The public libraries are more trustworthy than third-party libs when it comes to security.
See https://docs.python.org/3/library/secrets.html

This is a partial backport of electrum#5947
https://github.com/spesmilo/electrum/pull/5947/commits/004acb906d33ea3a13c87b7b05c67a33e1d3e3d9: ecc: abstract away some usage of python-ecdsa: randrange

and
https://github.com/spesmilo/electrum/commit/120da2783b032be0a58d01c1ef40a23dcff88f2b: util.randrange: use stdlib 'secrets' module instead of 'python-ecdsa'
https://github.com/spesmilo/electrum/commit/2c2e3f8ca40b97c9959b5e424cbf69cde53384cf: util.randrange: expand docstring

Depends on D16664

Delete the rpcuser and rpcpassword lines from the config file (~/.electrum-abc/config), run Electrum ABC, check that the two lines are generated again in the config file.

The code touched in mnemo.py is dead code is kept for historical reason. We still support restoring legacy electrum seed phrases even though we now only generate BIP39 seed phrases for new wallets. So we might as well keep the function for generating such legacy seeds for testing purposes. But there is no way to test it through the application. The change is pretty trivial, so it should be fine.