CVS commit: pkgsrc/security/mozilla-rootcerts-openssl

["Greg Troxel" <gdt%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   gdt
Date:           Sun Sep  3 00:20:04 UTC 2023

Modified Files:
        pkgsrc/security/mozilla-rootcerts-openssl: DESCR

Log Message:
mozilla-rootcerts-openssl: Document longstanding non-dependency policy

This is for manual installation only.  We decided a long time ago that
no other package was allowed to depend on mozilla-rootcerts-openssl,
but apparently never wrote it down.


To generate a diff of this commit:
cvs rdiff -u -r1.4 -r1.5 pkgsrc/security/mozilla-rootcerts-openssl/DESCR

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/security/mozilla-rootcerts-openssl/DESCR
diff -u pkgsrc/security/mozilla-rootcerts-openssl/DESCR:1.4 pkgsrc/security/mozilla-rootcerts-openssl/DESCR:1.5
--- pkgsrc/security/mozilla-rootcerts-openssl/DESCR:1.4 Tue Aug 29 10:08:23 2023
+++ pkgsrc/security/mozilla-rootcerts-openssl/DESCR     Sun Sep  3 00:20:04 2023
@@ -1,6 +1,7 @@
 This package configures the Mozilla rootcerts bundle CAs as trust
 anchors in OpenSSL, so that programs using OpenSSL will be able to use
-them to validate SSL certificates.
+them to validate SSL certificates.  It is for manual installation by
+the system administrator only.
 
 For pkgsrc-provided OpenSSL, this package modifies
 ${PREFIX}/etc/ssl/certs, which belongs to another package.  This is
@@ -17,3 +18,7 @@ See also the mozilla-rootcerts package (
 built-time tool) for placing the Mozilla CA list in the filesystem but
 not configuring it into OpenSSL, as well as a script to aid in manual
 configuration of trust anchors.
+
+It is policy that no other package may depend on
+mozilla-rootcerts-openssl, because any such dependency would modify
+system configuration as a side effect of that other package.