py-acme py-certbot*: updated to 5.3.0
5.3.0
Added
A new command line flag, --ip-address, has been added. This requests certificates with IP address SANs when using the standalone or manual plugin. Note that for Let's Encrypt's implementation of IP address certificates, you'll also need to pass --preferred-profile shortlived.
Changed
Deploy directory hooks are now also run when using certbot certonly or certbot run to get a new cert. This change was made for pre and post directory hooks in our 3.2.0 release so this change unifies Certbot's behavior here.
A few largely unused functions/types have been deprecated in our effort to remove our pyOpenSSL dependency:
* Deprecated: certbot.crypto_util.get_sans_from_cert
* Deprecated: certbot.crypto_util.get_names_from_cert
* Deprecated: certbot.crypto_util.get_names_from_req
* Deprecated: certbot.crypto_util.import_csr_file (and replaced by certbot.crypto_util.read_csr_file)
* Deprecated: acme.crypto_util.Format
achallenges.KeyAuthorizationAnnotatedChallenge, achallenges.DNS, and achallenges.Other have a new field identifier, of type acme.messages.Identifier. This should be used in place of the domain field, which is now deprecated both as an attribute and during object creation.
Authenticator.get_chall_pref's argument has been renamed from domain to identifier, and can now receive string-formatted IP addresses in addition to domain names.
[6 lines not shown]
zlib-ng: updated to 2.3.3
2.3.3
Bug fixes
Make deflate output deterministic if stream is reused after deflateReset
minigzip: Fix integer overflow in gz_compress_mmap
Use GCC's may_alias attribute for access to buffers in crc32_chorba
Fix false-positive infinite loop warning detected by GCC-14 static analyzer
Fix warning for potentially uninitialized local variable ft used.
Tests
Fixed casting warning in benchmark_uncompress on MSVC
nodejs: updated to 25.6.0
25.6.0 (Current)
Notable Changes
- (SEMVER-MINOR) async_hooks: add trackPromises option to createHook() (Joyee Cheung)
- (SEMVER-MINOR) net: add setTOS and getTOS to Socket (Amol Yadav)
- (SEMVER-MINOR) src: add initial support for ESM in embedder API (Joyee Cheung)
- src: improve TextEncoder encode performance with simdutf (Mert Can Altin)
- (SEMVER-MINOR) stream: add bytes() method to node:stream/consumers (wantaek)
- (SEMVER-MINOR) test_runner: add env option to run function (Ethan Arrowood)
- url: update Ada to v3.4.2 and support Unicode 17 (Yagiz Nizipli)
arti: update to 2.0.0.
# Arti 2.0.0 — 2 February 2026
Arti 2.0.0 deprecates library functionality in the `arti` crate
(which should only be used as a binary),
deprecates some legacy features and configuration formats,
and adds support for using the `inet-auto` socket type
to automatically pick an unused TCP port for the RPC server.
As usual, there is also a significant amount of behind-the-scenes work on
relay and directory authority functionality.
While "2.0" may sound like an exciting release number, it's actually fairly mundane.
[Semver](https://semver.org) requires us to bump our major version number when making breaking changes,
and we had a couple breaking changes we wanted to make in order to keep our APIs tidy.
The only people who should notice significant changes in this release are developers
who are building applications using the `arti` crate directly,
rather than the recommended `arti-client` crate or other lower-level crates.
hugo: Update to 0.155.2
upstream changes:
-----------------
v0.155.2
Note that the bug fix below is for the two new dimensions introduced in v0.153.0 (version and role), multiple languages worked fine. Also, changes to the first version and role also worked, which had me head-scratching for a while. Oh, well, enjoy.
* Fix template change detection for multi-version sites 0f1c7d1 @bep #14461
* resources/image: Add some image decode/encode debug logging 6bd2bde @bep #14337 #14460