Unvendor safe dependencies

[jaraco]

• Move dependencies with no build- or run-time dependency on Setuptools to natural dependencies.
• Rename 'vendor' to 'target'
• Inline the update function.
• Only vendor the dependencies defined in core.
• Re-vendor dependencies.
• Also declare the dependencies as build requirements.
• Remove test_no_missing_dependencies, as that guarantee no longer holds.
• Update reference to wheel, no longer vendored.

Summary of changes

Progress toward #2825.

Pull Request Checklist

• Changes have tests
• News fragment added in newsfragments/.
  (See documentation for details)

[jaraco]

This change will incidentally fix #4483, as now packaging becomes a proper dependency instead of an implicit/hidden one.

[abravalheri]

Hi Jason, thank you very much for having a look on this.

I not 100% sure about the approach. I like the fact that setuptools can bootstrap itself right now without the help of any external tools other than Python stdlib. One of the bootstrap stories in the ecosystem involves installing flit-core, build, installer... I have the impression that an equally viable alternative story with setuptools + pip (with the difference that you are going to have a fully featured environment at that end of the process). That is something nice to have.

One possible alternative is documenting that setuptools should be installed as setuptools[core] whenever outside of the context of [build-system] requires = [...] + raising more informative import errors in the well known scenarios (like importlib-metadata and packaging).

[jaraco]

Thanks for the feedback. I'm not yet sure how I'm going to proceed with this, but given that the tests aren't yet passing, I'm converting this to a draft.