Use system trust store by default (#328)

After internal discussion with @kyteinsky when we tested this
nextcloud/app_api#448 - it was found out that
the `test-deploy` ExApp from AppAPI "Test Deploy" button action fails in
such setups, since the Python library "httpx" ignores system
certificates by default.

reference: encode/httpx#302

Temporary workaround, until "httpx" will change it's behavior.

---------

Signed-off-by: bigcat88 <[email protected]>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>

nc_py_api/_version.py

@@ -1,3 +1,3 @@
 """Version of nc_py_api."""
 
-__version__ = "0.18.1"
+__version__ = "0.18.2"

nc_py_api/options.py

@@ -33,11 +33,22 @@
 SSL certificates (a.k.a CA bundle) used to  verify the identity of requested hosts. Either **True** (default CA bundle),
 a path to an SSL certificate file, or **False** (which will disable verification)."""
 str_val = environ.get("NPA_NC_CERT", "True")
-NPA_NC_CERT = True
+# https://github.com/encode/httpx/issues/302
+# when "httpx" will switch to use "truststore" by default - uncomment next line
+# NPA_NC_CERT = True
 if str_val.lower() in ("false", "0"):
     NPA_NC_CERT = False
 elif str_val.lower() not in ("true", "1"):
     NPA_NC_CERT = str_val
+else:
+    # Temporary workaround, see comment above.
+    # Use system certificate stores
+
+    import ssl
+
+    import truststore
+
+    NPA_NC_CERT = truststore.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
 
 CHUNKED_UPLOAD_V2 = environ.get("CHUNKED_UPLOAD_V2", True)
 """Option to enable/disable **version 2** chunked upload(better Object Storages support).

pyproject.toml

@@ -49,6 +49,7 @@ dependencies = [
   "httpx>=0.25.2",
   "pydantic>=2.1.1",
   "python-dotenv>=1",
+  "truststore==0.10",
   "xmltodict>=0.13",
 ]
 optional-dependencies.app = [