From 1e2c3894d7fd4ff7d5bc68c75d9c2deaaa159727333f277b03b18be797d19f78 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mark=C3=A9ta=20Machov=C3=A1?= Date: Tue, 12 Aug 2025 15:58:21 +0000 Subject: [PATCH] - Update to 4.2.0 * Added --eab-hmac-alg parameter to support custom HMAC algorithm for External Account Binding. * Catches and ignores errors during the directory fetch for ARI checking so that these errors do not hinder the actual certificate issuance. * Removed the dependency on pytz * Support for Python 3.9 was deprecated and will be removed in our next planned release. * The Certbot snap no longer sets the environment variable PYTHONPATH stopping it from picking up Python files in the current directory and polluting the environment for Certbot hooks written in Python. * Previously, we claimed to set FAILED_DOMAINS and RENEWED_DOMAINS env variables for use by post-hooks when certificate renewals fail, but we were not actually setting them. Now, we are. * Certbot now always uses the server value from the renewal configuration file for ARI checks instead of the server value from the current invocation of Certbot. This helps prevent ARI requests from going to the wrong server if the user changes CAs. - Make the libalternatives transition conditional OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:certbot/python-certbot?expand=0&rev=138 --- certbot-4.1.1.tar.gz | 3 --- certbot-4.2.0.tar.gz | 3 +++ python-certbot.changes | 23 +++++++++++++++++++++++ python-certbot.spec | 23 ++++++++++++++++++----- 4 files changed, 44 insertions(+), 8 deletions(-) delete mode 100644 certbot-4.1.1.tar.gz create mode 100644 certbot-4.2.0.tar.gz diff --git a/certbot-4.1.1.tar.gz b/certbot-4.1.1.tar.gz deleted file mode 100644 index 0602c19..0000000 --- a/certbot-4.1.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d1fdde3174bcf1d68f7a8dca070341acec28b78ef92ad2dd18b8d49959e96779 -size 441624 diff --git a/certbot-4.2.0.tar.gz b/certbot-4.2.0.tar.gz new file mode 100644 index 0000000..9937f74 --- /dev/null +++ b/certbot-4.2.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:fb1e56ca8a072bec49ac0c7b5390a29cbf68c2c05f712259a9b3491de041c27b +size 442984 diff --git a/python-certbot.changes b/python-certbot.changes index d47bac0..b70ddb0 100644 --- a/python-certbot.changes +++ b/python-certbot.changes @@ -1,3 +1,26 @@ +------------------------------------------------------------------- +Tue Aug 12 15:53:44 UTC 2025 - Markéta Machová + +- Update to 4.2.0 + * Added --eab-hmac-alg parameter to support custom HMAC algorithm for + External Account Binding. + * Catches and ignores errors during the directory fetch for ARI checking + so that these errors do not hinder the actual certificate issuance. + * Removed the dependency on pytz + * Support for Python 3.9 was deprecated and will be removed in our next + planned release. + * The Certbot snap no longer sets the environment variable PYTHONPATH + stopping it from picking up Python files in the current directory + and polluting the environment for Certbot hooks written in Python. + * Previously, we claimed to set FAILED_DOMAINS and RENEWED_DOMAINS env + variables for use by post-hooks when certificate renewals fail, but + we were not actually setting them. Now, we are. + * Certbot now always uses the server value from the renewal configuration + file for ARI checks instead of the server value from the current + invocation of Certbot. This helps prevent ARI requests from going to the + wrong server if the user changes CAs. +- Make the libalternatives transition conditional + ------------------------------------------------------------------- Wed Jun 25 12:10:30 UTC 2025 - Markéta Machová diff --git a/python-certbot.spec b/python-certbot.spec index 8b9ec13..da61d8c 100644 --- a/python-certbot.spec +++ b/python-certbot.spec @@ -16,10 +16,14 @@ # +%if 0%{?suse_version} > 1500 %bcond_without libalternatives +%else +%bcond_with libalternatives +%endif %{?sle15_python_module_pythons} Name: python-certbot -Version: 4.1.1 +Version: 4.2.0 Release: 0 Summary: ACME client License: Apache-2.0 @@ -35,12 +39,9 @@ BuildRequires: %{python_module parsedatetime >= 2.4} BuildRequires: %{python_module pip} BuildRequires: %{python_module pyRFC3339} BuildRequires: %{python_module pytest} -BuildRequires: %{python_module pytz >= 2019.3} BuildRequires: %{python_module setuptools >= 41.6.0} -BuildRequires: alts BuildRequires: fdupes BuildRequires: python-rpm-macros -Requires: alts Requires: python-acme >= %{version} Requires: python-configargparse >= 1.5.3 Requires: python-configobj >= 5.0.6 @@ -49,9 +50,15 @@ Requires: python-distro >= 1.0.1 Requires: python-josepy >= 2.0.0 Requires: python-parsedatetime >= 2.4 Requires: python-pyRFC3339 -Requires: python-pytz >= 2019.3 Provides: certbot = %{version} Obsoletes: certbot < %{version} +%if %{with libalternatives} +BuildRequires: alts +Requires: alts +%else +Requires(post): update-alternatives +Requires(postun): update-alternatives +%endif BuildArch: noarch %python_subpackages @@ -77,6 +84,12 @@ to lower the barriers to entry for encrypting all HTTP traffic on the internet. %pre %python_libalternatives_reset_alternative certbot +%post +%python_install_alternative certbot + +%postun +%python_uninstall_alternative certbot + %files %{python_files} %license LICENSE.txt %doc README.rst