Bug#941126: stretch-pu: package dehydrated/0.6.2-2+deb9u1
On Sat, 2020-01-18 at 15:51 +0100, Mattia Rizzolo wrote:
[...]
> On Wed, Sep 25, 2019 at 10:59:58AM +0200, Mattia Rizzolo wrote:
[...]
> > From what I can see, the breakages would pretty much account to the
> > following:
> > * you need a new --accept-terms flag while creating a new account
> > (might break autoamted deployments who need to create a new
> > account?)
> > * only since v0.6.0 the upstream developer made clear that users
> > should not hardcode a list of hook, and it's known many users did
> > it, so hook scripts may break due to unknown hook types
> > * this also changes the default endpoint to ACMEv2. It should be
> > totally transparent for most users, and those who really need
> > ACMEv1 (why?) would need to explicitly specify it.
> To this list I need to add that apparently the DNS verification might
> break if the user used a single TXT record that the several
> _acme_challenge.* CNAMEd to., as now dehydrated deployes all the
> challenges in one go and then asks LE to check, instead of doing one
> at a time. There is a simple workaround to this by using HOOK_CHAIN
> plus a forgiving hook script.
>
> I still consider the above "breakages" totally acceptable, as we
> really ought to welcome ACMEv2 in face of those 4 trivialities above.
I'm aware that you both called them trivialities and quoted
"breakages", but is it worth documenting any of them somewhere in the
package?
Regards,
Adam
Reply to: