CHANGELOG v1.14.1 - 2025-11-18 Added: - build: add missing Dockerfile. v1.14.0 - 2025-11-18 Added: - lib/dialer: introduce proxy-aware dialers and helpers: - NewNetDialer and NewTLSDialer honoring SOCKS5_PROXY, HTTPS_PROXY, HTTP_PROXY (case-insensitive) with precedence SOCKS5 > HTTPS > HTTP. - DialTCP and DialTLS convenience functions; DialTLS performs a TLS handshake and returns a concrete *tls.Conn. - NewHTTPClient: returns a proxy-aware *http.Client. Uses SOCKS5 proxy when configured (disables HTTP(S) proxying to avoid double-proxying); otherwise relies on http.ProxyFromEnvironment (respects HTTP(S)_PROXY and NO_PROXY). - build: the releasse-docker.sh builds and pushes the correct Docker images. Changed: - cmd: migrate tools to new proxy-aware helpers where appropriate: - certchain, stealchain, tlsinfo: use lib.DialTLS. - cert-revcheck: use lib.DialTLS for site connects and a proxy-aware HTTP client for OCSP/CRL fetches. - rhash: use proxy-aware HTTP client for downloads. - lib/fetch: migrate from certlib/fetch.go to lib/fetch.go and use DialTLS under the hood. - go.mod: add golang.org/x/net dependency (for SOCKS5 support) and align x/crypto. Notes: - HTTP(S) proxy CONNECT supports optional basic auth via proxy URL credentials. - HTTPS proxies are TLS-wrapped prior to CONNECT. - Timeouts apply to TCP connects, proxy handshakes, and TLS handshakes; context cancellation is honored. - Some commands retain bespoke dialing (e.g., IPv6-only or unix sockets) and were intentionally left unchanged. v1.13.6 - 2025-11-18 Changed: - build: removing gitea stuff. v1.13.5 - 2025-11-18 Changed: - build: updating goreleaser config. v1.13.4 - 2025-11-18 Changed: - build: updating goreleaser config. v1.13.3 - 2025-11-18 Added: - certlib: introduce `Fetcher` for retrieving certificates. - lib: `HexEncode` gains a byte-slice output variant. - build: add GoReleaser configuration. Changed: - cmd: migrate programs to use `certlib.Fetcher` for certificate retrieval (includes `certdump`, `ski`, and others). - cmd/ski: update display mode. Misc: - repository fixups and small cleanups. v1.13.2 - 2025-11-17 Add: - certlib/bundler: refactor certificate bundling from cmd/cert-bundler into a separate package. Changed: - cmd/cert-bundler: refactor to use bundler package, and update Dockerfile. v1.13.1 - 2025-11-17 Add: - Dockerfile for cert-bundler. v1.13.0 - 2025-11-16 Add: - cmd/certser: print serial numbers for certificates. - lib/HexEncode: add a new hex encode function handling multiple output formats, including with and without colons. v1.12.4 - 2025-11-16 Changed: - Linting fixes for twofactor that were previously masked. v1.12.3 erroneously tagged and pushed v1.12.2 - 2025-11-16 Changed: - add rsc.io/qr dependency for twofactor. v1.12.1 - 2025-11-16 Changed: - twofactor: Remove go.{mod,sum}. v1.12.0 - 2025-11-16 Added - twofactor: the github.com/kisom/twofactor repo has been subtree'd into this repo. v1.11.2 - 2025-11-16 Changed - cmd/ski, cmd/csrpubdump, cmd/tlskeypair: centralize certificate/private-key/CSR parsing by reusing certlib helpers. This reduces duplication and improves consistency across commands. - csr: CSR parsing in the above commands now uses certlib.ParseCSR, which verifies CSR signatures (behavioral hardening compared to prior parsing without signature verification). v1.11.1 - 2025-11-16 Changed - cmd: complete linting fixes across programs; no functional changes. v1.11.0 - 2025-11-15 Added - cache/mru: introduce MRU cache implementation with timestamp utilities. Changed - certlib: complete overhaul to simplify APIs and internals. - repo: widespread linting cleanups across many packages (config, dbg, die, fileutil, log/logging, mwc, sbuf, seekbuf, tee, testio, etc.). - cmd: general program cleanups; `cert-bundler` lint fixes. Removed - rand: remove unused package. - testutil: remove unused code. v1.10.1 — 2025-11-15 Changed - certlib: major overhaul and refactor. - repo: linter autofixes ahead of release. v1.10.0 — 2025-11-14 Added - cmd: add `cert-revcheck` command. Changed - ci/lint: add golangci-lint stage and initial cleanup. v1.9.1 — 2025-11-15 Fixed - die: correct calls to `die.With`. v1.9.0 — 2025-11-14 Added - cmd: add `cert-bundler` tool. Changed - misc: minor updates and maintenance. v1.8.1 — 2025-11-14 Added - cmd: add `tlsinfo` tool. v1.8.0 — 2025-11-14 Baseline - Initial baseline for this changelog series.