Drop support for Python 3.5

[lukpueh]

Please fill in the fields below to submit a pull request. The more information
that is provided, the better.

Fixes #

Description of the changes being introduced by the pull request:

Python 3.5 has now reached its end-of-life and has been retired:
https://www.python.org/dev/peps/pep-0478/

The optional (but highly recommended) 'cryptography' dependency has also just dropped support for 3.5. Continuing support for 3.5 in TUF does not seem worth the effort.

This PR also updates the test configuration accordingly and recomputes the pinned dependencies.

Please verify and check that the pull request fulfills the following
requirements:

• The code follows the Code Style Guidelines
• Tests have been added for the bug fix or new feature
• Docs have been added for the bug fix or new feature

[joshuagl]

Odd that Dependabot didn't detect Enum, I wonder if it's not picking up dependencies which are only used on Python2?

[lukpueh]

... I wonder if it's not picking up dependencies which are only used on Python2?

Could be. I'll keep an eye on it.

Btw. I'm also thinking of a better way to auto-update requirements-pinned.txt (see FIXME comment in in-toto requirements docs, which are the same as for tuf/sslib). I will at least follow up with an issue shortly.

[joshuagl]

Btw. I'm also thinking of a better way to auto-update requirements-pinned.txt (see FIXME comment in in-toto requirements docs, which are the same as for tuf/sslib). I will at least follow up with an issue shortly.

Could be a good use of a scheduled GitHub action, much like securesystemlib's ed25519 check?

[lukpueh]

Could be a good use of a scheduled GitHub action, much like securesystemlib's ed25519 check?

Exactly what I had in mind. :)