 ≙ Tauri 0.7.0); they differ only because each shell versions by
its own release history.
Headline: Bundles
Install a whole working setup in one place, not one package at a time.
Bundles are curated one-click package stacks — a local-LLM rig, an image-gen
studio, a web-dev starter — each with the packages it needs and the post-install
steps to make them actually work. A new Bundles section lands in both shells.
- Nine recipes at launch, every token verified against
brew infoand
drawing only onhomebrew/coreandhomebrew/cask(zero third-party taps):
Local LLMs, Image Generation, Graphics & Design, Media Toolkit, Web Dev
Starter, Local Databases, Agentic Web Dev, LAMP Stack, and LEMP Stack. - Master list + Details pane. Bundles use the app's canonical master-list
and right-side Details pane, matching Library and Trending exactly — nothing
is auto-selected, the pane opens when you pick a bundle and closes when you
dismiss it or switch sections. - Readiness gating. A zero-install system profile (RAM, architecture, GPU,
disk) decides whether your Mac can actually run a stack, so an 8 GB machine
isn't told to install a local-LLM bundle it can't support. A single header
pill carries the verdict; a color-coded callout appears only when a bundle is
marginal or blocked. - Intent up front. Each bundle leads with a short description paragraph
explaining what the stack is for, rendered under the tagline. - Clickable inline package descriptions. Every package row is a disclosure
that lazily fetches its one-line summary (catalog first,brew info
fallback), cached, with multiple rows open at once. - Per-package Install. A "Not installed" package exposes an inline
Install action that installs just that package through the streamed
install path, keeps the Details pane open, and flips the row to Installed —
independent of the description toggle. - Setup guidance that knows what it can automate. brew-native install steps
run in-app and stream into the Activity drawer; external commands (model
pulls, service bootstrapping, and the like) are presented copy-only rather
than executed silently. - Contributor-friendly by design. Recipes are validated JSON files that
anyone can PR against a published contract, with CI enforcing the schema. The
long tail (Rails, Django, MEAN, and others) is open for community
contributions.
Also in this release
Pin / unpin packages
Hold a package back from "Update all." Pinning works in both shells for
formulae and casks, with a Pinned filter tab in the Library, a
cask-aware pinned count, and a bottom status bar that leads with the active
filter's count. Closes the long-standing pin/unpin requests (#141; closes #90,
#134).
Resizable Activity console
The Activity console is now resizable in both shells, so you can give live
brew output as much room as you want (#136).
In-app brew command options
A reactive recovery UI surfaces adopt / overwrite / force-remove choices when a
brew job needs them, with an Advanced disclosure for greedy upgrades and
autoremove (#109; addresses #98 reactive, #47, #13, #102, #100).
Brew Doctor + Cleanup on the Dashboard
The Storage card gains two actions, both streamed into the Activity drawer:
- Run brew doctor — runs
brew doctorand shows diagnostics live
(advisories are surfaced as info, not a failure). - Clean up cache… —
brew cleanup --prune=allto reclaim cached downloads,
with a "frees ~X" estimate and a confirm step.--scrub(which also clears
the current versions' downloads) is an opt-in toggle, off by default (#82,
#83; issue #80).
Vulnerability scanning hardening
- Exposure parity + native GHSA enrichment. The native build gains the
source: live/cachelabel and GHSA enrichment, and the Tauri over-count is
fixed, with unified card wording across both shells (#107). - Tap-name + JSON-salvage fixes.
brew vulnsnow accepts tap-qualified
formula names and salvages JSON from banner noise (#103; #62, #92). - Native catalog empty-response guard brings the native build to parity
(#108). - GHSA advisory
referencesshape fix. GHSAreferencesare a string
array, not[{url}]; the previous shape made enrichment a silent no-op. Now
repaired and verified end-to-end (#110).
UX and correctness fixes
- Native list scaling — content columns fit the narrow-window floor without
clipping the sidebar (#142). - Install-trend sparkline scale — the sparkline no longer mixes cumulative
and daily counts, removing the "cliff" artifact. Both shells (#143). - Tauri vulnerable-footer navigation — the vulnerable-count footer now jumps
to Library → Vulnerable instead of the Dashboard (#144). - Native outdated tap-name undercount — tap-installed outdated packages are
no longer dropped from the Outdated filter (#145).
Changes
- Package metadata and docs aligned to the release train: Tauri
0.7.0, native
0.3.0.
Acknowledgments
- @cseelye — the resizable Activity console, contributed to both shells
(#136). - @modeezie — the Brew Doctor / Cleanup cache-maintenance request, with a
well-scoped "show me what it's doing" ask and the safer non-scrub default
suggestion (#80). - @Arvuno — the catalog reject-empty-response fix that hardens the catalog
refresh against upstream returning nothing (#101). - Everyone who filed the pin/unpin, brew-options, and vulnerability-scanning
issues that shaped this batch.
Issues & feedback
github.com/msitarzewski/brew-browser/issues.
Every error toast in the app has a "Report" button that pre-fills the issue with
your context.