import-style prevents vendoring

[jku]

The import style used in securesystemslib:
import securesystemslib.module
is incompatible with vendoring (because it would like to modify the import to from my.vendored.path import securesystemslib.module but that is invalid syntax)

Executable failure example:
https://gist.github.com/jku/22d5f08083c8b7b2f3e552f7ca6c301e

This is mostly a "heads-up": I'm exploring solutions in the TUF issue theupdateframework/python-tuf#1165 and will likely suggest whatever solution is found here.

[joshuagl]

#254 proposed one possible solution for this, curious to see what other solutions exist.

[jku]

So the option that does not need a massive code change (and lets securesystemslib use the namespacing it now does) is to have a module that imports all the other modules (if this module is init.py it works nicely but I don't think that's a requirement).

Now the other modules can import the common module instead of the individual modules (and we hope python does not go into an eternal import-loop) and old code should function just like before because the namespace securesystemslib.<module> is still defined. I have no idea if this is a crime against package design or not

This can be done with absolute or relative paths btw -- but I guess the issue in #254 would not be fixed without removing the package name from everywhere in the code base... the issues are related but not necessarily solved together

[jku]

Fixed in #316 !