Hm. Yes, that's true. This is because the python-requests dependency on python-ndg-httpsclient is only a Recommends, but the part of the code that certbot depends on (the requests "security" extra) has a hard dependency.
I'll add a patch to put it in our dependencies for now; because of the freeze, it'll take several days or longer to make it into jessie-backports and stretch. I've also opened up a wishlist item against python-requests to ship something that we can add a Depends on to help prevent this in the future. (That's bug #861517, if you want to follow along at home.) That being said... there's a sense these days that systems which don't install Recommends' may be subject to breakage. I know a lot of support channels will simply refuse to help on systems without recommends enabled, just because of the bizarre behavior that can result. I agree this case a Depends is certainly the right designation, but... in general, hic sunt draconis. Sincerely, -- Harlan Lieberman-Berg ~hlieberman _______________________________________________ Letsencrypt-devel mailing list Letsencrypt-devel@lists.alioth.debian.org https://lists.alioth.debian.org/mailman/listinfo/letsencrypt-devel
