Homebrew: Internal API Default and Trust System Hardening

Transcript

Good morning. This is your Homebrew developer briefing for June 6th, 2026.

The biggest change this cycle is Homebrew's shift to internal API as the default runtime behavior. Pull request 22546 removes the public JSON API from normal operations while keeping it available for website data generation. This addresses issue 19204 and hides the "Homebrew use internal API" environment variable since it's now just an internal compatibility toggle.

Trust system handling got significant attention across several areas. PR 22553 fixes cleanup operations to skip untrusted formulae instead of aborting entirely, resolving issue 22551 where cache checks would fail on untrusted taps. PR 22559 silences trust warnings during shell completion to keep output clean while still filtering untrusted items from suggestions. The trust improvements extend to better error boundaries and user experience.

Type safety work continued with two Sorbet-focused pull requests from issyl0. PR 22540 reduces Ruby interface duplication for RSpec test type checking, and PR 22542 bumps more test files to "typed true" status. This ongoing effort strengthens static analysis across build environment, bundle, and completion specs.

Performance optimizations landed in targeted areas. PR 22552 speeds up cask backup copies by using clone-capable copy arguments for large app bundles, with separate handling for GNU versus macOS copy commands. PR 22555 adds Bundler cooldown periods to match existing npm and PyPI release policies.

Infrastructure changes include better WSL analytics labeling in PR 22558 and containerless Linux testing for test-bot in PR 22557. The project also cleaned up organizational references by removing old PLC addresses from documentation.

Looking ahead, the internal API switch will affect any workflows still depending on the public JSON endpoints, and the trust system improvements should reduce friction in mixed-tap environments.

That's your Homebrew update. Back to you.