acmesh-official
diff --git a/‎.github/copilot-instructions.md‎
Lines changed: 152 additions & 38 deletions b/‎.github/copilot-instructions.md‎
Lines changed: 152 additions & 38 deletions
diff --git a/‎acme.sh‎
Lines changed: 21 additions & 12 deletions b/‎acme.sh‎
Lines changed: 21 additions & 12 deletions
@@ -1,67 +1,181 @@
-# GitHub Copilot Shell Scripting (sh) Review Instructions
+# GitHub Copilot Shell Scripting (sh) Review Instructions for acme.sh
 
-## 🎯 Overall Goal
+## Overall Goal
 
-Your role is to act as a rigorous yet helpful senior engineer, reviewing Shell script code (`.sh` files). Ensure the code exhibits the highest levels of robustness, security, and portability.
+Your role is to act as a rigorous yet helpful senior engineer, reviewing Shell script code (`.sh` files) for the [acme.sh](https://github.com/acmesh-official/acme.sh) project. Ensure the code exhibits the highest levels of robustness, security, and portability.
 The review must focus on risks unique to Shell scripting, such as proper quoting, robust error handling, and the secure execution of external commands.
 
-## 📝 Required Output Format
+## Required Output Format
 
-Please adhere to the previous format: organize the feedback into a single, structured report, using the three-level marking system:
+Organize the feedback into a single, structured report, using the three-level marking system:
 
-1.  **🔴 Critical Issues (Must Fix Before Merge)**
-2.  **🟡 Suggestions (Improvements to Consider)**
-3.  **✅ Good Practices (Points to Commend)**
+1. **Critical Issues (Must Fix Before Merge)**
+2. **Suggestions (Improvements to Consider)**
+3. **Good Practices (Points to Commend)**
 
 ---
 
-## 🔍 Focus Areas and Rules for Shell
+## Shell Compatibility
 
-### 1. Robustness and Error Handling
+- **POSIX sh only** -- all scripts must target `sh`, not `bash`. No bash-isms allowed.
+- **Shebang**: always use `#!/usr/bin/env sh` (not `#!/bin/sh`, not `#!/usr/bin/env bash`).
+- **Use `return`, never `exit`** -- scripts are sourced, not executed as subprocesses. `exit` would kill the parent shell.
+- **Cross-platform**: code must work on Linux, macOS, FreeBSD, Solaris, and BusyBox environments.
 
-* **Shebang:** Check that the script starts with the correct Shebang, must be "#!/usr/bin/env sh".
-* **Startup Options:** **(🔴 Critical)** Enforce the use of the following combination at the start of the script for safety and robustness:
-    * `set -e`: Exit immediately if a command exits with a non-zero status.
-    * `set -u`: Treat unset variables as an error and exit.
-    * `set -o pipefail`: Ensure the whole pipeline fails if any command in the pipe fails.
-* **Exit Codes:** Ensure functions and the main script use `exit 0` for success and a non-zero exit code upon failure.
-* **Temporary Files:** Check for the use of `mktemp` when creating temporary files to prevent race conditions and security risks.
+---
+
+## Robustness and Error Handling
+
+- **(Critical)** Enforce the use of the following combination at the start of the script for safety and robustness:
+  - `set -e`: Exit immediately if a command exits with a non-zero status.
+  - `set -u`: Treat unset variables as an error and exit.
+  - `set -o pipefail`: Ensure the whole pipeline fails if any command in the pipe fails.
+- **Always check return values** of function calls. If an error occurs, there must be a way to stop execution.
+- **Return 1** after `_err` messages:
+  ```sh
+  if [ -z "$VARIABLE" ]; then
+    _err "VARIABLE is required"
+    return 1
+  fi
+  ```
+- Check for the use of `mktemp` when creating temporary files to prevent race conditions and security risks.
+
+---
+
+## Security and Quoting
 
-### 2. Security and Quoting
+- **(Critical)** Check that all variable expansions (like `$VAR` and `$(COMMAND)`) are properly enclosed in **double quotes** (i.e., `"$VAR"` and `"$(COMMAND)"`) to prevent **Word Splitting** and **Globbing**.
+- **(Critical)** Find and flag any hardcoded passwords, keys, tokens, or authentication details.
+- Verify that all user input, command-line arguments (`$1`, `$2`, etc.), or environment variables are rigorously validated and sanitized before use.
+- Avoid `eval` -- warn against and suggest alternatives, as it can lead to arbitrary code execution.
 
-* **Variable Quoting:** **(🔴 Critical)** Check that all variable expansions (like `$VAR` and `$(COMMAND)`) are properly enclosed in **double quotes** (i.e., `"$VAR"` and `"$(COMMAND)"`) to prevent **Word Splitting** and **Globbing**.
-* **Hardcoded Secrets:** **(🔴 Critical)** Find and flag any hardcoded passwords, keys, tokens, or authentication details.
-* **Untrusted Input:** Verify that all user input, command-line arguments (`$1`, `$2`, etc.), or environment variables are rigorously validated and sanitized before use.
-* **Avoid `eval`:** Warn against and suggest alternatives to using `eval`, as it can lead to arbitrary code execution.
+---
 
-### 3. Readability and Maintainability
+## Use Built-in Helper Functions
 
-* **Function Usage:** Recommend wrapping complex or reusable logic within clearly named functions.
-* **Local Variables:** Check that variables inside functions are declared using the `local` keyword to avoid unintentionally modifying global state.
-* **Naming Convention:** Variable names should use uppercase letters and underscores (e.g., `MY_VARIABLE`), or follow established project conventions.
-* **Test Conditions:** Encourage the use of Bash's **double brackets `[[ ... ]]`** for conditional tests, as it is generally safer and more powerful (e.g., supports pattern matching and avoids Word Splitting) than single brackets `[ ... ]`.
-* **Command Substitution:** Encourage using `$(command)` over backticks `` `command` `` for command substitution, as it is easier to nest and improves readability.
+Never use raw shell commands when acme.sh provides a wrapper function. This is the most critical rule for portability.
 
-### 4. External Commands and Environment
+| Instead of | Use |
+|---|---|
+| `tr '[:upper:]' '[:lower:]'` | `_lower_case()` |
+| `head -n 1` | `_head_n 1` |
+| `openssl dgst` / `openssl` | `_digest()` / `_hmac()` |
+| `date` | `_utc_date()` with `sed`/`tr` |
+| `curl` / `wget` | `_get()` or `_post()` |
+| `sleep` | `_sleep` |
+| `base64` / `openssl base64` | `_base64()` |
+| `$(( ))` arithmetic | `_math()` |
+| `grep -E` / `grep -Po` | `_egrep_o()` |
+| `printf` | `echo` |
+| `idn` command | `_idn()` / `_is_idn()` |
 
-* **`for` Loops:** Warn against patterns like `for i in $(cat file)` or `for i in $(ls)` and recommend the more robust `while IFS= read -r line` pattern for safely processing file contents or filenames that might contain spaces.
-* **Use existing acme.sh functions whenever possible.** For example: do not use `tr '[:upper:]' '[:lower:]'`, use `_lower_case` instead.
-* **Do not use `head -n`.** Use the `_head_n()` function instead.
-* **Do not use `curl` or `wget`.** Use the `_post()` and `_get()` functions instead.
+When fixing a pattern issue, fix **all instances** in the file, not just the one highlighted.
 
 ---
 
-### 5. Review Rules for Files Under `dnsapi/`:
+## Forbidden External Tools
+
+Do not use these commands -- they are not portable across all target platforms:
+
+- `jq` (parse JSON with built-in string manipulation)
+- `grep -A` (removed throughout the project)
+- `grep -Po` (Perl regex not available everywhere)
+- `rev`, `xargs`, `iconv`
+- If you must depend on an external tool, check with `_exists` first:
+  ```sh
+  if ! _exists jq; then
+    _err "jq is required"
+    return 1
+  fi
+  ```
+- Warn against patterns like `for i in $(cat file)` or `for i in $(ls)` and recommend the more robust `while IFS= read -r line` pattern for safely processing file contents or filenames that might contain spaces.
+
+---
 
-* **Each file must contain a `{filename}_add` function** for adding DNS TXT records. It should use `_readaccountconf_mutable` to read the API key and `_saveaccountconf_mutable` to save it. Do not use `_saveaccountconf` or `_readaccountconf`.
+## Configuration Management
 
+Use the correct save/read functions depending on hook type:
 
-## ❌ Things to Avoid
+- **DNS hooks**: `_readaccountconf_mutable` to read API keys, `_saveaccountconf_mutable` to save them. Do not use `_saveaccountconf` or `_readaccountconf`.
+- **Deploy hooks**: `_savedeployconf` / `_getdeployconf`
+- **Notification hooks**: use account conf functions.
+- Save operations should only happen in the correct lifecycle function (e.g., `_issue()`).
+- Use environment variables for all configurable values -- do not introduce hardcoded config files.
+- Do not clear account conf without a clear reason.
 
-* Do not comment on purely stylistic issues like spacing or indentation, which should be handled by tools like ShellCheck or Prettier.
-* Do not be overly verbose unless a significant issue is found. Keep feedback concise and actionable.
+---
+
+## DNS API Conventions
+
+- Read the [DNS API Dev Guide](https://github.com/acmesh-official/acme.sh/wiki/DNS-API-Dev-Guide) before writing a DNS plugin.
+- Each file under `dnsapi/` must contain a `{filename}_add` function for adding DNS TXT records.
+- The `_get_root()` loop counter `i` must start from `1` (not `2`) to support DNS alias mode.
+- The `dns_*_rm()` function must remove records **by TXT value**, not by replacing/updating. See [#1261](https://github.com/acmesh-official/acme.sh/issues/1261).
+- Preserve the `dns_*_info` metadata variable block in each DNS script header.
+
+---
+
+## Variable Naming
+
+- Use CamelCase with provider prefix: `KINGHOST_Username` (not `KINGHOST_username`).
+- Variable names should use uppercase letters and underscores (e.g., `MY_VARIABLE`), or follow established project conventions.
+- Avoid confusingly similar names. Prefer one variable with comma-separated values over multiple variables (e.g., `CZ_Zones` with comma support instead of separate `CZ_Zone` and `CZ_Zones`).
+- Do not define variables with the same name in different scopes.
+- Variables inside functions should be declared using the `local` keyword to avoid unintentionally modifying global state.
+
+---
 
+## Code Style
 
+- Use `shfmt` for formatting -- CI enforces it.
+- Reduce indentation where possible.
+- Single space, not double spaces.
+- No trailing semicolons after `return` statements.
+- Add a newline at the end of every file.
+- Use `$(command)` over backticks `` `command` `` for command substitution.
 
+---
+
+## Simplicity
+
+- Prefer hardcoded sensible defaults over unnecessary configuration variables (e.g., use `3600` for TTL instead of a `DESEC_TTL` variable).
+- Reject over-engineered solutions. If it can be done in one line, do it in one line.
+- Follow existing patterns in the codebase -- new hooks should look like existing hooks.
+- Respect user choices: do not `chmod` files that already exist; the user's permissions take priority.
+
+---
+
+## Documentation Requirements
+
+Before a PR can be merged, the following documentation must be provided:
+
+- **Wiki page**: add or update the relevant page:
+  - DNS APIs: [dnsapi](https://github.com/acmesh-official/acme.sh/wiki/dnsapi) or [dnsapi2](https://github.com/acmesh-official/acme.sh/wiki/dnsapi2)
+  - Deploy hooks: [deployhooks](https://github.com/acmesh-official/acme.sh/wiki/deployhooks)
+  - Notification hooks: [notify](https://github.com/acmesh-official/acme.sh/wiki/notify)
+  - Options: [Options-and-Params](https://github.com/acmesh-official/acme.sh/wiki/Options-and-Params)
+- **In-code usage**: add usage examples in the help text of `acme.sh` itself.
+- **README**: add website URLs for new DNS providers.
+
+---
+
+## CI and Merge Hygiene
+
+- All CI checks must pass before merge.
+- Rebase to the latest `dev` branch frequently -- do not use merge commits.
+- Enable GitHub Actions on your fork to catch errors early.
+- Run the [DNS API Test](https://github.com/acmesh-official/acme.sh/wiki/DNS-API-Test) workflow for DNS plugins.
+- For Docker changes, ensure the Dockerfile includes any required dependencies.
+
+---
+
+## Debug Logging
+
+- Use `_debug2` (not `_debug3` or other levels) unless there is a specific reason for a different level.
+
+---
 
+## Things to Avoid in Reviews
 
+- Do not comment on purely stylistic issues like spacing or indentation, which should be handled by tools like ShellCheck or `shfmt`.
+- Do not be overly verbose unless a significant issue is found. Keep feedback concise and actionable.
@@ -5285,7 +5285,7 @@ $_authorizations_map"
       _info "Order status is 'ready', let's sleep and retry."
       _retryafter=$(echo "$responseHeaders" | grep -i "^Retry-After *:" | cut -d : -f 2 | tr -d ' ' | tr -d '\r')
       _debug "_retryafter" "$_retryafter"
-      if [ "$_retryafter" ]; then
+      if [ "$_retryafter" ] && [ $_retryafter -gt 0 ]; then
         _info "Sleeping for $_retryafter seconds then retrying"
         _sleep $_retryafter
       else
@@ -5295,7 +5295,7 @@ $_authorizations_map"
       _info "Order status is 'processing', let's sleep and retry."
       _retryafter=$(echo "$responseHeaders" | grep -i "^Retry-After *:" | cut -d : -f 2 | tr -d ' ' | tr -d '\r')
       _debug "_retryafter" "$_retryafter"
-      if [ "$_retryafter" ]; then
+      if [ "$_retryafter" ] && [ $_retryafter -gt 0 ]; then
         _info "Sleeping for $_retryafter seconds then retrying"
         _sleep $_retryafter
       else
@@ -5555,16 +5555,17 @@ renew() {
   . "$DOMAIN_CONF"
   _debug Le_API "$Le_API"
 
-  case "$Le_API" in
-  "$CA_LETSENCRYPT_V2_TEST")
-    _info "Switching back to $CA_LETSENCRYPT_V2"
-    Le_API="$CA_LETSENCRYPT_V2"
-    ;;
-  "$CA_GOOGLE_TEST")
-    _info "Switching back to $CA_GOOGLE"
-    Le_API="$CA_GOOGLE"
-    ;;
-  esac
+  #don't switch it back
+  #  case "$Le_API" in
+  #  "$CA_LETSENCRYPT_V2_TEST")
+  #    _info "Switching back to $CA_LETSENCRYPT_V2"
+  #    Le_API="$CA_LETSENCRYPT_V2"
+  #    ;;
+  #  "$CA_GOOGLE_TEST")
+  #    _info "Switching back to $CA_GOOGLE"
+  #    Le_API="$CA_GOOGLE"
+  #    ;;
+  #  esac
 
   if [ "$_server" ]; then
     Le_API="$_server"
@@ -5764,6 +5765,9 @@ ${_skipped_msg}
     fi
   fi
 
+  if [ "$_TREAT_SKIP_AS_SUCCESS" ] && [ "$_ret" = "$RENEW_SKIP" ]; then
+    _ret=0
+  fi
   return "$_ret"
 }
 
@@ -6982,6 +6986,7 @@ cron() {
 
     _info "Automatically upgraded to: $VER"
   fi
+  _TREAT_SKIP_AS_SUCCESS="1"
   renewAll
   _ret="$?"
   _ACME_IN_CRON=""
@@ -7229,6 +7234,7 @@ Parameters:
   --local-address <ip>              Specifies the standalone/tls server listening address, in case you have multiple ip addresses.
   --listraw                         Only used for '--list' command, list the certs in raw format.
   -se, --stop-renew-on-error        Only valid for '--renew-all' command. Stop if one cert has error in renewal.
+  --treat-skip-as-success           Only valid for '--renew-all' command. Treat skipped certs as success, return 0 instead of $RENEW_SKIP.
   --insecure                        Do not check the server certificate, in some devices, the api server's certificate may not be trusted.
   --ca-bundle <file>                Specifies the path to the CA certificate bundle to verify api server's certificate.
   --ca-path <directory>             Specifies directory containing CA certificates in PEM format, used by wget or curl.
@@ -7709,6 +7715,9 @@ _process() {
     -f | --force)
       FORCE="1"
       ;;
+    --treat-skip-as-success | --treatskipassuccess)
+      _TREAT_SKIP_AS_SUCCESS="1"
+      ;;
     --staging | --test)
       STAGE="1"
       ;;