Todd Vierling wrote:
> On Thu, 23 Mar 2006, Johnny Lam wrote:
>>
>>If this is the case, I would rather we rename the variables to prevent any
>>further confusion for developers or users:
>>
>>	BUILDLINK_DEPENDS.*	-> BUILDLINK_API_DEPENDS.*
>>	BUILDLINK_RECOMMENDED.*	-> BUILDLINK_ABI_DEPENDS.*
> 
> 
> If this is done, we may want a third one (BUILDLINK_SECURITY_DEPENDS?),
> because that's the other reason for using RECOMMENDED today.  Otherwise I'm
> happy with this, because it does reflect the usage of these variables.

I don't think having a "security" depends is a good idea, and I would 
rather see the practice of bumping dependencies for security-related 
reasons go away.  We should manage security-related issues externally 
instead of shoehorning them into a package dependency graph.

	Cheers,

	-- Johnny Lam <jlam@pkgsrc.org>