verification
Provide a detailed description of the proposed facility
--no-quarantine Used to forcefully bypass Gatekeeper, a built-in macOS security mechanism. It is used to run unsigned/unauthenticated applications.
macOS Tahoe is the last release to support Intel systems, and last year Apple updated macOS runtime security to make it harder to override Gatekeeper. Macs with Apple silicon also “do not allow native Arm64 code to be executed unless a valid signature is attached”. Ultimately, we are ending support for all casks that fail Gatekeeper testing on September 1, 2026.
Keeping the above in mind, it is time to condemn --no-quarantine flag from brewThis intentionally bypasses macOS security mechanisms, which we already actively discourage, Deprecating it now will give users who use it a good time to come up with another solution or adjust their workflow,
What is the inspiration for this feature?
Intel support is ending from both Apple and Homebrew. This flag is primarily used to override macOS security mechanisms, which we don’t want to encourage. Since we will need casks to complete the Gatekeeper check next year, there is no reason to keep this flag.
How will this feature be relevant to at least 90% of Homebrew users?
We will provide a secure experience for our users, and stop making it easy to bypass OS-level security.
What facility options have been considered?
nobody. Macs with Apple silicon are a platform that will be supported in the future, and Apple is making it harder to bypass the gatekeeper.