I need the xxd command for a certain application and I currently don't have app-editors/vim installed, so I tried to emerge it but - as per title - there's a circular dependency on dev-libs/libsodium and app-crypt/minisign because of the verify-sig USE flag (that I set globally). The proposed solution is to simply remove verify-sig from libsodium: dev-libs/libsodium-1.0.19_p20240117 (Change USE: -verify-sig) I know I can just follow that solution as a workaround, but it's always better to solve a problem at its roots if possible, so here's this bug report. I copy-pasted the entire Portage output in the section "Actual Results". If you need more info, just ask and I'll provide it. Reproducible: Always Actual Results: # emerge app-editors/vim -DNupv These are the packages that would be merged, in order: Calculating dependencies... done! Dependency resolution took 14.29 s (backtrack: 1/50). [nomerge ] app-editors/vim-9.1.0366::gentoo USE="X acl crypt gpm nls sound -cscope -debug -lua -minimal -perl -python -racket -ruby (-selinux) -tcl -terminal -vim-pager" LUA_SINGLE_TARGET="lua5-1 -lua5-3 -lua5-4 -luajit" PYTHON_SINGLE_TARGET="python3_12 -python3_10 -python3_11" [ebuild N ] app-vim/gentoo-syntax-14::gentoo USE="-ignore-glep31" 21 KiB [ebuild N ] app-editors/vim-9.1.0366::gentoo USE="X acl crypt gpm nls sound -cscope -debug -lua -minimal -perl -python -racket -ruby (-selinux) -tcl -terminal -vim-pager" LUA_SINGLE_TARGET="lua5-1 -lua5-3 -lua5-4 -luajit" PYTHON_SINGLE_TARGET="python3_12 -python3_10 -python3_11" 17,446 KiB [nomerge ] app-editors/vim-9.1.0366::gentoo USE="X acl crypt gpm nls sound -cscope -debug -lua -minimal -perl -python -racket -ruby (-selinux) -tcl -terminal -vim-pager" LUA_SINGLE_TARGET="lua5-1 -lua5-3 -lua5-4 -luajit" PYTHON_SINGLE_TARGET="python3_12 -python3_10 -python3_11" [nomerge ] dev-libs/libsodium-1.0.19_p20240117:0/26::gentoo USE="asm urandom verify-sig -static-libs" ABI_X86="(64) -32 (-x32)" CPU_FLAGS_X86="aes sse4_1" [ebuild N ] app-crypt/minisign-0.11-r1::gentoo 18 KiB [ebuild N ] dev-libs/libsodium-1.0.19_p20240117:0/26::gentoo USE="asm urandom verify-sig -static-libs" ABI_X86="(64) -32 (-x32)" CPU_FLAGS_X86="aes sse4_1" 1,902 KiB Total: 4 packages (4 new), Size of downloads: 19,385 KiB * Error: circular dependencies: (app-crypt/minisign-0.11-r1:0/0::gentoo, ebuild scheduled for merge) depends on (dev-libs/libsodium-1.0.19_p20240117:0/26::gentoo, ebuild scheduled for merge) (buildtime_slot_op) (app-crypt/minisign-0.11-r1:0/0::gentoo, ebuild scheduled for merge) (buildtime) It might be possible to break this cycle by applying the following change: - dev-libs/libsodium-1.0.19_p20240117 (Change USE: -verify-sig) Note that this change can be reverted, once the package has been installed.
I ran into this when installing net-dns/unbound, also with global +verify-sig, causes the same circular dependency between minisign and libsodium.
Yes, it definitely still exists. It's not clear how to prevent it happening. Working around it is easy though.