github fabriziosalmi/certmate v2.4.9
on GitHub

latest releases: v2.4.11, v2.4.10
3 hours ago

v2.4.9

Bug Fixes

  • Route53 renewal failure (#112): The renewal flow now injects DNS provider environment variables (AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, etc.) into the certbot subprocess, mirroring the creation flow. Previously, renew_certificate() skipped prepare_environment(), causing all DNS-01 renewals relying on env-based authentication to fail silently.

  • Deploy hook sanitizer too restrictive (#115): The command safety validator now whitelists $CERTMATE_* / ${CERTMATE_*} environment variables (injected by the system) and allows simple pipes (|). References to .pem files are no longer blocked since deploy hooks legitimately need certificate paths. Backticks, $(), eval, chaining (&&, ||, ;) and redirects to absolute paths remain blocked.

  • Redundant Client Certs header button (#134): Removed the non-functional /#client link from the desktop header and mobile bottom tab bar. The Client Certs view remains accessible via the dashboard tab toggle.

Improvements

  • Change DNS provider on existing certificates (#129): New PATCH /api/certificates/<domain> endpoint allows updating the DNS provider and alias DNS provider for future renewals without deleting and recreating the certificate. Updates both on-disk metadata and settings atomically.

  • Configuration persistence diagnostic (#130): Added a sentinel file check at Docker container startup. If /app/data is not backed by a persistent volume, a WARNING is logged on every restart with instructions for the correct mount configuration. This catches the most common deployment mistake before data loss occurs.

  • Dashboard UX: collapsible creation form (#131): The certificate creation form is now hidden by default behind a toggle button. Visibility state persists in sessionStorage. The certificate list is immediately visible without scrolling.

Infrastructure

  • Standardized local development on a single Python 3.12 virtual environment (previously 3 venvs totaling 1.26 GB, of which 2 were incompatible Python 3.14 installs)
  • Added venv exclusions to .dockerignore (was copying 1.26 GB of local venvs into Docker build context)
  • Rewrote Makefile with automatic venv management, Docker-first targets, and CI simulation (make setup, make test, make docker-build, make docker-test, make ci)

CI

  • CI failure on commit 0eb2f4b (test_deployer pipe assertion) was fixed in 6ad9a76 by updating the test to reflect the intentionally relaxed sanitizer policy
  • All 212 tests passing on Python 3.12

Full Changelog: v2.4.8...v2.4.9

Check out latest releases or
releases around fabriziosalmi/certmate v2.4.9

Don't miss a new certmate release

NewReleases is sending notifications on new releases.

Get notifications