Bug 1871137

Summary: Review Request: acme-sh - An lightweight ACME client written purely in SH
Product: [Fedora] Fedora Reporter: Christopher Engelhard <ce>
Component: Package ReviewAssignee: Nobody's working on this, feel free to take it <nobody>
Status: CLOSED DEFERRED QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: package-review
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-08-26 10:35:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Christopher Engelhard 2020-08-21 12:05:10 UTC 
Spec URL: https://pagure.io/fedora-rpm-addons/raw/master/f/acme-sh/acme-sh.spec
SRPM URL: https://download.copr.fedorainfracloud.org/results/lcts/fedora-rpm-addons/fedora-rawhide-x86_64/01620104-acme-sh/acme-sh-2.8.6-4.1.fc34.src.rpm

Description: Acme.sh is an ACME client written purely in POSIX Shell language. It implements the full ACME protocol and supports both ACMEv1 and ACMEv2 as well as ACMEv2 wildcard certificates. It can automatically issue, renew and install certificates and supports a wide variety of DNS provider APIs for DNS-01 challenges.
Homepage: https://github.com/acmesh-official/acme.sh

Fedora Account System Username: lcts

Notes:
 - The software is actually called acme.sh, but that is not an allowed package name, correct?
 - This program offers options to (automatically) install and update itself from the commandline. Doing so will effectively "hide" the rpm-installed version from the user. Should I patch the script to disable these options (fairly easy to do) or stay close to upstream & trust the user not to use them?
Comment 1 Christopher Engelhard 2020-08-26 10:35:16 UTC 
Withdrawing this for now, as there are some security issues with acme.sh that I need to patch first.