If that is what they meant, that's not a good idea.
Choice of h dictates precision (less bias than doing it purely in the real domain, but still .. a nontrivial choice). And also requires your functions to be analytical - which many aren't.
I know the contribution of the higher order imaginary terms are negligible in the result, but dual numbers are the more appropriate choice in this instance correct? since the higher order terms will vanish.
Linux distributions don't depend on running random code from GitHub repositories like Homebrew does, it has package repositories. If those package repositories are compromised, Homebrew isn't going to save you, because you won't be able to trust your system at all at that point.
If you can't trust the software you're installing, it makes much more sense to run it in unprivileged containers or VMs than relying on account-level security. If a malicious package is distributed via Homebrew, it can still do a lot of damage running as your current user, as any data or resource accessible to your user can be exploited or exfiltrated.
Anyone can upload a Homebrew formula to Github that installs a malicious binary via brew.
Debian, for example, has trusted build systems that compile packages for their package repositories, and some packages already have reproducible builds[1].
Package repositories on Linux tend to provide the sources and binaries needed to install software. Homebrew just supplies formulas on GitHub, which only contain instructions on how to fetch and install externally hosted binaries, or instructions on how to fetch and install via externally hosted source code.
Homebrew has build servers that compile pre-built binaries.[1] Most of the common software that people install with it (not considering Casks) comes in this form.
It’s not the case that anyone can upload a malicious formula, either. They do review requests to update formulas.
tldr: f‘(x0)≈Im(f(x0+hi))/h