chore(deps): bump generic-array from 0.14.7 to 1.3.5

[dependabot]

Bumps generic-array from 0.14.7 to 1.3.5.

Release notes

Sourced from generic-array's releases.

1.0.0

Changelog

Primary PR

Changelog

Sourced from generic-array's changelog.

• (unreleased)

  • Add subtle, arbitrary, bytemuck, bitvec and as-slice implementations for GenericArray.
  • Add GenericSequence::repeat for creating sequences/arrays with repeated elements.
  • Add FallibleGenericSequence with try_generate and from_fallible_iter for fallible generation of sequences/arrays.
  • Add try_fold and try_map to FunctionalSequence for fallible folding/mapping of sequences/arrays.
  • Add try_from_fallible_iter to GenericArray for fallible construction from fallible iterators.
  • Add each_ref/each_mut methods to GenericArray for creating arrays of references to the elements.

• 1.3.5

  • Fixed const_transmute not compiling between Rust versions 1.74.0 and 1.83.0. Yanked 1.3.4.

• 1.3.4

  • Significantly improve stack usage of GenericArray methods in unoptimized (-C opt-level=0) build modes.
  • Introduce the hybrid-array-0_4 feature to allow interop between generic-array 1.x and hybrid-array 0.4 versions.
  • Add ConstGenericArray type alias for easier usage with literal const usizes.
  • Implement ZeroizeOnDrop for GenericArray when T: ZeroizeOnDrop (when using the zeroize feature).

• 1.3.2

  • Introduce the compat-0_14 feature to allow interop between generic-array 1.x and 0.14 versions.

• 1.3.1

  • Lower MSRV to 1.65.0 (minimum required for GATs)
  • Make some functions const only on Rust 1.83.0 or newer, otherwise they are non-const.
  • Implement core::error::Error for LengthError on Rust 1.81.0 or newer.

• 1.3.0

  • Restrict ArrayLength to lengths representable by usize to fix soundness issues #156 (may break invalid code)
  • Flatten internal representation to improve miri performance #157
  • Use serde_core instead of serde

• 1.2.1

  • Replace doc_auto_cfg with doc_cfg #155

• 1.2.0

  • Mark more functions as const
  • Bump MSRV to 1.83.0 (reverted in generic-array 1.3.1)

• 1.1.1

  • Add Flatten and Unflatten traits for converting between nested arrays.

• 1.1.0

  • Add Remove trait that adds remove/swap_remove to GenericArray (inspired by #147)
  • Soft-deprecate internals::ArrayBuilder in favor of internals::IntrusiveArrayBuilder

• 1.0.1

  • Update faster-hex dependency
  • Mark from_iter as #[inline] to significantly improve codegen.

• 1.0.0

  • Use GATs for ArrayLength !

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[greptile-apps]

Greptile Summary

This dependency bump introduces a breaking change that will likely cause compilation failures.

Issue

generic-array was bumped from 0.14 to 1.3, but crypto_secretbox (a dependency used for encryption) still uses generic-array 0.14.7. The explicit dependency on generic-array with the serde feature was enabling serde serialization support for the 0.14.x version.

By changing to version 1.3, the serde feature is now only enabled for generic-array 1.3.5, not for 0.14.7. This breaks serialization of EncryptedHistory in crates/atuin-client/src/encryption.rs:30 and crates/atuin-client/src/sync.rs:72,160, which contains Nonce<XSalsa20Poly1305> - a type based on GenericArray from version 0.14.7.

Recommendation

Revert to generic-array = { version = "0.14", features = ["serde"] } or explore alternatives like upgrading crypto_secretbox to a version compatible with generic-array 1.x.

Important Files Changed

Filename	Overview
crates/atuin-client/Cargo.toml	Major version bump from 0.14 to 1.3 breaks serde feature unification with crypto_secretbox dependency
Cargo.lock	Now contains both generic-array 0.14.7 (used by crypto_secretbox) and 1.3.5, but only 1.3.5 has serde enabled

_{Last reviewed commit: ef303fd}

[greptile-apps]

_{2 files reviewed, 1 comment}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

Bumping from 0.14 to 1.3 breaks serde serialization. crypto_secretbox (line 55) uses generic-array 0.14.7, and EncryptedHistory serializes Nonce<XSalsa20Poly1305> which contains a GenericArray from 0.14.7. The serde feature must be enabled on the 0.14.x version, but this change only enables it on 1.3.x.

Suggested change

	generic-array = { version = "1.3", features = ["serde"] }
	generic-array = { version = "0.14", features = ["serde"] }