Agreed. 
I also find this part rather disturbing:
A --deploy-hook should be used for this purpose since deployment procedures for a certificate should only be performed if the certificate is actually renewed and not every time a renewal is attempted (as is the case with --post-hook).