Workbrew 1.2 is here.

This release expands the Workbrew policies system, delivers powerful new automation tools, supports device management at scale, and enriches the admin experience to provide deeper insights into the software running across their fleet.

1.2’s features and improvements tighten security, streamline administration, and improve visibility – helping MacAdmins, IT teams, and security professionals better manage Homebrew at scale while keeping developers moving fast.

Let’s dive in.

Default Packages Now Available On The Free Plan

Free plan users now have access to Default Packages, making it easier than ever to get new developers started with a consistent toolset.

Define a set of core packages your team needs – and have them automatically installed on enrolled devices. Whether you’re managing a small team or just getting started with Workbrew, you can now ensure faster onboarding, fewer setup issues, and more productive environments from day one.

It’s a powerful way to bring order to developer machines – now available at no cost.

Avert Compliance Violations and Fortify your Stack with New Policy Features

Define and enforce which software enters your stack with Workbrew’s policies.

Make your mission-critical tools available effortlessly, while preventing risk from unauthorized software. To support this goal, this release introduces three powerful new policy types, and new features to flag violations in your dashboard.

Allowed Taps Policy: Enable Private and Trusted Taps

Prevent installations from unauthorised or untrusted sources by setting a clear policy on which Homebrew taps are allowed.

For Admins:

• Automatically allow official Homebrew taps and any private taps connected to your Workbrew workspace.
• Block package installs from unknown, risky, or shadow taps – strengthening your software supply chain security – by only allowing trusted third-party taps.

For Your Team:

• Install packages confidently from approved taps without worrying about unknown risks.

Allowed Taps Policy is available on Pro and Enterprise plans.

Forbidden Licenses Policy: Support OSS, but Prevent IP Risk

Encourage open source usage to empower engineers and accelerate development, while avoiding legal or compliance exposure.

For Admins:

• Proactively block high-risk open-source licenses, such as strong copyleft licenses (e.g., AGPL, GPL), that might conflict with your organisation’s compliance requirements.
• Simplify open-source license management across your fleet.

For Your Team:

• Build a “win/win” collaboration between engineering and security.
• Feel confident that any open-source projects you incorporate won’t put your company’s IP at risk.

Forbidden Licenses Policy is available on Pro and Enterprise plans.

Automatic Upgrades and Uninstalls Policy: Keep your Fleet Up-to-Date, Globally

Programmatically ensure your fleet is secure and up-to-date, removing the manual back-and-forth of chasing each team member to run brew.

For Admins:

• Patch brew formulae when vulnerabilities are detected, without human intervention
• Upgrade outdated packages (formulae or casks) on a regular cadence to minimise team disruption.
• Retroactively uninstall forbidden packages that pre-date the policy.

For Your Team:

• Ongoing maintenance and regular updates with minimal disruption for your developer teams.

Automatic Upgrades and Uninstalls Policy is available on Enterprise plans only.

Flag Policy Violations with New Dashboard UX

No more digging through lists or cross-referencing device data. Identify non-compliant devices at a glance — including which policies are being broken, and which packages are responsible. Updated weekly email reports provide a summary of all policy violations across your fleet. Admins now have consistent insight into compliance status — even while away from the console.

Flagged Policy Violations are available on Pro and Enterprise plans.

‍

Device Group Management for Growing and Changing Teams

“Device groups” allows you to easily manage installs and updates based on project, role, or team.

Whether you are rolling out devices to larger fleets, or realigning projects to fit new business goals, Workbrew offers new features to seamlessly manage groups.

Rich Default Packages for for New Devices

New devices added to a device group now automatically inherit the group’s assigned default packages, policies and commands – without needing any manual retargeting.

For Admins:

• Save time and eliminate missed configurations as your team scales or changes.

For Your Team:

• Newly onboarded devices are ready to go from day one.

Sync Device Groups Directly from Your MDM

Workbrew now supports read-only syncing of device groups from your MDM (Jamf, Kanji, Intune, JumpCloud, Fleet and SimpleMDM).

For Admins:

• As devices join MDM groups, Workbrew automatically updates their software and policies – no extra steps needed.
• Keep your source of truth clean: edits to device groups stay within your MDM.

For Your Team:

• Consistent device experience without manual updates or missed policies.

Dynamic Targeting and MDN Device Group Sync is now available on Pro and Enterprise plans.

Triage Unknown Software Faster with Insights from Package Metadata

As Admins come across unknown or unvetted packages, Workbrew’s console surfaces key information: package descriptions, versions, licensing information, and more.

From the Packages tab, click on any package listed to view detailed information.

For Admins:

• Make informed decisions about unknown or unvetted packages from within the Workbrew console.

For Your Team:

• Faster software approvals mean quicker access to the tools your developers need.

In-Console Package Metadata is available on all plans.

Quickly Locate, Target, and Troubleshoot Devices Across Your Fleet

Workbrew now prioritises displaying device names (from your MDM or the device’s hostname) over serial numbers.

For Admins:

• Plain-language naming conventions offer clarity when Admins need to access devices quickly.
• No more hunting through spreadsheets or other sources of device identification.

For Your Team:

• Resolutions happen faster when devices need attention.

Device Identification is available on all plans.

‍

UX Upgrades for Intuitive Management

This release also includes a series of updates that improve visibility, searchability, and everyday usability inside the Workbrew Console – especially for larger teams managing complex fleets.

Console UI Refresh

The Workbrew Console has received a makeover to make it faster and easier to use.

• Improved tables: Cleaned-up tabular layouts make package, device, and policy data easier to scan and act on.
• Simplified navigation: We’ve reorganized navigation to help you find what you need faster.
• Updated visual design: Subtle visual tweaks bring clarity and polish across the entire Workbrew console.

Search for Formulae and Casks on the Packages Page

The Packages page now supports full search functionality across all formulae and casks in your fleet.

Quickly filter down to a specific tool, investigate a suspicious package, or locate items that might need to be added to a policy – without scrolling through massive lists.

Filter Brew Commands by Creator

Need to track down commands created by a specific workspace administrator?

You can now filter the Brew Commands page by command creator, making it easy to understand who ran what and when – especially in workspaces with multiple admins managing remote software delivery. Useful when troubleshooting, doing an audit, or just coordinating with other admins.

The Improved Console UI and Searching for Formulae and Casks on the Packages Page is available on all plans.

Filtering Brew Commands by Creator is only available on Pro and Enterprise plans.

‍

Workbrew 1.2: Stronger Policies, Smarter Automation, Better Insights and Better UX

To roundup, Workbrew 1.2 brings major improvements to security, automation, and device management:

• Expand your policies to cover taps and licenses, not just packages.
• Keep devices patched and secure automatically – without user disruption.
• Manage growing fleets easily with smarter group targeting and MDM syncing.
• Make faster decisions with detailed in-console package data and improved discovery tools.
• Navigate your fleet faster with better device naming.

We’re proud to keep building Workbrew based on your feedback – and we’re excited for what’s next.

Have questions or feature ideas? Reach out to us – we’d love to hear from you.