On 01/12/2019 02:15, Steven Penny wrote: > Here is a dependency chain: >> 1. curl > 2. libcurl4 > 3. libopenldap2_4_2 > 4. libsasl2_3 > 5. libopenssl100 >> I have two issues with this. First, "libopenssl100" is obsolete: >> @ libopenssl100 > sdesc: "Obsoleted by libssl1.0" >> David, can this be resolved? Second, while looking at "libopenssl100" I noticed > another issue: >> @ libopenssl100 > requires: libssl1.0 > depends2: >> My understanding is that "depends2" is the proper dependency endpoint, and that > "requires" is only kept for legacy parsers. Yaakov, can you advise? This understanding is correct, but incomplete. If you look at libssl1.0, you will see it has: > @ libssl1.0 > obsoletes: libopenssl100 We don't depends2: on something which obsoletes:, as that can lead to a solver conflict (See [1]). [1] https://cygwin.com/git/gitweb.cgi?p=cygwin-apps/calm.git;a=commitdiff;h=d75abceedb46749982669236c5c102796a1fbfb1;hp=f92ad1d5c292ed54e7a62f5c52280efab8267f37 -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple