packaging: bump dulwich to 0.20.45 I'm told the new dulwich avoids hg-git test failures.

packaging: update keyring on Windows to avoid spurious stacktraces When challenged for a network password, this would spew on Windows before it actually used the stored password: ``` Error initializing plugin EntryPoint(name='libsecret', value='keyring.backends.libsecret', group='keyring.backends'). Traceback (most recent call last): File "keyring.backend", line 198, in _load_plugins init_func = ep.load() File "importlib.metadata", line 77, in load module = import_module(match.group('module')) File "importlib", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "<frozen importlib._bootstrap>", line 1030, in _gcd_import File "<frozen importlib._bootstrap>", line 1007, in _find_and_load File "<frozen importlib._bootstrap>", line 984, in _find_and_load_unlocked ModuleNotFoundError: No module named 'keyring.backends.libsecret' Error initializing plugin EntryPoint(name='macOS', value='keyring.backends.macOS', group='keyring.backends'). Traceback (most recent call last): File "keyring.backend", line 198, in _load_plugins init_func = ep.load() File "importlib.metadata", line 77, in load module = import_module(match.group('module')) File "importlib", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "<frozen importlib._bootstrap>", line 1030, in _gcd_import File "<frozen importlib._bootstrap>", line 1007, in _find_and_load File "<frozen importlib._bootstrap>", line 984, in _find_and_load_unlocked ModuleNotFoundError: No module named 'keyring.backends.macOS' ``` We're kinda threading a needle here because the next version of `keyring` (currently at 23.7.0) requires `importlib-metadata` 3.6+, which PyOxidizer 0.22 doesn't support[1]. [1] https://github.com/indygreg/PyOxidizer/issues/609

setup: use the full executable manifest from `python.exe` The manifest embedded by the build process (before the string here is added) already accounts for the `<requestedExecutionLevel level="asInvoker" ...>` setting. (Note that the PyOxidizer build is missing this, so it will likely trigger the UAC escalation prompt on each run.) However, using `mt.exe` to merge the fragment with what is already in the manifest seems to strip all whitespace, making it unreadable. Since Mercurial can be run via `python.exe`, it makes sense that we would have the same manifest settings (like the supported OS list), though I'm unaware of any functionality this enables. It also has the nice effect of making the content readable from a resource editor. The manifest comes from python 3.9.12. Note that this seems to strip the `<?xml ... ?>` declaration when viewed with ResourceHacker 5.1.7, but this was also the state of things with the previous commit, and `mt.exe "-inputresource:hg.exe;#1" -out:extracted` does contain the declaration and the BOM in both cases. No idea why this differs from other executables.

setup: unconditionally enable the `long-paths-support` option on Windows I don't see anything talking about why this was experimental in the first place, but maybe it was concern about the level of python2 support for it. But now, both `python.exe` and the PyOxidizer build of `hg.exe` have a manifest that enables it, so leaving it off would mean some Mercurial installations could operate on a repo with long paths, and others couldn't. Note that only the wide character functions (XxxW) will have the length restriction lifted. Sadly, distutils applies `/MANIFEST:EMBED` to the linker in a way that can't easily be turned off, so we can't use `/MANIFESTFILE` with `extra_preargs` on `link_executable`. Fortunately, the compiler object provides a path to the `mt.exe` it found during initialization, because the previous incarnation seems to have assumed it is being run within an activated Visual Studio environment. That causes MSYS builds to fail, and probably would have broke the CI environment.

setup: stop shadowing the builtin `dir` symbol I hit this when debugging what's available on the compiler.

subrepo: avoid opening console window for non-native subrepos on Windows Prevent annoying command prompt windows popping up when using TortoiseHG with Git and SVN subrepos by passing creationflags=subprocess.CREATE_NO_WINDOW to subprocess.Popen.

mergestate: action name was str Apparently the standard for them is still to use byte strings. Found while looking at something else

ci: bump pytype to 2022.03.29 This is as far as we can go without running into issues with the vendored `attr` package. I tried updating that to the latest, and not only did it not fix the issue, but test-util.py failed due to some poking at `attr` internals that apparently is no longer valid. The `libcst` package is now pinned to what I have locally because trying to install the latest (0.4.7) complains that it can't find the Rust compiler. We should probably use a requirements file instead (and/or figure out why it can't find the Rust compiler), but I don't feel like dealing with another side quest.

typing: suppress a few attribute errors in url.py These are newly detected by pytype 2022.03.21. Not sure what is going on here- `realhostport` and `headers` are added outside of the constructor, so that makes sense. But PyCharm also thinks the private methods don't exist, though when clicking through the class hierarchy, it shows in the py3.9 source code.

typing: suppress a few pyi-errors with more recent pytype Not sure what's going on here, but these were flagged with pytype 2022.03.21. We can't update to something much more recent, because newer versions complain about various `attr` uses.

sslutil: another use proper attribute to select python 3.7+ The previous attribute was python 3.6+, but guarded a python 3.7+ block Using the correct attribute avoids: + File "/tmp/hgtests.bc0_uk2d/install/lib/python/mercurial/sslutil.py", line 577, in wrapserversocket + sslcontext.minimum_version = ssl.TLSVersion.TLSv1_1 + AttributeError: module 'ssl' has no attribute 'TLSVersion'

sslutil: use proper attribute to select python 3.7+ The previous attribute was python 3.6+, but guarded a python 3.7+ block. Using the correct attribute avoids: File "/usr/lib64/python3.6/site-packages/mercurial/sslutil.py", line 334, in wrapsocket sslcontext.minimum_version = ssl.TLSVersion.TLSv1_1 AttributeError: module 'ssl' has no attribute 'TLSVersion'