I like using Mac OSX for development. I find it a clean OS to work with and it fits all of my needs. However, I don't want to use Homebrew to manage my dependencies. Homebrew is not an official package manager for Mac, and I've heard that it can possibly break Python installations.
I do not like package managers breaking my stuff, so I don't really want to install ye olde homebrew, despite how popular it is.
So I don't know if all of GNU software is hosted for download at this website, but it seems plenty of packages are: GNU Source Software Index. I enjoy installing things from source. I think it helps open up your eyes to exactly how many dependencies there are between lots of different software components.
So, the first thing to do is install the xcode build tools which you can do
by running the following command xcode-select --install if I'm not mistaken.
You'll have to forgive me if I'm wrong. It's been awhile.
Next, you'll want to download the gpg suite here GPG Suite. Don't worry about installing it for your emails or whatever, we're more interested in the command line utilities.
After that download and installation, it's time to download some software source packages. Go to the GNU Source Software Index and find the package you want to install, like readline. Find the version you want and download the .tar.gz and the .tar.gz.sig versions of the download. Why .gz? Because my os doesn't ship with xz.
In my experience, my Mac will graciously strip the .gz for me, because it's just sooo helpful, but then I can't verify the signature. So what I have to do is right click on the link (or two finger click for trackpad only users), click the "Download Linked File As..." option, decide where I want to save the files, and download them there.
Now, we have a .tar.gz and .tar.gz.sig of our readline source distribution, and we want to verify that the bundle hasn't been tampered with. To do that we'll use the gpg tools we installed earlier to check the bundle. However, we need to import the gnu keyring before we do so, in order to verify the contents of the download.
The gnu-keyring can be found here. For the astute observer, you'll also find it's actually listed in the GNU Source Software Index. Should we trust the key ring we downloaded from the same site that we downloaded a source distribution of software that we now seek to verify? Sure, why not?
After you download the key ring, navigate to where you downloaded it with the
terminal and run gpg --import gnu-keyring.gpg.
Now, navigate back to the place where you downloaded readline. To verify the
signature of the download, you can run
gpg --verify <READLINE DOWNLOAD>.tar.gz.sig <READLINE DOWNLOAD>.tar.gz. I
parameterized the command since there are multiple versions that you can
download. Hopefully, you should see some output indicating signature
verification success to the tune of something like:
% gpg --verify readline-8.2.tar.gz.sig readline-8.2.tar.gz
gpg: Signature made Mon Sep 26 07:59:40 2022 CDT
gpg: using DSA key 7C0135FB088AAF6C66C650B9BB5869F064EA74AB
gpg: Good signature from "Chet Ramey <chet@cwru.edu>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 7C01 35FB 088A AF6C 66C6 50B9 BB58 69F0 64EA 74AB
Now, we can unzip and extract the readline bundle with:
gunzip <READLINE DOWNLOAD>.tar.gz && tar -xvf <READLINE DOWNLOAD>.tar.
You should now be able to cd into the new readline directory. From here
(being no make expert), you should be able to run
./configure && make && sudo make install. Depending on whether you want to
install at a system wide location or somewhere different, read the make manual.
If you find that the output yells at you saying it doesn't have some dependency, my advice would be to look that dependency up and install it. Then try again until the install output stops yelling.
I recently started trying learn clojure (the programming language). My
background in Python has taught me to love a good REPL (read-eval-print-loop).
I tried to use the clojure REPL via clj. However, it complained and said it
needed an rlwrap dependency. Trying to install the rlwrap dependency led me
down the road of having to install autoconf, automake, m4, and
readline.
Instead of saying, "I'll remember this the next time I face this problem", I wanted to document this journey for at least future me and maybe possibly present you.