macOS: brew upgrade doesn't upgrade outdated software
I am used to Debian. But now I have to use a MacBook with macOS 10.14.6 (fresh install) from time to time.
MacOS has no apt-get. So I downloaded and installed brew.
I installed software like:
brew cask install firefox
brew cask install iterm2(and some other stuff)
Software works. Some days later:
brew updategave me a list of software with new versions.
brew upgradeupgraded iproute2mac 1.2.2 -> 1.2.3
I thought this should have done the same like "apt-get update & upgrade": everything should be up to date. Later that day I found the news "iterm2 < 3.3.6 is unsave" (CVE-2019-9535). I thought "I have upgraded. Everything should be ok" I was proven wrong:
brew cask info iterm2 iterm2: 3.3.6 (auto_updates) /usr/local/Caskroom/iterm2/3.3.2 (64B)
It is outdated and vulnerable :-(
Fixing that:
brew cask reinstall iterm2
works.
Checking firefox:
> brew cask info firefox
firefox: 70.0 (auto_updates)
/usr/local/Caskroom/firefox/68.0.1 (64B)another outdated software :-(
let's check everything before updating firefox:
> brew cask outdated
(no results)The brew checking for outdated software doesn't work. brew upgrade doesn't work. It doesn't notice the old iterm2 and both of them do not notice the old firefox. I have also checked for software updates in the GUI (apple logo > about this mac). But only Safari is listed there.
How can I get "brew upgrade" to detect and upgrade all outdated software?
Bonus question: Under Debian I receive a notification in the GUI when software is outdated. How to receive such a notification for firefox, iterm2 and other software under macOS?
2 Answers
Using brew to update the packages would have required to update every installed package individually.
Finally I found a solution for this problem. There is a tool called "brew-cask-upgrade" that can handle updates much better:
After installing the tool you only need one simple command and the tool will:
- update brew
- search (and find!) outdated packages
- update those packages
Here is a small example how to use it and how it is working:
$ brew cu
==> Options
Include auto-update (-a): false
Include latest (-f): false
==> Updating Homebrew
Already up-to-date.
...
==> Found outdated apps Cask Current Latest A/U Result
1/3 libreoffice 6.3.2 6.3.4 [OUTDATED]
2/3 libreoffice-language-pack 6.3.2 6.3.4 [OUTDATED]
3/3 virtualbox 6.0.14,133895 6.1.0,135406 [OUTDATED]
Do you want to upgrade 3 apps or enter [i]nteractive mode [y/i/N]? y
==> Upgrading libreoffice to 6.3.4
==> Downloading ...I had the same problem today with docker desktop and found this:
So if you are using the latest version of software (or) with own update functionality, you either need to
- use the built-in update functionality (firefox, iterm2, docker, telegram etc)
- use
brew upgrade <cask>or - use
brew upgrade --greedy
I think using yet another tool to do this is unnecessary, but that's up to you.
