Discovering dependencies with strace is not reliable. You would also need to check code coverage of the strace'd run to know if you have anything resembling a reliable set of dependencies. Even if you have 100% code coverage (and few *small* programs can claim that) obscure data-dependent or time-dependent code paths may still be hidden.
The alternative is probably something vaguely like static analysis of the code. Static analysis is notoriously complicated and often produces a flood of false-positives though.
So my guess is we'll still have humans involved in dependency generation and maintenance for quite some time -- even with use of tools like strace :).