Updated information about mandatory dependencies.

- Leverage relative paths in links

Author: eduar-hte

README.md

@@ -21,7 +21,7 @@ capability to load/interpret rules written in the ModSecurity SecRules format
 and apply them to HTTP content provided by your application via Connectors.
 
 If you are looking for ModSecurity for Apache (aka ModSecurity v2.x), it is still under maintenance and available:
-[here](https://github.com/owasp-modsecurity/ModSecurity/tree/v2/master).
+[here](../../tree/v2/master).
 
 ### What is the difference between this project and the old ModSecurity (v2.x.x)?
 
@@ -37,7 +37,7 @@ As a result of this goal we have rearchitected Libmodsecurity such that it is no
 
 ### It is no longer just a module.
 
-The 'ModSecurity' branch no longer contains the traditional module logic (for Nginx, Apache, and IIS) that has traditionally been packaged all together. Instead, this branch only contains the library portion (libmodsecurity) for this project. This library is consumed by what we have termed 'Connectors' these connectors will interface with your webserver and provide the library with a common format that it understands. Each of these connectors is maintained as a separate GitHub project. For instance, the Nginx connector is supplied by the ModSecurity-nginx project (https://github.com/owasp-modsecurity/ModSecurity-nginx).
+The 'ModSecurity' branch no longer contains the traditional module logic (for Nginx, Apache, and IIS) that has traditionally been packaged all together. Instead, this branch only contains the library portion (libmodsecurity) for this project. This library is consumed by what we have termed 'Connectors' these connectors will interface with your webserver and provide the library with a common format that it understands. Each of these connectors is maintained as a separate GitHub project. For instance, the Nginx connector is supplied by the ModSecurity-nginx project (../../../ModSecurity-nginx).
 
 Keeping these connectors separated allows each project to have different release cycles, issues and development trees. Additionally, it means that when you install ModSecurity v3 you only get exactly what you need, no extras you won't be using.
 
@@ -53,8 +53,6 @@ regression tests. These test utilities are located under the subfolder ‘tests
 
 As a dynamic library, don’t forget that libmodsecurity must be installed to a location (folder) where you OS will be looking for dynamic libraries.
 
-
-
 ### Unix (Linux, MacOS, FreeBSD, …)
 
 On unix the project uses autotools to help the compilation process.
@@ -67,23 +65,33 @@ $ sudo make install
 ```
 
 Details on distribution specific builds can be found in our Wiki:
-[Compilation Recipes](https://github.com/owasp-modsecurity/ModSecurity/wiki/Compilation-recipes)
+[Compilation Recipes](../../wiki/Compilation-recipes)
 
 ### Windows
 
 Windows build information can be found [here](build/win32/README.md).
 
 ## Dependencies
 
-This library is written in C++ using the C++17 standards. It also uses Flex
-and Yacc to produce the “Sec Rules Language” parser. Other, mandatory dependencies include YAJL, as ModSecurity uses JSON for producing logs and its testing framework, libpcre (not yet mandatory) for processing regular expressions in SecRules, and libXML2 (not yet mandatory) which is used for parsing XML requests.
+This library is written in C++ using the C++17 standard.
+
+The following dependencies are used to build libModSecurity:
+
+ * Flex and Yacc to produce the “Sec Rules Language” parser.
+ * YAJL, as ModSecurity uses JSON for producing logs and its testing framework.
+ * PCRE or PCRE2 for processing regular expressions in SecRules.
+ * libinjection for the operators [@detectXSS](../../wiki/Reference-Manual-(v3.x)#detectxss) and [@detectSQL](../../wiki/Reference-Manual-(v3.x)#detectsqli).
+ * Mbed TLS for basic encoding/hashing functions (base64, md5 & sha1).
 
-All others dependencies are related to operators specified within SecRules or configuration directives and may not be required for compilation. A short list of such dependencies is as follows:
+All others dependencies are related to operators specified within SecRules or configuration directives and may not be required for compilation. If those libraries are missing ModSecurity will be compiled without the support for the associated operator or configuration directive.
 
-* libinjection is needed for the operator @detectXSS and @detectSQL
-* curl is needed for the directive SecRemoteRules.
+A short list of such dependencies is as follows:
 
-If those libraries are missing ModSecurity will be compiled without the support for the operator @detectXSS and the configuration directive SecRemoteRules.
+ * libXML2 which for parsing XML requests.
+ * curl is needed for the directive [SecRemoteRules](../../wiki/Reference-Manual-(v3.x)#user-content-SecRemoteRules).
+ * LUA is needed for the directive [SecRuleScript](../../wiki/Reference-Manual-(v3.x)#secrulescript).
+ * GeoIP/MaxMind to perform geolocation lookups using operator [geoLookup](../../wiki/Reference-Manual-(v3.x)%29#geolookup)
+ * ssdeep is needed for the operator [fuzzyHash](../../wiki/Reference-Manual-(v3.x)%29#fuzzyhash).
 
 # Library documentation
 
@@ -273,4 +281,4 @@ if there is anything we can do to facilitate your work as a packager.
 
 ## Sponsor Note
 
-Development of ModSecurity is sponsored by Trustwave. Sponsorship will end July 1, 2024. Additional information can be found here https://www.trustwave.com/en-us/resources/security-resources/software-updates/end-of-sale-and-trustwave-support-for-modsecurity-web-application-firewall/
+Development of ModSecurity is sponsored by Trustwave. Sponsorship will end July 1, 2024. Additional information can be found [here](https://www.trustwave.com/en-us/resources/security-resources/software-updates/end-of-sale-and-trustwave-support-for-modsecurity-web-application-firewall/).