> i'm not. all of it makes me nervous. even package managers with supposedly cryptographically secure verification make me nervous.

Android and Chrome for example are really ahead of this in my opinion. Apps are sandboxed and you know uninstall clears up traces of them. Obviously it's not perfect but it's miles ahead of installation scripts and binary installers which can do anything they want with your system and might be hard to get rid of.

That is what Mac App Store is for. However, all of these sandboxed environments come with their own sets of problems and make making especially these kind of tools quite difficult if not impossible.

> Apps are sandboxed and you know uninstall clears up traces of them.

Not in all versions of Android, if they write stuff on the SD card.

They might be able to write some files that sit around but not code that runs on startup and spies on you for example.

So how would you go about packaging this m-cli tool into a sandboxed app?

Okay - I'm curious. What is wrong with:

  ./configure
  make
  make install

I do that a lot, and 90+% of the time, it's that simple.

uh yeah, it's the other 10% that's the problem.

not to mention the tracking of installed files and library dependencies that slowly develop into an accumulated spiderweb shitstorm of runtime conflicts.

have you tried maintaining multiple versions of a shared object libraries by hand? do you remember the 'make install' wrappers that never worked right? pepperidge farm remembers.