Add a way to declare - for both "depends" and "packages" - whether the dependency is public (transitive) or private (non-transitive)
When a dependency in a form of library is a dependency also of a library, there must be some way to specify whether this dependent part (can be a library or package) is to be only internally used by this library, or it extends the API of this library.
Preferred way is to specify the extenders using a different keyword - "depends" should mean that it's only internally required, whereas "extends" means that this library is joined to the API exposed by this exactly library. The "extends" will have effect only on a library.