LLMpediaThe first transparent, open encyclopedia generated by LLMs

Scoop (software)

Generated by GPT-5-mini
Note: This article was automatically generated by a large language model (LLM) from purely parametric knowledge (no retrieval). It may contain inaccuracies or hallucinations. This encyclopedia is part of a research project currently under review.
Article Genealogy
Parent: VirtualBox Hop 5
Expansion Funnel Raw 58 → Dedup 0 → NER 0 → Enqueued 0
1. Extracted58
2. After dedup0 (None)
3. After NER0 ()
4. Enqueued0 ()
Scoop (software)
NameScoop
DeveloperMainsoft
Released2012
Programming languagePowerShell
Operating systemMicrosoft Windows
LicenseMIT License

Scoop (software)

Scoop is a command-line package manager for Microsoft Windows that simplifies software installation, management, and environment setup. Designed to complement tools like Chocolatey (software) and Winget, Scoop emphasizes minimalism, reproducibility, and isolated user-space installation through plain-file manifests and PowerShell-driven operations. Its workflow integrates with PowerShell Gallery, GitHub, and common CI systems such as Jenkins, GitLab CI, and GitHub Actions.

Overview

Scoop provides a user-centric package management model inspired by Homebrew and influenced by Ninite and apt (software) conventions, supporting single-command install, update, and uninstall flows. It stores packages in a user directory to avoid elevated privileges and interoperates with Windows Subsystem for Linux and native PowerShell Core environments. Scoop’s manifest-driven repositories (known as "buckets") leverage GitHub for distribution and community contribution, while its CLI integrates with PowerShell pipelines, enabling automation in contexts like Azure DevOps and Travis CI.

Features

Scoop offers features tailored to developer workflows, including dependency resolution, version pinning, and portable binary extraction. Key capabilities include: - Manifest-based installation using JSON/YAML manifests that declare binaries, checksums, and extraction steps, facilitating reproducible installs across machines and CI runners such as CircleCI and AppVeyor. - Support for multiple "buckets" with curated collections similar to Ubuntu PPAs, enabling overlays for tools like Node.js, Python (programming language), Ruby (programming language), and Go (programming language). - Portable app handling that places executables in isolated directories and manages PATH entries analogous to Homebrew-style shims. - Integration with installers, archive tools, and hash verification utilities, interoperating with 7-Zip, Inno Setup, and NSIS packages common in Windows distributions. - Update channels, rollback mechanisms, and manifest versioning allowing CI/CD pipelines in GitHub Actions or Azure Pipelines to pin or roll back to known-good versions.

Installation and usage

Installation of Scoop is typically a one-line PowerShell bootstrap that clones bucket repositories from GitHub and configures a per-user install root. Common commands include install, uninstall, update, and search, used in conjunction with PowerShell remoting and automation tools such as Ansible and Puppet. Usage patterns mirror those in Homebrew and Chocolatey (software), with manifest editing for custom packages and automated deployment across fleets managed by System Center Configuration Manager or Intune. Scoop’s non-elevated nature enables deployment in enterprise environments governed by Active Directory policies while still working with container-focused tooling like Docker for Windows.

Architecture and components

Scoop’s architecture centers on a lightweight CLI built on PowerShell and a repository model hosted on GitHub or other Git remotes. Core components include: - The CLI client, which implements manifest parsing, download logic, extraction, and symlink/shim creation using native PowerShell cmdlets and Windows APIs exposed by Windows API bindings. - Buckets, which are Git repositories of manifests analogous to Debian packages or RPM (file format) repositories; official and community buckets maintain curated lists for ecosystems such as Visual Studio Code, Git, Docker Desktop, and language runtimes. - Hash and signature verification components that use standards similar to SHA-256 checksums and may incorporate code signing practices found in Microsoft Authenticode. - Integration adapters for archive formats (ZIP, TAR, 7z), installers (NSIS, Inno Setup), and binary relocation, enabling apps like Firefox, VLC media player, and GIMP to be managed through the same system.

Development and community

Development is community-driven with contributions via pull requests on GitHub and collaboration across ecosystems including Stack Overflow, Reddit, and mailing lists. Community-maintained buckets often mirror package collections maintained by projects such as Node.js Foundation, Python Software Foundation, and RubyGems. Continuous integration and testing employ services like AppVeyor and GitHub Actions to validate manifests and artifacts before merges. Governance models vary across buckets, with maintainers drawn from technology communities around Microsoft development tools, open-source projects, and individual contributors.

Security and licensing

Scoop packages rely on artifact checksums and trusted bucket sources to provide integrity guarantees; maintainers recommend verifying hashes and using HTTPS endpoints hosted on GitHub or other secure CDNs. While Scoop itself is distributed under permissive terms such as the MIT License, packaging policies often incorporate community norms for upstream attribution and use of licensed binaries from vendors including Mozilla, Google, and Canonical. Security practices include locked manifests, signature verification where available, and CI checks—approaches similar to those used by Debian and Fedora package maintainers to mitigate supply-chain risks.

Category:Package management systems