| Summary: | security/p5-Crypt-SSLeay dependency to p5-LWP-Protocol-https | ||
|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Gert Doering <gert> |
| Component: | Individual Port(s) | Assignee: | freebsd-perl (Nobody) <perl> |
| Status: | New --- | ||
| Severity: | Affects Some People | Flags: | bugzilla:
maintainer-feedback?
(perl) |
| Priority: | --- | ||
| Version: | Latest | ||
| Hardware: | Any | ||
| OS: | Any | ||
Hi, upgrading ports/pkgs, and noted this: New packages to be INSTALLED: p5-Authen-NTLM: 1.09_1 p5-Crypt-SSLeay: 0.72_3 p5-File-Listing: 6.14 p5-HTTP-Cookies: 6.10 p5-HTTP-Negotiate: 6.01_1 p5-LWP-Protocol-https: 6.10 p5-Net-HTTP: 6.21 p5-Try-Tiny: 0.30 p5-WWW-RobotRules: 6.02_1 p5-libwww: 6.54 Installed packages to be UPGRADED: p5-DBD-mysql: 4.050 -> 4.050_1 so, upgrading p5-DBD-mysql brings in 10 new packages that are not needed otherwise on the system. I try to keep my systems as clean as possible, so if this happens I try to find out why. The change in p5-DBD-mysql is to enable SSL by default, which activates a dependency to p5-Crypt-SSLeay - so far, ok. Now, why does the rest happen? p5-Crypt-SSLeay has BUILD_DEPENDS= p5-LWP-Protocol-https>=6.02:www/p5-LWP-Protocol-https \ p5-Path-Class>=0.26:devel/p5-Path-Class \ p5-Try-Tiny>=0.19:lang/p5-Try-Tiny RUN_DEPENDS= p5-LWP-Protocol-https>=6.02:www/p5-LWP-Protocol-https which I find surprising - p5-Crypt-SSLeay used to be a dependency of LWP::Protocol::https, not "the other way round". I tried to find a reason in the code ("grep -R ^use work") but as far as I could see it only mentions LWP::UserAgent in the documentation, and even mentions that one does not need Crypt::SSLeay anymore(!) to get https support in LWP - because it was unbundled to LWP::Protocol::https (as a replacement, not dependency). I tried to remove the DEPENDS setting, and it seems to build and test same way as with the dependency... Long story short - can you please check whether this BUILD_DEPENDS/RUN_DEPENDS to p5-LWP-Protocol-https is needed anymore? thanks