It seems that all required pre-compiled wheels to install Certbot on Python 3.9 on Windows are present.
This PR upgrades Windows tests on Python 3.9 and repackages the installer on this version of Python.
This PR upgrades the pinned version of the dependencies. Version `1.9.0` of josepy is used so errors related to JWK serialization with EC keys (see https://github.com/certbot/josepy/issues/109) are fixed for Certbot.
@osirisinferi noticed [in chat](https://opensource.eff.org/eff-open-source/pl/sa85u4n71tywfpc15c1wu59wae) that "NEXT STEPS:" was ignoring `--quiet` and was being printed unconditionally.
I think it ended up being written this way in #8860 because I was trying not to avoid dumping ANSI escapes and newlines into the log file and confused myself in the process.
This change makes things a bit more explicit in separating presentation/message.
* fix 'NEXT STEPS' being printed to stdout during -q
* fix tests
Issuing a certificate with --quiet was crashing during the donation
atexit call because it was trying to use the /dev/null fd after the
displayer context manager had already closed it.
Due to macOS having some complications about Certbot from Homebrew being
in the PATH, the instructions we have in the Automated Renewal section
do not work for them. Instead, send those users to the instruction
generator.
While the previous approach of testing the functionality of snapctl
worked, the snapd developers told us they could not guarantee its
reliability.
---
As with #8955, I tested this on Debian 9, 10 and CentOS 7, 8, Stream.
* Fix some typos (found by codespell)
Signed-off-by: Stefan Weil <sw@weilnetz.de>
* Remove typo fixes for some files which should not be modified
Signed-off-by: Stefan Weil <sw@weilnetz.de>
Fixes https://github.com/certbot/certbot/issues/6844.
This PR does two things:
1. Changes ACMEv1 deprecation warnings from `PendingDeprecationWarning` to `DeprecationWarning`.
2. Changes the ACMEv1 deprecation warnings to be on references to the class themselves. This is the approach taken in https://github.com/certbot/certbot/pull/8989, the PRs linked there, and the `cryptography` code in the code comment. I think this approach warns in more cases and I updated our unit tests to avoid hitting these warnings.
* add ip address support to acme saving
* remove client-site check for ip address
* using right prefix for san parsing
* remove type hint for backward compatibility
* remove bare ip blocking check from main_test
* upppercase
* lint tix
* add additional tests for new IP support
* support for ipv6 bare address
* make apache and nginx plugin raise error for certs with ip address
* linting
* add pem file's last newline char
* gen_ss_cert ip support and comment fixup
* fix test coverage
* indent fix and assetTrue to assetIN
* indent mistake, made a note where class end
* acme lib now receive IPs as separate list
* fix typos
* type 2
* fix tests
* Deny IP address on certbot/certbot side as LE don't support it
* remove excess empty line to rerun tox
* comment indent and typo fix
Apply suggestions from code review
Co-authored-by: Brad Warren <bmw@users.noreply.github.com>
* trim unused functions
* trim unused import
* make raw san list extraction as separate function
* Apply suggestions from code review
mostly comment suggestions here
Co-authored-by: Brad Warren <bmw@users.noreply.github.com>
* apply patches suggested on review.
* remove excessive empty lines
* update CHANGELOG.md
* added acme lib update about ipaddress support in CHANGELOG.md
Co-authored-by: Brad Warren <bmw@users.noreply.github.com>
* Raise separate error when a hostname is being used for `dns_rfc2136_server`
* Explicitly say IP address instead of hostname in docs
* Don't catch ValueError, but actually check the server value
* Add tests
* Add CHANGELOG entry
This PR removes all zope dependencies from plugins configuration.
It also lets Sphinx upgrade to the next major version by removing the plugin dedicated to zope interfaces documentation. As a consequence, the deprecated zope interfaces are not documented anymore.
* Cleanup zope dependencies in plugins and upgrade sphinx
* Update pinnings
As a follow-up to #8971, this PR removes all references to the old Zope interfaces, except the ones used to deprecate them and prepare for their removal.
In the process, some documentation and tests about the `Display` objects are simply removed since they are not relevant anymore given that they are removed from the public API.
* Cleanup some interfaces.IInstaller
* Cleanup IConfig doc
* Allmost complete removal
* Remove useless tests
* Fixes
* More cleanup
* More cleanup
* More cleanup
* Remove a non existent reference
* Better type
* Fix lint
Fixes#8899
This PR removes the pinning upper limit of mypy currently set to <0.900 and adds the required types-* stub packages to make recent versions of mypy work.
* Unpin mypy
* Improve type in TempHandler
* Add types
I want this for #8949.
I think this is quite verbose, but purposefully so as an intervention to try prevent users from hitting this problem. It's more of a "How-To Guide" than a "Reference Guide" (in the lingo of https://documentation.divio.com).
* docs: add "Deleting Certificates" to user guide
* try a less convoluted explanation
about what the installer did in the first place
* add a warning early on: read the full thing
* erica's copy changes
* rewrite as a how-to guide
* rewrite self-signed step 2 for mental model++
* rewrite intro to "safely deleting certificates"
[Snapcraft 5.0](https://forum.snapcraft.io/t/release-notes-snapcraft-5-0/25751) implemented creating build IDs based on the project's contents instead of the directory path in https://github.com/snapcore/snapcraft/pull/3554. This is a feature we initially wanted, but it broke our workaround added in https://github.com/certbot/certbot/pull/8719. Our workaround is broken because now that the build ID is based on the project's contents, copying the project to a temporary directory has no effect.
This PR removes the workaround from https://github.com/certbot/certbot/pull/8719 and instead constructs a random build ID that it provides to snapcraft. This provides us with even more randomness to avoid build ID conflicts while avoiding having to copy the project to a temporary directory before every build.
* improve-remote-build
* use lowercase letters
* BF: apache cfg parsing - relax assumption that value cannot contain =
* Remove failing test_update_runtime_vars_bad_output
* Add test Define statements: with = in value, and an empty value
* update CHANGELOG
Co-authored-by: Alex Zorin <alex@zorin.id.au>
