Guaranteeing dependency enforcement in software updates