Switch httpcore2 from certifi to truststore for default SSL verification

[Kludex]

#209 switched httpx2 to truststore but left httpcore2 declaring certifi directly and loading certifi.where() in default_ssl_context(). Since httpx2 always builds its own truststore context and passes it down, certifi was only ever exercised when httpcore2 is used directly with ssl_context=None - but it was still installed and imported regardless.

This mirrors #209 at the httpcore2 layer. certifi now survives only as a transitive test dependency of requests, no longer pulled in by either package.

mypy, ruff, and the full httpcore2 test suite (223 tests) pass.

AI Disclaimer

This PR was developed with the assistance of either Claude or Codex. I've reviewed and verified the changes.

[github-actions]

Docs preview: https://a1e796a0-httpx2-docs.pydantic.workers.dev

[codspeed-hq]

Merging this PR will not alter performance

✅ 15 untouched benchmarks
⏩ 7 skipped benchmarks¹

---

_{Comparing switch-httpcore2-to-truststore (7930a59) with main (4fe6b77)}

Footnotes

1. 7 benchmarks were skipped, so the baseline results were used instead. If they were deleted from the codebase, click here and archive them to remove them from the performance reports. ↩

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 635c68bdbb

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".