> What has changed between the time that the buildbot built the package and the > time that the user installs it?
The certs in curl-ca-bundle are updated regularly to clear out expired certs. Per the previous discussion, privoxy-pki-bundle uses these certs via a depends_lib, and unless a port revision is added by hand, the port inevitably will contain expired certs. The “solution” appears to be to bump the revision of privoxy-pki-bundle by hand whenever curl-ca-bundle is updated. I’m trying to identify a more automated and robust way of accomplishing that.