Problem
Currently the CLI can only be installed via npm/npx or Docker. macOS developers expect brew install as a first-class installation method — especially since the prerequisites (Syft, Grype) are already installed via Homebrew.
Expected behavior
brew tap ottersight/tap
brew install ottersight
ottersight scan .
Scope
- Create a Homebrew tap repository (
Ottersight/homebrew-tap)
- Add a formula for
@ottersight/cli that:
- Depends on
node (or bundles a standalone binary via pkg / bun build --compile)
- Declares
anchore/grype/grype and anchore/syft/syft as dependencies
- Installs the
ottersight command to PATH
- Automate formula updates on new releases (GitHub Actions in the tap repo)
Alternatives considered
- npm only — requires Node.js knowledge, not idiomatic for macOS CLI tools
- Docker only — heavier, not suitable for quick local scans
- Standalone binary (bun/pkg) — could eliminate Node.js dependency entirely, but higher build complexity
Notes
Syft and Grype are already distributed via Homebrew taps (anchore/grype, anchore/syft), so declaring them as formula dependencies is straightforward.
Problem
Currently the CLI can only be installed via npm/npx or Docker. macOS developers expect
brew installas a first-class installation method — especially since the prerequisites (Syft, Grype) are already installed via Homebrew.Expected behavior
brew tap ottersight/tap brew install ottersight ottersight scan .Scope
Ottersight/homebrew-tap)@ottersight/clithat:node(or bundles a standalone binary viapkg/bun build --compile)anchore/grype/grypeandanchore/syft/syftas dependenciesottersightcommand to PATHAlternatives considered
Notes
Syft and Grype are already distributed via Homebrew taps (
anchore/grype,anchore/syft), so declaring them as formula dependencies is straightforward.