diff --git a/components/bootloader_support/include/esp_flash_encrypt.h b/components/bootloader_support/include/esp_flash_encrypt.h
index 403db028de..9a5ca9ea23 100644
--- a/components/bootloader_support/include/esp_flash_encrypt.h
+++ b/components/bootloader_support/include/esp_flash_encrypt.h
@@ -14,11 +14,6 @@
 #include "hal/efuse_ll.h"
 #include "sdkconfig.h"
 
-#ifdef CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH
-#include "esp_efuse.h"
-#include "esp_efuse_table.h"
-#endif
-
 #ifdef __cplusplus
 extern "C" {
 #endif
@@ -44,28 +39,7 @@ typedef enum {
  *
  * @return true if flash encryption is enabled.
  */
-static inline /** @cond */ IRAM_ATTR /** @endcond */ bool esp_flash_encryption_enabled(void)
-{
-    uint32_t flash_crypt_cnt = 0;
-#ifndef CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH
-    flash_crypt_cnt = efuse_ll_get_flash_crypt_cnt();
-#else
-#if CONFIG_IDF_TARGET_ESP32
-    esp_efuse_read_field_blob(ESP_EFUSE_FLASH_CRYPT_CNT, &flash_crypt_cnt, ESP_EFUSE_FLASH_CRYPT_CNT[0]->bit_count);
-#else
-    esp_efuse_read_field_blob(ESP_EFUSE_SPI_BOOT_CRYPT_CNT, &flash_crypt_cnt, ESP_EFUSE_SPI_BOOT_CRYPT_CNT[0]->bit_count);
-#endif
-#endif
-    /* __builtin_parity is in flash, so we calculate parity inline */
-    bool enabled = false;
-    while (flash_crypt_cnt) {
-        if (flash_crypt_cnt & 1) {
-            enabled = !enabled;
-        }
-        flash_crypt_cnt >>= 1;
-    }
-    return enabled;
-}
+bool esp_flash_encryption_enabled(void);
 
 /* @brief Update on-device flash encryption
  *
diff --git a/components/bootloader_support/src/flash_encrypt.c b/components/bootloader_support/src/flash_encrypt.c
index 9b1b1287de..409823dc17 100644
--- a/components/bootloader_support/src/flash_encrypt.c
+++ b/components/bootloader_support/src/flash_encrypt.c
@@ -32,7 +32,7 @@ void esp_flash_encryption_init_checks()
         ESP_LOGE(TAG, "Flash encryption eFuse bit was not enabled in bootloader but CONFIG_SECURE_FLASH_ENC_ENABLED is on");
         abort();
     }
-#endif
+#endif // CONFIG_SECURE_FLASH_CHECK_ENC_EN_IN_APP
 
     // First check is: if Release mode flash encryption & secure boot are enabled then
     // FLASH_CRYPT_CNT *must* be write protected. This will have happened automatically
@@ -65,12 +65,42 @@ void esp_flash_encryption_init_checks()
         ESP_LOGE(TAG, "Mismatch found in security options in bootloader menuconfig and efuse settings. Device is not secure.");
 #else
         ESP_LOGW(TAG, "Flash encryption mode is DEVELOPMENT (not secure)");
-#endif
+#endif // CONFIG_SECURE_FLASH_ENCRYPTION_MODE_RELEASE
     } else if (mode == ESP_FLASH_ENC_MODE_RELEASE) {
         ESP_LOGI(TAG, "Flash encryption mode is RELEASE");
     }
 }
+#endif // BOOTLOADER_BUILD
+
+/**
+ * This former inlined function must not be defined in the header file anymore.
+ * As it depends on efuse component, any use of it outside of `bootloader_support`,
+ * would require the caller component to include `efuse` as part of its `REQUIRES` or
+ * `PRIV_REQUIRES` entries.
+ * Attribute IRAM_ATTR must be specified for the app build.
+ */
+bool IRAM_ATTR esp_flash_encryption_enabled(void)
+{
+    uint32_t flash_crypt_cnt = 0;
+#ifndef CONFIG_EFUSE_VIRTUAL_KEEP_IN_FLASH
+    flash_crypt_cnt = efuse_ll_get_flash_crypt_cnt();
+#else
+#if CONFIG_IDF_TARGET_ESP32
+    esp_efuse_read_field_blob(ESP_EFUSE_FLASH_CRYPT_CNT, &flash_crypt_cnt, ESP_EFUSE_FLASH_CRYPT_CNT[0]->bit_count);
+#else
+    esp_efuse_read_field_blob(ESP_EFUSE_SPI_BOOT_CRYPT_CNT, &flash_crypt_cnt, ESP_EFUSE_SPI_BOOT_CRYPT_CNT[0]->bit_count);
 #endif
+#endif
+    /* __builtin_parity is in flash, so we calculate parity inline */
+    bool enabled = false;
+    while (flash_crypt_cnt) {
+        if (flash_crypt_cnt & 1) {
+            enabled = !enabled;
+        }
+        flash_crypt_cnt >>= 1;
+    }
+    return enabled;
+}
 
 void esp_flash_write_protect_crypt_cnt(void)
 {
diff --git a/components/esp32/CMakeLists.txt b/components/esp32/CMakeLists.txt
index fb254f6d8c..1bede95f22 100644
--- a/components/esp32/CMakeLists.txt
+++ b/components/esp32/CMakeLists.txt
@@ -6,7 +6,7 @@ endif()
 if(NOT BOOTLOADER_BUILD)
     # [refactor-todo] propagate these requirements for compatibility
     # remove in the future
-    set(legacy_reqs efuse soc)
+    set(legacy_reqs soc)
 endif()
 
 idf_component_register(REQUIRES xtensa "${legacy_reqs}"
diff --git a/components/esp32c2/CMakeLists.txt b/components/esp32c2/CMakeLists.txt
index 4236124d69..f082e84edd 100644
--- a/components/esp32c2/CMakeLists.txt
+++ b/components/esp32c2/CMakeLists.txt
@@ -6,7 +6,7 @@ endif()
 if(NOT BOOTLOADER_BUILD)
     # [refactor-todo] propagate these requirements for compatibility
     # remove in the future
-    set(legacy_reqs efuse soc)
+    set(legacy_reqs soc)
 endif()
 
 idf_component_register(REQUIRES riscv "${legacy_reqs}"
diff --git a/components/esp32c3/CMakeLists.txt b/components/esp32c3/CMakeLists.txt
index 83cb87cdca..bb327c4d89 100644
--- a/components/esp32c3/CMakeLists.txt
+++ b/components/esp32c3/CMakeLists.txt
@@ -6,7 +6,7 @@ endif()
 if(NOT BOOTLOADER_BUILD)
     # [refactor-todo] propagate these requirements for compatibility
     # remove in the future
-    set(legacy_reqs efuse soc)
+    set(legacy_reqs soc)
 endif()
 
 idf_component_register(REQUIRES riscv "${legacy_reqs}"
diff --git a/components/esp32h2/CMakeLists.txt b/components/esp32h2/CMakeLists.txt
index 40192457cc..14103a5e51 100644
--- a/components/esp32h2/CMakeLists.txt
+++ b/components/esp32h2/CMakeLists.txt
@@ -6,7 +6,7 @@ endif()
 if(NOT BOOTLOADER_BUILD)
     # [refactor-todo] propagate these requirements for compatibility
     # remove in the future
-    set(legacy_reqs efuse soc)
+    set(legacy_reqs soc)
 endif()
 
 idf_component_register(REQUIRES riscv "${legacy_reqs}"
diff --git a/components/esp32s2/CMakeLists.txt b/components/esp32s2/CMakeLists.txt
index 4c51299002..b42c50b321 100644
--- a/components/esp32s2/CMakeLists.txt
+++ b/components/esp32s2/CMakeLists.txt
@@ -6,7 +6,7 @@ endif()
 if(NOT BOOTLOADER_BUILD)
     # [refactor-todo] propagate these requirements for compatibility
     # remove in the future
-    set(legacy_reqs efuse soc)
+    set(legacy_reqs soc)
 endif()
 
 idf_component_register(REQUIRES xtensa "${legacy_reqs}"
diff --git a/components/esp32s3/CMakeLists.txt b/components/esp32s3/CMakeLists.txt
index 6bbed41684..f6f392a371 100644
--- a/components/esp32s3/CMakeLists.txt
+++ b/components/esp32s3/CMakeLists.txt
@@ -6,7 +6,7 @@ endif()
 if(NOT BOOTLOADER_BUILD)
     # [refactor-todo] propagate these requirements for compatibility
     # remove in the future
-    set(legacy_reqs efuse soc)
+    set(legacy_reqs soc)
 endif()
 
 idf_component_register(REQUIRES xtensa "${legacy_reqs}"
diff --git a/components/esp_phy/CMakeLists.txt b/components/esp_phy/CMakeLists.txt
index 25b776b86c..a38fd9743d 100644
--- a/components/esp_phy/CMakeLists.txt
+++ b/components/esp_phy/CMakeLists.txt
@@ -31,14 +31,14 @@ endif()
 if(CONFIG_ESP_PHY_MULTIPLE_INIT_DATA_BIN_EMBED)
     idf_component_register(SRCS "${srcs}"
                         INCLUDE_DIRS "include" "${idf_target}/include"
-                        PRIV_REQUIRES nvs_flash
+                        PRIV_REQUIRES nvs_flash efuse
                         LDFRAGMENTS "${ldfragments}"
                         EMBED_FILES "${build_dir}/phy_multiple_init_data.bin"
                         )
 else()
     idf_component_register(SRCS "${srcs}"
                         INCLUDE_DIRS "include" "${idf_target}/include"
-                        PRIV_REQUIRES nvs_flash
+                        PRIV_REQUIRES nvs_flash efuse
                         LDFRAGMENTS "${ldfragments}"
                         )
 endif()
diff --git a/docs/en/migration-guides/build-system.rst b/docs/en/migration-guides/build-system.rst
index c1c780d23d..9d054ddd25 100644
--- a/docs/en/migration-guides/build-system.rst
+++ b/docs/en/migration-guides/build-system.rst
@@ -11,7 +11,7 @@ Update fragment file grammar
 
 Please follow the :ref:`migrate linker script fragment files grammar<ldgen-migrate-lf-grammar>` chapter for migrating v3.x grammar to the new one.
 
-Dependency on driver component shall be explicit
-------------------------------------------------
+Component dependencies that shall be explicit
+---------------------------------------------
 
-In previous versions of ESP-IDF, target components (``components/esp32*``) had a dependency on ``driver`` component. Since target components were part of common requirements (:ref:`more info about common requirements <component-common-requirements>`), all components in the project implicitly had a dependency on ``driver`` component. Now that the dependency of target components on ``driver`` has been removed, every component which depends on ``driver`` has to declare this dependency explicitly. This can be done by adding ``REQUIRES driver`` or ``PRIV_REQUIRES driver`` in ``idf_component_register`` call inside component's ``CMakeLists.txt``. See :ref:`Component Requirements` for more information on specifying component requirements.
+In previous versions of ESP-IDF, target components (``components/esp32*``) had a dependency on ``driver`` and ``efuse`` components. Since target components were part of common requirements (:ref:`more info about common requirements <component-common-requirements>`), all components in the project implicitly had a dependency on ``driver`` and ``efuse``. Now that the dependency of target components on these components has been removed, every component depending on ``driver`` or ``efuse`` has to declare this dependency explicitly. This can be done by adding ``REQUIRES <component_name>`` or ``PRIV_REQUIRES <component_name>`` in ``idf_component_register`` call inside component's ``CMakeLists.txt``. See :ref:`Component Requirements` for more information on specifying requirements.