Re: Package and port dependencies

On 12/11/24 02:46, Johan Helsingius wrote:
> Hi all,
> 
> On my server that is running 14.2, the daily security run output
> has a couple of complaints:
> 
> Checking for packages with security vulnerabilities:
> Database fetched: 2024-12-11T02:45+01:00
> db5-5.3.28_9: Tag: expiration_date Value: 2022-06-30
> db5-5.3.28_9: Tag: deprecated Value: EOLd, potential security issues, 
> maybe use db18 instead
> dialog4ports-0.1.6_2: Tag: deprecated Value: Consider using ports-mgmt/ 
> portconfig which is a dropin replacement
> pcre-8.45_4: Tag: deprecated Value: EOLed by upstream, use devel/pcre2 
> instead
> 
> I would love to just remove those, but I wonder if something needs them.
> Is there any easy way to check if any ports or packages depend on
> those packages?

If you don't run a delete with -y then you should see the packages 
depending on it also listed for removal and -n will automatically say no 
but still give that output. If you build anything from the ports tree, 
build dependencies won't show for such an uninstall but they should have 
been marked for automatic removal anyway. If you try to delete more than 
one at a time, you will not be told which one(s) are the cause of such 
recursive removal but will still be told what would be removed; becomes 
tedious if you have to run it 20+ times instead of just 3 separate times 
to find out which ones are causing an uninstall.

>      Julf
> 
>