Bump acme from 1.4.0 to 1.6.0

[dependabot-preview]

Bumps acme from 1.4.0 to 1.6.0.

Release notes

Sourced from acme's releases.

Certbot 1.6.0

Added

• Certbot snaps are now available for the arm64 and armhf architectures.
• Add minimal code to run Nginx plugin on NetBSD.
• Make Certbot snap find externally snapped plugins
• Function certbot.compat.filesystem.umask is a drop-in replacement for os.umask implementing umask for both UNIX and Windows systems.
• Support for alternative certificate chains in the acme module.
• Added --preferred-chain <issuer CN>. If a CA offers multiple certificate chains, it may be used to indicate to Certbot which chain should be preferred.
  • e.g. --preferred-chain "DST Root CA X3"

Changed

• Allow session tickets to be disabled in Apache when mod_ssl is statically linked.
• Generalize UI warning message on renewal rate limits
• Certbot behaves similarly on Windows to on UNIX systems regarding umask, and the umask 022 is applied by default: all files/directories are not writable by anyone other than the user running Certbot and the system/admin users.
• Read acmev1 Let's Encrypt server URL from renewal config as acmev2 URL to prepare for impending acmev1 deprecation.

Fixed

• Cloudflare API Tokens may now be restricted to individual zones.
• Don't use StrictVersion, but LooseVersion to check version requirements with setuptools, to fix some packaging issues with libraries respecting PEP404 for version string, with doesn't match StrictVersion requirements.
• Certbot output doesn't refer to SSL Labs due to confusing scoring behavior.
• Fix paths when calling to programs outside of the Certbot Snap, fixing the apache and nginx plugins on, e.g., CentOS 7. More details about these changes can be found on our GitHub repo.

Certbot 1.5.0

Added

• Require explicit confirmation of snap plugin permissions before connecting.

Changed

• Improved error message in apache installer when mod_ssl is not available.

Fixed

• Add support for OCSP responses which use a public key hash ResponderID, fixing interoperability with Sectigo CAs.
• Fix TLS-ALPN test that fails when run with newer versions of OpenSSL. More details about these changes can be found on our GitHub repo.

Commits

• 41b99eb Release 1.6.0
• de39a42 Update changelog for 1.6.0 release
• 183ccc6 Some improvements (#8132)
• 6bca930 Remove unnecessary symlink (#8135)
• cd993cd Remove grade devel from Certbot snap. (#8128)
• 9f994d7 Run at 4:30 UTC to have Azure reparse YAML file. (#8133)
• 4f3dc88 Switch build status to nightly pipeline. (#8127)
• 48139f3 Do not build pushes to master. (#8126)
• 8a3a8c7 Migrate the CI pipeline from Travis to Azure Pipeline (#8098)
• cb3ff9e Set up CentOS 8 test farm tests (#8122)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[MartinHjelmare]

Changes in release notes sound safe!