This PR removes all zope dependencies from plugins configuration.
It also lets Sphinx upgrade to the next major version by removing the plugin dedicated to zope interfaces documentation. As a consequence, the deprecated zope interfaces are not documented anymore.
* Cleanup zope dependencies in plugins and upgrade sphinx
* Update pinnings
As a follow-up to #8971, this PR removes all references to the old Zope interfaces, except the ones used to deprecate them and prepare for their removal.
In the process, some documentation and tests about the `Display` objects are simply removed since they are not relevant anymore given that they are removed from the public API.
* Cleanup some interfaces.IInstaller
* Cleanup IConfig doc
* Allmost complete removal
* Remove useless tests
* Fixes
* More cleanup
* More cleanup
* More cleanup
* Remove a non existent reference
* Better type
* Fix lint
Fixes#8899
This PR removes the pinning upper limit of mypy currently set to <0.900 and adds the required types-* stub packages to make recent versions of mypy work.
* Unpin mypy
* Improve type in TempHandler
* Add types
I want this for #8949.
I think this is quite verbose, but purposefully so as an intervention to try prevent users from hitting this problem. It's more of a "How-To Guide" than a "Reference Guide" (in the lingo of https://documentation.divio.com).
* docs: add "Deleting Certificates" to user guide
* try a less convoluted explanation
about what the installer did in the first place
* add a warning early on: read the full thing
* erica's copy changes
* rewrite as a how-to guide
* rewrite self-signed step 2 for mental model++
* rewrite intro to "safely deleting certificates"
[Snapcraft 5.0](https://forum.snapcraft.io/t/release-notes-snapcraft-5-0/25751) implemented creating build IDs based on the project's contents instead of the directory path in https://github.com/snapcore/snapcraft/pull/3554. This is a feature we initially wanted, but it broke our workaround added in https://github.com/certbot/certbot/pull/8719. Our workaround is broken because now that the build ID is based on the project's contents, copying the project to a temporary directory has no effect.
This PR removes the workaround from https://github.com/certbot/certbot/pull/8719 and instead constructs a random build ID that it provides to snapcraft. This provides us with even more randomness to avoid build ID conflicts while avoiding having to copy the project to a temporary directory before every build.
* improve-remote-build
* use lowercase letters
* BF: apache cfg parsing - relax assumption that value cannot contain =
* Remove failing test_update_runtime_vars_bad_output
* Add test Define statements: with = in value, and an empty value
* update CHANGELOG
Co-authored-by: Alex Zorin <alex@zorin.id.au>
`distro.linux_distribution` was deprecated (https://github.com/python-distro/distro/pull/296) in the release of `distro` at the end of last week. The deprecation is causing the `nopin` nightly tests to fail.
This change migrates Certbot off that function.
As far as I can tell, the Arch Linux edge case described in the code comments no longer happens, but better to be safe than sorry I think.
* stop using deprecated distro.linux_distribution
* update comment
Co-authored-by: Brad Warren <bmw@users.noreply.github.com>
Co-authored-by: Brad Warren <bmw@users.noreply.github.com>
This PR is a new approach for fixing #8732 based on the discussions occurred in the first PR #8877.
This PR upgrades python-augeas to the latest version, and avoids tests failure of Windows because of this upgrade. To do so it leverages the [tox multi-platform feature](https://tox.readthedocs.io/en/latest/example/platform.html) and modifications to `tools/venv.py` in order to not install and not test `certbot-apache` on Windows.
* Unpin python-augeas and upgrade current pinnings
* Do not install certbot-apache in Windows dev environments
* Introduce tox specific win packages + remove certbot compatibility on windows
* Add libaugeas to sphinx build
* Redefine lint and mypy targets
* Keep the lint and mypy environments
* acme: deprecate ACMEv1 client classes
Adds pending deprecations to:
- acme.client.Client
- acme.client.BackwardsCompatibleClientV2
Adds a warning to Certbot when a v1 server is detected.
* move thsi change from 1.17 to 1.18
* revert some whitespace changes
While bumping pinned packages in #8928, we came across a new version of pylint (2.9.3). Upgrading to this version requires some changes to Certbot's code, which is what this change is about.
* pylint: upgrade pinned verson and fix new lints
* maxsplit should be 1, not -1, for rsplit
* docs: explain the situation with --manual renewal
* note that the non-hook command can't be cronned
* add xref to #renewing-certificates
* update manual description in the plugins table
* redirect manual users towards other plugins
* refer to authentication hook scripts in table
In the apache2 package on Debian-based distros, the default
000-default.conf virtual host does not include a ServerName.
Depending on the FQDN hostname of the machine and DNS setup, Apache
assigns a name to this unnamed vhost at runtime. As a result, the
Apache config end up with vhosts that have duplicative names.
Previously, Certbot did not identify that the nameless vhost could be
a match for the requested identifier, which would, depending on
configuration load order, cause the authenticator to fail.
This change causes Certbot to include all unnamed vhosts on top of
matched vhosts, during authentication. If no vhosts matched, the
existing behavior remains the same.
* apache: configure nameless vhosts during auth
* vhost is only unnamed if ServerName is not set
* also fix test to only match ServerName
Co-authored-by: Brad Warren <bmw@users.noreply.github.com>
* cli: vary renewal advice for hookless manual certs
1. Don't print that the certificate will be automatically renewed,
because it won't be.
2. Add a "NEXT STEP" telling the user that they will need to manually
re-issue the certificate in order to renew it.
* kill superfluous comma
Co-authored-by: ohemorange <ebportnoy@gmail.com>
* clarify wording of the next step
* fix the test
Co-authored-by: ohemorange <ebportnoy@gmail.com>
