0.8.4 (20230618)

- doc - Add WHAT IS DANE? section
- Add _ to set of DNS name chars that don't require idn2
- rollover - Divert certbot stdout to stderr to aid output adapters
- Prevent premature rollover (refuse if tlsa-check would fail)
- Terminate danectl when `idna` in subprocess requires idn2 but fails to find it
- Makefile - Add make help (default)

0.8.3 (20230419)

- smimea/smimea-check: Improve email address identification (spotted by John Scott)

0.8.2 (20230414)

- Fix support for Unicode email addresses in S/MIME certificates

0.8.1 (20230412)

- README.md - Add danectl-zonefile and danectl-nsupdate to the list of things installed
- Fix handling of domains with - (with github/thomas-mm)
- Add support for Unicode domain names (IDNA2008/TR46)

0.8 (20230313)

- Add references to the codeberg repository
- Add LICENSES/* and .reuse/dep5 (REUSE 3.0 compliant)
- Add danectl-nsupdate (output adapter for BIND9 dynamic DNS updates)
- Add support for drill on systems like Arch that prefer it to host (for Gaspard d'Hautefeuille)
- Fix openpgpkey-check superfluous record detection: localpart was hard-coded for testing
- Add danectl-zonefile (output adapter for modifying BIND9 zonefiles)
- Add --group option for different certbot configurations for different domains (for github/hunter-nl)
- Add support for reload to use an explicit path to an executable file (for github/hunter-nl)
- Add exporting $CERTNAME environment variable when reloading services (for github/hunter-nl)

0.7.4 (20220725)

- Add support for non-rsa keys (e.g., ecdsa) (github/csarn Christoph Sarnowski)
- Fix tabs in TLSA record output on some systems (with github/csarn Christoph Sarnowski)

0.7.3 (20211221)

- tlsa-check: Fixed output of new reuse_key check to match greppability convention
- tlsa-check doc: Add note in manpage to pipe grep output through grep -v '; ' as well

0.7.2 (20211202)

- Fixed certbot invocation bug introduced in 0.7.1 (spotted by github/ran-deh)
- status/tlsa-check: Add check for reuse_key (and fix if necessary)
- status: Remove redundant use of $@

0.7.1 (20211014)

- doc: Fixed usage typo
- adopt: Accept only a single cert-name (not multiple)
- Improve error message when too many arguments supplied (Say 'Too many' rather than 'Missing')
- Add helpful statements of expectations to usage error messages
- Reorder --quiet and --verbose in usage and manual page
- Rename certbot_options() function to certbot()
- Minor documentation improvements

0.7 (20111011)

- Replace original June 1991 GPLv2 with February 1999 (post-LGPLv2.1) GPLv2
- Replace contributor covenant v2.0 with v2.1
- adopt: Don't refuse existing cert created with --reuse-key (spotted by github/ran-deh)
- new/dup: Handle incorrectly quoted domains (spotted by github/ran-deh)
- Add support for overriding certbot command (spotted by github/ran-deh)
- Smarter certbot plugin/command defaults
- Detect incorrectly quoted certbot options
- Replace "$@" with "$*" where it matters (for Ubuntu/NetBSD) (spotted by github/ran-deh)
- Use /usr/xpg4/bin/sh if present (/bin/sh on Solaris11 is ksh93)
- Remove non-standard 'local' keyword for variables in functions
- make uninstall: Don't complain if files not installed
- make install: Silence Solaris tweak and improve its error reporting
- Rearrange copyright notice header
- doc: Add "/etc/letsencrypt" to "replacing live with current" for clarity
- doc: Replace "keypair" with "key" to avoid confusion with pairs of lineages
- Minor documentation improvements
- Remove superfluous echoes
- Fix variable name clash
- Support multiple base domains in a certificate lineage
- smimea: Add a better check that the certificate can do S/MIME encryption
- Add -1, --oneline option to output OPENPGPKEY/SMIMEA records on a single line
- openpgpkey-check: Fix output (add terminating dot) when no key but record exists 
- Add command aliases: alias cb add tlsa del delete show
- Add -s, --spaces option to include spaces in --oneline output