tests: consistently use pyflakes as a Python module We check availability of pyflakes as a module, and also running it for real as a module. Only fair to test filterpyflakes.py working correctly when using pyflakes as a module too. Differential Revision: https://phab.mercurial-scm.org/D8617

heptapod-ci: also run tests for chg on python 2 I am not aware of any regular effort to run test with chg. So let's at least do it here. Differential Revision: https://phab.mercurial-scm.org/D8178

rust-dependencies: upgrade `micro-timer` dependency I wanted to to a tour of dependencies to upgrade, but only `micro-timer` has a new release which does not print when the function panics, which should be less misleading. Differential Revision: https://phab.mercurial-scm.org/D8605

context: fix creation of ProgrammingError to not use non-existent field Differential Revision: https://phab.mercurial-scm.org/D8606

help: explain in `hg help flags` that unambiguous prefixes are allowed I used `hg commit --amend` as an example because that's the most frequently used flag I could think of that doesn't yet have a short form. Differential Revision: https://phab.mercurial-scm.org/D8607

git: add coverage for manifest.diff() so we don't regress

git: implement diff manifest method This makes 'hg diff' work.

git: properly visit child tree objects when resolving a path

git: don't yield paths for directories when walking

git: correctly check for type of object when walking

git: implement stub prefetch_parents dirstate method A recent change (35b255e474d9) introduced this new required dirstate method but didn't update the git extension.

rust: leverage .expect() in place of .unwrap() + inline comment For a better error indication in case we made a mistake.

rust: fix false comment about mpsc::Sender We need Sync to share the Sender reference across threads.

merge with stable

relnotes: advertize the possibility to use rust I think the rust work may have been mentioned in the release notes, but if so only in passing, and not as an invitation to try it out. I think the next version is a decent time to do this, because the rust doesn't come with performance regressions AFAIK, speeds up status noticeably when it applies, which is the case for most invocations of status, and doesn't have the undesirable restriction of regex around empty patterns anymore. I am cheating a bit, because I'm giving numbers for `hg status` in mozilla-central, but they have one hgignore pattern that uses lookaround, ".vscode/(?!extensions\.json|tasks\.json", which I took out as it would cause a fallback to python when unknown files are requested. But it seems that they could express their hgignore differently if they were so inclined. Not sure if there are limitation other than linux-only that I am not thinking of but would be worth mentioning upfront, to avoid disappointing users? Differential Revision: https://phab.mercurial-scm.org/D8604

rust: add a pointer for profiling to the README As figuring out how to get useful profiles is not obvious. Differential Revision: https://phab.mercurial-scm.org/D8603

rust: update the mention of hgcli in rust/README.rst This may not be exactly right, but it's better than before. Differential Revision: https://phab.mercurial-scm.org/D8602

sslutil: fix comment to use inclusive or instead of exclusive or The incorrect "either" was introduced by one of my recent patches.

sslutil: propagate return value ssl.PROTOCOL_SSLv23 from protocolsettings() Also, protocolsettings() was renamed to commonssloptions() to reflect that only the options are returned.

sslutil: stop storing protocol and options for SSLContext in settings dict Call protocolsettings() where its return values are needed.

sslutil: rename 'minimumprotocolui' -> 'minimumprotocol' Before, both 'minimumprotocolui' and 'minimumprotocol' were used, but meaning the same.

sslutil: properly detect which TLS versions are supported by the ssl module For the record, I contacted the CPython developers to remark that unconditionally defining ssl.PROTOCOL_TLSv1_1 / ssl.PROTOCOL_TLSv1_2 is problematic: https://github.com/python/cpython/commit/6e8cda91d92da72800d891b2fc2073ecbc134d98#r39569316

sslutil: remove dead code (that failed if only TLS 1.0 is available) We ensure in setup.py that TLS 1.1 or TLS 1.2 is present.

config: remove unused hostsecurity.disabletls10warning config

sslutil: remove dead code (that downgraded default minimum TLS version) We ensure in setup.py that TLS 1.1 or TLS 1.2 is present.

sslutil: remove comment referring to unsupported legacy stacks

setup: require that Python has TLS 1.1 or TLS 1.2 This ensures that Mercurial never downgrades the minimum TLS version from TLS 1.1+ to TLS 1.0+ and enables us to remove that compatibility code. It is reasonable to expect that distributions having Python 2.7.9+ or having backported modern features to the ssl module (which we require) have a OpenSSL version supporting TLS 1.1 or TLS 1.2, as this is the main reason why distributions would want to backport these features. TLS 1.1 and TLS 1.2 are often either both enabled or both not enabled. However, both can be disabled independently, at least on current Python / OpenSSL versions. For the record, I contacted the CPython developers to remark that unconditionally defining ssl.PROTOCOL_TLSv1_1 / ssl.PROTOCOL_TLSv1_2 is problematic: https://github.com/python/cpython/commit/6e8cda91d92da72800d891b2fc2073ecbc134d98#r39569316

sslutil: check for OpenSSL without TLS 1.0 support in one case It can only happen if supportedprotocols gets fixed to contain only correct items (see the FIXME above in the file).