Chocolatey NuGet is a open source Machine Package Manager, somewhat like apt-get, but built with Windows in mind.
Read Code Magazine article.
CommandsReference
Ranked in these QuestionsQuestion Ranking
Pros
Pro Large number of applications/utilities available
Chocolatey has a massive community package repository of installs (more than 4,000 packages), and its open nature allows everyone to contribute more as needed.
Pro Sieg
Installs silently without crapware.
Pro Easy to use
Just open powershell and type choco install firefox
to install Firefox, or choco install java
to install Java.
Pro Straightforward install process
To install Chocolatey simply copy the text from their site and paste it into either cmd.exe or powershell.
Pro Upgrade all software with one command
choco upgrade all
is like Windows Update for all of your 3rd party software. ... or for the more succinct command use 'cup' !!
Pro Downloaded files are verified by checksums
Chocolatey requires checksums by default for files downloaded over non-secure locations and highly recommends it for HTTPS/SSL locations. It is moving towards requiring checkums by default for downloading from secure locations.
Pro Manages the entire software lifecycle
From install to upgrade to uninstall, Chocolatey manages the whole process.
Pro Scriptable
You can put Chocolatey install commands into your powershell scripts.
Pro Free and open source
It's licensed under Apache License 2.0 with source code available on GitHub.
Pro Decentralized package sources
Packages can be installed from multiple sources, including private sources.
Pro Builds on technologies you know
Unattended installation and PowerShell.
Pro GUI available
There's a package called ChocolateyGUI that can be installed and lets you use Chocolatey with a UI frontend.
Pro Integrates with almost every configuration management / infrastructure automation / RMM tool
Chocolatey integrates with almost every infrastructure automation tool out there.
Pro Support and features available for organizations
There is a business edition available for organizations that need more support. The business edition also includes a Package Synchronizer, Package Internalizer, Package Builder, and a host of other features.
Pro Can be extended with PowerShell
Chocolatey allows installing extension packages that add PowerShell functions to your package automation scripts.
Pro More Selection
It has programs that can't be found in scoop or ninite.
Pro Custom sources
It has ability to add custom sources.
Cons
Con Sometimes hard to know which package to install from community package repository
The community repository contains multiple packages with similar names, making it hard to know which one to install. This is of course only related to using Chocolatey with the community repository, and you can look up the number of downloads to see which are the most widely used.
Con Some package installs aren't good or polished or don't install well
Macrium downloads the online installer, 7-zip doesn't associate files, PotPlayer is outdated, etc.
Con Unable to easily change your install directory in the free version
In the free version you must know the native installer switches and pass them through with install args. In the paid versions you have a ubiquitous install directory option where Chocolatey determines how to properly pass that to the underlying native installer.
Con Buggy
Slow, many packages fail to install, and config can corrupt causing it to not be able to manage packages anymore, leading to a bunch of installed and non-updateable software
Con Incomplete and conflicting package options
Not enough maintenance done to package library so there are different similarly-named or -versioned packages available, some broken and some not.
Con Can not download asynchronously
Con No support for ARM64
Users with Windows on Arm can't install native ARM64 binaries. Apps installed with Chocolatey run slower and need more resources on Windows on Arm because they have to be emulated.
Con Uploading packages can be time consuming
It can take weeks to have a package accepted and with a fair amount of resubmitting for the dev/ maintainer.
Con Doesn't care about supporting the community
They used the community to make it the largest repository of packages. Now that they're the de facto standard package manager, they only care to support those that pay them and refuse to fix problems with popular packages.