Overview

• What does this change accomplish and why?

  • This exposes two TLS capabilities to Unison code:
    • Tls.ClientConfig.alpn.set
    • Tls.negotiatedProtocol
  • Before this change, Unison code could create TLS client configs but could not request ALPN protocols during
    the handshake or inspect the negotiated protocol afterwards.
  • After this change, Unison code can configure ALPN on TLS client configs and read back the negotiated
    protocol from a TLS connection.

• Include "before and after" examples if appropriate. (You can copy/paste screenshots directly into this
  editor.)

• List any Github issues that this PR closes, in [closing-issues-using-keywords](https://help.github.com/
  en/enterprise/2.16/user/github/managing-your-work-on-github/closing-issues-using-keywords) format.

Implementation approach and notes

This adds two builtins through the existing TLS runtime path:

• Tls.ClientConfig.alpn.set updates the underlying Haskell tls client hooks to advertise the provided ALPN
  protocol list.
• Tls.negotiatedProtocol exposes the negotiated application protocol from the TLS context.

The change updates:

• the runtime foreign function enum and builtin names
• builtin registration in unison-runtime
• builtin types in parser-typechecker

Interesting/controversial decisions

I split this into two small pieces of surface area:

• ALPN configuration
• negotiated protocol introspection

The second is not strictly required for configuration, but it makes the behavior much easier to observe and
validate.

Test coverage

• Have you included tests (which could be a transcript) for this change, or is it somehow covered by
  existing tests?

  • I validated this by rebuilding the affected runtime/parser/CLI packages and confirming the new builtins
    appear after builtins.merge.

• Would you recommend improving the test coverage (either as part of this PR or as a separate issue) or do
  you think it’s adequate?

  • Yes. A transcript or targeted runtime-level test would improve coverage here.

• If you only tested by hand, because that's all that's practical to do for this change, mention that.
  Include screenshots.

  • This was tested by hand with a rebuilt local Unison binary and builtin-surface checks.

Loose ends

• This PR adds the runtime/builtin surface only. Follow-up docs or transcript coverage would be useful.

Final checklist

• Choose your PR title well: Your pull request title is what's used to create release notes, so please
  make it descriptive of the change itself, which may be different from the initial motivation to make the
  change.
• Update your PR description if the specifics of the PR have changed over time.
• Include transcripts or screenshots that demonstrate the changed behavior.
• If you changed .cabal files, make sure the package.yaml files are up-to-date instead.