[Letsencrypt-devel] Bug#861513: Bug#861513: python-certbot: Missing dependency on python-ndg-httpsclient from jessie-backports
Harlan Lieberman-Berg
hlieberman at debian.org
Sun Apr 30 00:19:59 UTC 2017
Hm. Yes, that's true. This is because the python-requests dependency
on python-ndg-httpsclient is only a Recommends, but the part of the
code that certbot depends on (the requests "security" extra) has a
hard dependency.
I'll add a patch to put it in our dependencies for now; because of the
freeze, it'll take several days or longer to make it into
jessie-backports and stretch. I've also opened up a wishlist item
against python-requests to ship something that we can add a Depends on
to help prevent this in the future. (That's bug #861517, if you want
to follow along at home.)
That being said... there's a sense these days that systems which don't
install Recommends' may be subject to breakage. I know a lot of
support channels will simply refuse to help on systems without
recommends enabled, just because of the bizarre behavior that can
result. I agree this case a Depends is certainly the right
designation, but... in general, hic sunt draconis.
Sincerely,
--
Harlan Lieberman-Berg
~hlieberman
More information about the Letsencrypt-devel
mailing list