IMHO it's more intuitive if env.depends("my-target", "invalid-dep")
causes the build to fail when "invalid-dep" does not exist, rather
than having no effect (i.e. the build still succeeds with no warning).
This will make it more obvious, earlier, if you made a mistake in
an env.depends() call. Otherwise the mistake could sit latent for
a while until you happen to notice that a build used a out-of-date
copy of some file rather than rebuilding it.
I've only added the check for user dependencies, not for direct
sources. Listing a source file that doesn't exist will probably
cause the builder to fail anyway, so I don't think the preliminary
check is needed in that case.
24ed649982