cask: gate auto-updates behind opt-in#21985
Merged
MikeMcQuaid merged 1 commit intomainfrom Apr 11, 2026
Merged
Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR changes Homebrew Cask’s upgrade behavior so auto_updates true casks are only auto-upgraded when users explicitly opt in (or when running as a developer), while also hardening version-detection to avoid false upgrade prompts from broken app bundle metadata.
Changes:
- Introduces
HOMEBREW_UPGRADE_AUTO_UPDATES_CASKS(opt-in) and keepsHOMEBREW_NO_UPGRADE_AUTO_UPDATES_CASKSas a hidden override, with early conflict validation. - Updates cask outdated detection to ignore known-bad bundle versions (e.g.,
0.0) when evaluating auto-updating apps. - Updates manpage/docs and adds/adjusts unit tests around the new env behavior and bundle-version edge case.
Reviewed changes
Copilot reviewed 10 out of 10 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| manpages/brew.1 | Documents the new opt-in env var and removes the old env var from the public manpage. |
| Library/Homebrew/test/env_config_spec.rb | Adds tests for the new upgrade_auto_updates_casks? env logic and conflict handling. |
| Library/Homebrew/test/cask/upgrade_spec.rb | Stubs new env gate in tests; adds a regression test for conflicting env vars raising in brew upgrade. |
| Library/Homebrew/test/cask/cask_spec.rb | Adds regression coverage for ignoring a bad bundle version (0.0) when short version is missing. |
| Library/Homebrew/manpages.rb | Hides env vars marked hidden: from generated env var docs. |
| Library/Homebrew/env_config.rb | Adds the new env var, hides the old one, and implements upgrade_auto_updates_casks?. |
| Library/Homebrew/cask/upgrade.rb | Forces early evaluation of env var conflict to error consistently before cask selection. |
| Library/Homebrew/cask/cask.rb | Gates auto-updates upgrades behind the new opt-in and ignores bad bundle versions in bundle metadata comparisons. |
| docs/Manpage.md | Reflects public env var docs changes (new opt-in var; old hidden var removed). |
| docs/FAQ.md | Updates FAQ guidance to mention the new opt-in env var and planned default change in 5.2.0. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
MikeMcQuaid
force-pushed
the
fix_more_cask_auto_update_problems
branch
from
852c8be to
69330ae
Compare
Bo98
approved these changes
Apr 10, 2026
github-merge-queue
bot
removed this pull request from the merge queue due to a conflict with the base branch
MikeMcQuaid
force-pushed
the
fix_more_cask_auto_update_problems
branch
from
69330ae to
1b15b29
Compare
- switch `auto_updates true` upgrades to `HOMEBREW_UPGRADE_AUTO_UPDATES_CASKS` so users keep the current behavior until Homebrew 5.2.0 - keep hidden `HOMEBREW_NO_UPGRADE_AUTO_UPDATES_CASKS` support for developer overrides, reject conflicting env settings early in `brew upgrade`, and keep `HOMEBREW_DEVELOPER` boolean parsing consistent - ignore bad bundle versions such as `0.0` so broken `Info.plist` metadata does not trigger false upgrades - skip hidden env vars cleanly when generating manpages so undocumented entries cannot affect formatting
MikeMcQuaid
force-pushed
the
fix_more_cask_auto_update_problems
branch
from
1b15b29 to
8f059a0
Compare
bevanjkay
reviewed
Apr 11, 2026
| HASH_KEYS_TO_SKIP = T.let(%w[outdated installed versions].freeze, T::Array[String]) | ||
| private_constant :HASH_KEYS_TO_SKIP | ||
|
|
||
| AUTO_UPDATES_BAD_BUNDLE_VERSIONS = %w[0.0].freeze |
Member
There was a problem hiding this comment.
I think we should expand this to knock out versions from installed_short_version, but I'm happy to take a look at this in a follow up PR with some other additional logic (probably on Monday).
Member
Author
There was a problem hiding this comment.
@bevanjkay Aye sounds good. Less pressing now it's not applying to everyone any more.
bevanjkay
approved these changes
Apr 11, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
auto_updates trueupgrades toHOMEBREW_UPGRADE_AUTO_UPDATES_CASKSso users keep the current behavior until Homebrew 5.2.0HOMEBREW_NO_UPGRADE_AUTO_UPDATES_CASKSsupport for developer overrides and reject conflicting env settings early inbrew upgrade0.0so brokenInfo.plistmetadata does not trigger false upgradesFixes #21981
brew lgtm(style, typechecking and tests) with your changes locally?Used OpenAI Codex with local editing, testing and review.