Is MacPorts safe as a means of installing a freeware program?

Before you onboard the hassle of maintaining a package manager, and for your photo editing intention, consider the free, precompiled, and directly downloadable GIMP tool. Or spend a few dollars and get Affinity Photo from the Mac App Store.

The issue with package managers is that they expect at minimum, 3GB of storage just for the Apple command line tools for Xcode installation so that they have a compiler to build the installed package, and all of that package's dependencies. The concept of safe isn't so much about the package manager, but with the particular application package that it installs, and whether that package, or its dependencies have unfixed security issues, or you use it in a manner that results in unintended consequences.

I use the homebrew package manager with restraint, and it has never bit me. Some packages, such as ImageMagick are only available as source packages from their developer website and attempting to build ImageMagick with its dozens of dependencies is nearly impossible manually without a package manager.

I have used MacPorts in Mojave - Ventura mainly to install ffmpeg, mkvtoolnix and some related movie apps, tin etc and it has been OK.

I have also briefly tried Homebrew (in an external separate bootable test volume) and it is somewhat more user friendly.

My memo a few years ago when I was deciding which one to use. Correct if some info is outdated:

Homebrew:

+ Does not require to build/install ruby and libraries from scratch.

+ "MacPorts pulls in the whole world" vs "Homebrew makes use of what you already have".

+ Takes over /usr/local which some folks don't like this because it conflicts with the unix-tradition and might cause problems if you’ve already installed anything there.

- Homebrew has less packages.

MacPorts:

-+ Ignores many of the system libraries and softwares that already available in Mac OS X and pull its own one instead. Attempts to install its own copies of any libraries or applications and this can make installing even minor packages take a decently long time. As an example, if a port requires Python 2.7.x, Homebrew will try to make it work with the version of Python that is already installed on your Mac while MacPorts will make a separate installation of the exact version of Python required by the port, even if it's similar to what is already there.

+ MacPorts has excellent support for legacy versions of macOS. Homebrew only supports the OS's that are currently supported by Apple, which usually means the last three releases.

+ MacPorts installs everything to a system directory /opt/local and you must be an administrator to manage MacPorts.

If you are porting everyday Unix tools to your Mac and care more about it "just working" and ease of integration, go with Homebrew. If you are porting things that require precise versioning of supporting software for performance or reliability reasons, you will likely have better results with MacPorts.

https://apple.stackexchange.com/questions/32724/what-are-pros-and-cons-for-macports-fink-and-homebrew

https://www.quora.com/Should-I-use-Fink-MacPorts-Homebrew-or-something-else-for-MacOS-package-management-Which-are-most-popular-currently-Are-there-any-newer-players-worth-preferring-such-as-Rudix

http://terrychay.com/article/macports-vs-homebrew.shtml

https://saagarjha.com/blog/2019/04/26/thoughts-on-macos-package-managers/

Homebrew will automatically install Apple's Command Line Tools for Xcode if Xcode or the preceding tools are missing. It will install its own Ruby interpreter, though one can install the current Ruby as a package. On Apple Silicon Macs, homebrew uses /opt/homebrew/* instead of /usr/local/* on Intel Macs. If linked Python binaries are in /usr/local/bin on an Intel platform due to a Python.org installation, homebrew will not install a Python package as a replacement.

You are welcome.