Remove compatibility with legacy versions of Python

[cclauss]

Description

Please include:

• relevant motivation
• a summary of the change
• which issue is fixed.
• any additional dependencies that are required for this change.

Closes: # (issue)
Remove compatibility with legacy versions of Python
Remove src/whoosh/compat.py and then use Python 3 syntax.
Copy b(), memoryview_(), and u() into files that use them on variables to encourage future local refactoring.

Checklist:

• I have performed a self-review of my own code
• I have commented my code in hard-to-understand areas
• I have made corresponding changes to the documentation

[sonarqubecloud]

Quality Gate passed

Issues
48 New issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[codecov]

Codecov Report

Attention: 103 lines in your changes are missing coverage. Please review.

Comparison is base (14ab92f) 80.99% compared to head (daaaea4) 81.19%.

Files	Patch %	Lines
src/whoosh/formats.py	33.33%	6 Missing and 6 partials ⚠️
src/whoosh/automata/fsa.py	57.14%	9 Missing ⚠️
src/whoosh/lang/snowball/hungarian.py	30.76%	9 Missing ⚠️
src/whoosh/lang/snowball/portugese.py	20.00%	8 Missing ⚠️
src/whoosh/lang/snowball/finnish.py	36.36%	7 Missing ⚠️
src/whoosh/lang/snowball/french.py	30.00%	5 Missing and 2 partials ⚠️
src/whoosh/searching.py	28.57%	4 Missing and 1 partial ⚠️
src/whoosh/lang/snowball/spanish.py	33.33%	2 Missing and 2 partials ⚠️
src/whoosh/analysis/tokenizers.py	50.00%	3 Missing ⚠️
src/whoosh/fields.py	78.57%	1 Missing and 2 partials ⚠️
... and 25 more

Additional details and impacted files

@@            Coverage Diff             @@
##             main      #64      +/-   ##
==========================================
+ Coverage   80.99%   81.19%   +0.20%     
==========================================
  Files         133      132       -1     
  Lines       29503    29299     -204     
  Branches     5066     5044      -22     
==========================================
- Hits        23895    23789     -106     
+ Misses       4735     4641      -94     
+ Partials      873      869       -4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[cclauss]

CodeFactor is merely running ruff rule S301 and ruff rule S310
SonarCloud is merely running ruff rule S311 and flagging strings that start with http:// instead of https://.

% ruff --select=S --ignore=S101 # Will return a superset of the security issues raised by CodeFactor + SonarCloud.

% ruff rule S301

suspicious-pickle-usage (S301)

Derived from the flake8-bandit linter.

What it does

Checks for calls to pickle functions or modules that wrap them.

Why is this bad?

Deserializing untrusted data with pickle and other deserialization
modules is insecure as it can allow for the creation of arbitrary objects,
which can then be used to achieve arbitrary code execution and otherwise
unexpected behavior.

Avoid deserializing untrusted data with pickle and other deserialization
modules. Instead, consider safer formats, such as JSON.

If you must deserialize untrusted data with pickle, consider signing the
data with a secret key and verifying the signature before deserializing the
payload, This will prevent an attacker from injecting arbitrary objects
into the serialized data.

Example

import pickle

with open("foo.pickle", "rb") as file:
    foo = pickle.load(file)

Use instead:

import json

with open("foo.json", "rb") as file:
    foo = json.load(file)

References

• Python documentation: pickle — Python object serialization
• Common Weakness Enumeration: CWE-502

[cclauss]

When this is released, please reduce README.md's
https://img.shields.io/pypi/pyversions/Whoosh-Reloaded -->
to match https://devguide.python.org/versions

[ZeroCool940711]

When this is released, please reduce README.md's img.shields.io/pypi/pyversions/Whoosh-Reloaded --> to match devguide.python.org/versions

The list of supported Python versions on Pypi should be fixed when we do the next release. I will be doing a version increase to 3.0.0 after this is merged in an hour or so, since this PR and other changes we've done before will most likely bring breaking changes to projects using whoosh that want to migrate to whoosh-reloaded. I have not made any new release to only do a major version increase once and to not force too many changes too frequently.