Hello @fmanco! I have a couple of questions: 1. Is there any ETA to move the development for the experimental branch to a public branch? 2. How are the new dependencies built? Are those scripts public?

Hi, 1. The plan was to release this week but it has been hectic and I couldn't do it yet unfortunately, let's see if I manage tomorrow and sorry for the delay here. 2. Mostly the old formulas and then repacking the output as tar.gz. Some were done ad-hoc. We don't plan to release scripts for this because we're buckifying all the dependencies so you'll be able to do a full build using buck, we miss 16 out of 42 dependencies so this will take a bit more time.

I think it is important to make sure that osquery will always build even if the Facebook repository of dependencies is offline or not reachable (for whatever reason). Is there really no way to have the scripts available in the repository?

There are no scripts besides the formulas which are in the repo. Sure, you'll be able to do it. In fact you'll be able to do it for all platforms which wasn't true before since formulas were only for Linux and MacOS.

There is a specific naming scheme in how dependencies are acquired from the S3 repository, and it's not always the same (example: gtest, or the Python modules like Jinja). Also, it doesn't seem like there is a way to disable the automatic procedure that pulls in the packages. What would be the correct approach, in your opinion, to replace a dependency in case something breaks and we have to rebuild it on our own?

Right now there isn't a good way to do it. You could maintain a mirror of our dependencies and replace your dependencies there maybe, but it's kind of cumbersome. We can work on making this easier though, maybe don't auto-generate the URL and having it on the BUCK file instead similar to what we do for python would do the trick.