Context
Claude's 2026-07-02 review re-raised the first-mile trust concern: README and install docs still promote curl -fsSL .../bootstrap.sh | bash as the fast path, while the safer pinned Homebrew installer mode exists but is not prominent in the unpinned path.
Current code does log the Homebrew installer trust policy when Homebrew is missing during setup, and docs/remote-installer-policy.md documents the pinned BASE_HOMEBREW_INSTALLER_URL + BASE_HOMEBREW_INSTALLER_SHA256 mode. The remaining gap is first-touch UX: users following the unpinned path should see the verified/pinned alternative before trust concerns become a blocker.
Proposed outcome
Make the safer first-mile option visible from the default bootstrap/install journey without making managed-team rollout harder.
Acceptance criteria
- The unpinned Homebrew installer path prints a concise pointer to the pinned URL/SHA-256 alternative, including the required environment variable names.
- README/bootstrap docs show the pinned/verified path near the default bootstrap path rather than only in the policy document.
- Dry-run output remains explicit about whether Base would run the mutable official Homebrew installer or a pinned verified installer.
- Tests cover the new user-facing output so the trust guidance does not drift.
Related review finding: S1 from the 2026-07-02 Base technical/product analysis.
Context
Claude's 2026-07-02 review re-raised the first-mile trust concern: README and install docs still promote
curl -fsSL .../bootstrap.sh | bashas the fast path, while the safer pinned Homebrew installer mode exists but is not prominent in the unpinned path.Current code does log the Homebrew installer trust policy when Homebrew is missing during setup, and docs/remote-installer-policy.md documents the pinned
BASE_HOMEBREW_INSTALLER_URL+BASE_HOMEBREW_INSTALLER_SHA256mode. The remaining gap is first-touch UX: users following the unpinned path should see the verified/pinned alternative before trust concerns become a blocker.Proposed outcome
Make the safer first-mile option visible from the default bootstrap/install journey without making managed-team rollout harder.
Acceptance criteria
Related review finding: S1 from the 2026-07-02 Base technical/product analysis.