parse auth headers using pyparsing instead of regexp

[temoto]

Fixes CPU burn DoS by cubic complexity of whitespace matching in
WWW_AUTH_RELAXED (default) regexp.

[temoto]

@b-c-ds please take a look too, I can't add you to reviewers.

[temoto]

minor update in script/release to read __version__ in source without installing pyparsing

[codecov]

Codecov Report

Merging #182 (bd9ee25) into master (33090ab) will increase coverage by 0.10%.
The diff coverage is 85.10%.

@@            Coverage Diff             @@
##           master     #182      +/-   ##
==========================================
+ Coverage   76.16%   76.26%   +0.10%     
==========================================
  Files           8       12       +4     
  Lines        2618     2667      +49     
==========================================
+ Hits         1994     2034      +40     
- Misses        624      633       +9     

Impacted Files	Coverage Δ
python3/httplib2/__init__.py	83.66% <75.43%> (-0.84%)	⬇️
python2/httplib2/__init__.py	83.20% <78.57%> (-0.39%)	⬇️
python2/httplib2/error.py	88.00% <88.00%> (ø)
python2/httplib2/auth.py	91.66% <91.66%> (ø)
python3/httplib2/auth.py	91.66% <91.66%> (ø)
python3/httplib2/error.py	100.00% <100.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 33090ab...bd9ee25. Read the comment docs.

[b-c-ds]

@temoto I'd never heard of the pyparsing module before... seems like a great alternative to regex. Looks good to me. 👍

[b-c-ds]

Hello, do you know when you are planning to merge this?

[temoto]

@b-c-ds hey, thanks for reminder, I was waiting for more reviews. This fix is released in 0.19.0.