Log message:
py-acme py-certbot*: updated to 1.23.0

Certbot 1.23.0

Added

Added show_account subcommand, which will fetch the account information
from the ACME server and show the account details (account URL and, if
applicable, email address or addresses)
We deprecated support for Python 3.6 in Certbot and its ACME library.
Support for Python 3.6 will be removed in the next major release of Certbot.

Fixed

GCP Permission list for certbot-dns-google in plugin documentation
dns-digitalocean used the SOA TTL for newly created records, rather than 30 seconds.
Revoking a certificate based on an ECDSA key can now be done with --key-path.

Log message:
python: egg.mk: add USE_PKG_RESOURCES flag

This flag should be set for packages that import pkg_resources
and thus need setuptools after the build step.

Set this flag for packages that need it and bump PKGREVISION.

Log message:
*: bump PKGREVISION for egg.mk users

They now have a tool dependency on py-setuptools instead of a DEPENDS

Log message:
py-acme py-certbot*: updated to 1.22.0

Certbot 1.22.0

Added

Support for Python 3.10 was added to Certbot and all of its components.
The function certbot.util.parse_loose_version was added to parse version
strings in the same way as the now deprecated distutils.version.LooseVersion
class from the Python standard library.
Added --issuance-timeout. This option specifies how long (in seconds) Certbot \ 
will wait
for the server to issue a certificate.

Changed

The function certbot.util.get_strict_version was deprecated and will be
removed in a future release.

Fixed

Fixed an issue on Windows where the web.config created by Certbot would sometimes
conflict with preexisting configurations.
Fixed an issue on Windows where the webroot plugin would crash when multiple domains
had the same webroot. This affected Certbot 1.21.0.

Log message:
py-acme py-certbot*: updated to 1.21.0

Certbot 1.21.0

Added

Certbot will generate a web.config file on Windows in the challenge path
when the webroot plugin is used, if one does not exist. This web.config file
lets IIS serve challenge files while they do not have an extension.

Changed

We changed the PGP key used to sign the packages we upload to PyPI. Going
forward, releases will be signed with one of three different keys. All of
these keys are available on major key servers and signed by our previous PGP
key. The fingerprints of these new keys are:
BF6BCFC89E90747B9A680FD7B6029E8500F7DB16
86379B4F0AF371B50CD9E5FF3402831161D1D280
20F201346BF8F3F455A73F9A780CC99432A28621

Fixed

More details about these changes can be found on our GitHub repo.

Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2

Log message:
py-acme py-certbot: updated to 1.20.0

1.20.0

Added

* Added `--no-reuse-key`. This remains the default behavior, but the flag may be
  useful to unset the `--reuse-key` option on existing certificates.

Fixed

* The certbot-dns-rfc2136 plugin in Certbot 1.19.0 inadvertently had an implicit
  dependency on `dnspython>=2.0`. This has been relaxed to `dnspython>=1.15.0`.

Log message:
security: Remove SHA1 hashes for distfiles

Log message:
py-acme py-certbot*: updated to 1.19.0

Certbot 1.19.0

Added

The certbot-dns-rfc2136 plugin always assumed the use of an IP address as the
target server, but this was never checked. Until now. The plugin raises an error
if the configured target server is not a valid IPv4 or IPv6 address.
Our acme library now supports requesting certificates for IP addresses.
This feature is still unsupported by Certbot and Let's Encrypt.

Changed

Several attributes in certbot.display.util module are deprecated and will
be removed in a future release of Certbot. Any import of these attributes will
emit a warning to prepare the transition for developers.
zope based interfaces in certbot.interfaces module are deprecated and will
be removed in a future release of Certbot. Any import of these interfaces will
emit a warning to prepare the transition for developers.
We removed the dependency on chardet from our acme library. Except for when
downloading a certificate in an alternate format, our acme library now
assumes all server responses are UTF-8 encoded which is required by RFC 8555.

Fixed

Fixed parsing of Defined values in the Apache plugin to allow for = in the value.
Fixed a relatively harmless crash when issuing a certificate with --quiet/-q.

Log message:
py-acme py-certbot*: updated to 1.18.0

1.18.0

Added

New functions that Certbot plugins can use to interact with the user have been \ 
added to certbot.display.util. We plan to deprecate using IDisplay with zope in \ 
favor of these new functions in the future.
The Plugin, Authenticator and Installer classes are added to certbot.interfaces \ 
module as alternatives to Certbot's current zope based plugin interfaces. The \ 
API of these interfaces is identical, but they are based on Python's abc module \ 
instead of zope. Certbot will continue to detect plugins that implement either \ 
interface, but we plan to drop support for zope based interfaces in a future \ 
version of Certbot.
The class certbot.configuration.NamespaceConfig is added to the Certbot's public API.

Changed

When self-validating HTTP-01 challenges using \ 
acme.challenges.HTTP01Response.simple_verify, we now assume that the response is \ 
composed of only ASCII characters. Previously we were relying on the default \ 
behavior of the requests library which tries to guess the encoding of the \ 
response which was error prone.
acme: the .client.Client and .client.BackwardsCompatibleClientV2 classes are now \ 
deprecated in favor of .client.ClientV2.
The certbot.tests.patch_get_utility* functions have been deprecated. Plugins \ 
should now patch certbot.display.util themselves in their tests or use \ 
certbot.tests.util.patch_display_util as a temporary workaround.
In order to simplify the transition to Certbot's new plugin interfaces, the \ 
classes Plugin and Installer in certbot.plugins.common module and \ 
certbot.plugins.dns_common.DNSAuthenticator now implement Certbot's new plugin \ 
interfaces. The Certbot plugins based on these classes are now automatically \ 
detected as implementing these interfaces.
We added a dependency on chardet to our acme library so that it will be used \ 
over charset_normalizer in newer versions of requests.

Fixed

The Apache authenticator no longer crashes with "Unable to insert \ 
label" when encountering a completely empty vhost. This issue affected \ 
Certbot 1.17.0.
Users of the Certbot snap on Debian 9 (Stretch) should no longer encounter an \ 
"access denied" error when installing DNS plugins.