build(deps): Bump zip from 0.6.6 to 1.2.3 in /rust (#4970)

Bumps [zip](https://github.com/zip-rs/zip2) from 0.6.6 to 1.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/zip-rs/zip2/releases">zip's
releases</a>.</em></p>
<blockquote>
<h2>v1.2.3</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Remove a window when an extracted directory might be unexpectedly
listable and/or <code>cd</code>able by non-owners</li>
<li>Extract directory contents on Unix even if the directory doesn't
have write permission (<a
href="https://redirect.github.com/zip-rs/zip-old/issues/423">zip-rs/zip-old#423</a>)</li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h3>
<ul>
<li>More conditionally-unused imports</li>
</ul>
<h2>v1.2.2</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Failed to clear &quot;writing_raw&quot; before finishing a symlink,
leading to dropped extra fields</li>
</ul>
<h3><!-- raw HTML omitted -->⚡ Performance</h3>
<ul>
<li>Use boxed slice for archive comment, since it can't be
concatenated</li>
<li>Optimize for the fact that false signatures can't overlap with real
ones</li>
</ul>
<h2>v1.2.1</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Prevent panic when trying to read a file with an unsupported
compression method</li>
<li>Prevent panic after reading an invalid LZMA file</li>
<li>Make <code>Stored</code> the default compression method if
<code>Deflated</code> isn't available, so that zip files are readable by
as much software as possible</li>
<li>version_needed was wrong when e.g. cfg(bzip2) but current file
wasn't bzip2 (<a
href="https://redirect.github.com/zip-rs/zip2/pull/100">#100</a>)</li>
<li>file paths shouldn't start with slashes (<a
href="https://redirect.github.com/zip-rs/zip2/pull/102">#102</a>)</li>
</ul>
<h3><!-- raw HTML omitted -->🚜 Refactor</h3>
<ul>
<li>Overhaul <code>impl Arbitrary for FileOptions</code></li>
<li>Remove unused <code>atomic</code> module</li>
</ul>
<h2>v1.2.0</h2>
<h3><!-- raw HTML omitted -->🚀 Features</h3>
<ul>
<li>Add method <code>decompressed_size()</code> so non-recursive ZIP
bombs can be detected</li>
</ul>
<h3><!-- raw HTML omitted -->🚜 Refactor</h3>
<ul>
<li>Make <code>ZipWriter::finish()</code> consume the
<code>ZipWriter</code></li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h3>
<ul>
<li>Use panic! rather than abort to ensure the fuzz harness can process
the failure</li>
<li>Update fuzz_write to use replace_with</li>
<li>Remove a drop that can no longer be explicit</li>
<li>Add <code>#![allow(unexpected_cfgs)]</code> in nightly</li>
</ul>
<h2>v1.1.4</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Rare bug where find_and_parse would give up prematurely on detecting
a false end-of-CDR header</li>
</ul>
<h2>v1.1.3</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Alignment was previously handled incorrectly (<a
href="https://redirect.github.com/Pr0methean/zip/pull/33">#33</a>)</li>
</ul>
<h3><!-- raw HTML omitted -->🚜 Refactor</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/zip-rs/zip2/blob/master/CHANGELOG.md">zip's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/zip-rs/zip2/compare/v1.2.2...v1.2.3">1.2.3</a>
- 2024-05-10</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Remove a window when an extracted directory might be unexpectedly
listable and/or <code>cd</code>able by non-owners</li>
<li>Extract directory contents on Unix even if the directory doesn't
have write permission (<a
href="https://redirect.github.com/zip-rs/zip-old/issues/423">zip-rs/zip-old#423</a>)</li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h3>
<ul>
<li>More conditionally-unused imports</li>
</ul>
<h2><a
href="https://github.com/zip-rs/zip2/compare/v1.2.1...v1.2.2">1.2.2</a>
- 2024-05-09</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Failed to clear &quot;writing_raw&quot; before finishing a symlink,
leading to dropped extra fields</li>
</ul>
<h3><!-- raw HTML omitted -->⚡ Performance</h3>
<ul>
<li>Use boxed slice for archive comment, since it can't be
concatenated</li>
<li>Optimize for the fact that false signatures can't overlap with real
ones</li>
</ul>
<h2><a
href="https://github.com/zip-rs/zip2/compare/v1.2.0...v1.2.1">1.2.1</a>
- 2024-05-06</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Prevent panic when trying to read a file with an unsupported
compression method</li>
<li>Prevent panic after reading an invalid LZMA file</li>
<li>Make <code>Stored</code> the default compression method if
<code>Deflated</code> isn't available, so that zip files are readable by
as much software as possible</li>
<li>version_needed was wrong when e.g. cfg(bzip2) but current file
wasn't bzip2 (<a
href="https://redirect.github.com/zip-rs/zip2/pull/100">#100</a>)</li>
<li>file paths shouldn't start with slashes (<a
href="https://redirect.github.com/zip-rs/zip2/pull/102">#102</a>)</li>
</ul>
<h3><!-- raw HTML omitted -->🚜 Refactor</h3>
<ul>
<li>Overhaul <code>impl Arbitrary for FileOptions</code></li>
<li>Remove unused <code>atomic</code> module</li>
</ul>
<h2><a
href="https://github.com/zip-rs/zip2/compare/v1.1.4...v1.2.0">1.2.0</a>
- 2024-05-06</h2>
<h3><!-- raw HTML omitted -->🚀 Features</h3>
<ul>
<li>Add method <code>decompressed_size()</code> so non-recursive ZIP
bombs can be detected</li>
</ul>
<h3><!-- raw HTML omitted -->🚜 Refactor</h3>
<ul>
<li>Make <code>ZipWriter::finish()</code> consume the
<code>ZipWriter</code></li>
</ul>
<h3><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h3>
<ul>
<li>Use panic! rather than abort to ensure the fuzz harness can process
the failure</li>
<li>Update fuzz_write to use replace_with</li>
<li>Remove a drop that can no longer be explicit</li>
<li>Add <code>#![allow(unexpected_cfgs)]</code> in nightly</li>
</ul>
<h2><a
href="https://github.com/zip-rs/zip2/compare/v1.1.3...v1.1.4">1.1.4</a>
- 2024-05-04</h2>
<h3><!-- raw HTML omitted -->🐛 Bug Fixes</h3>
<ul>
<li>Build was failing with bzip2 enabled</li>
<li>use is_dir in more places where Windows paths might be handled
incorrectly</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/zip-rs/zip2/commits/v1.2.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=zip&package-manager=cargo&previous-version=0.6.6&new-version=1.2.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Not Applicable <ReactorScram@users.noreply.github.com>

rust/Cargo.lock

@@ -148,6 +148,15 @@ version = "1.0.82"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f538837af36e6f6a9be0faa67f9a314f8119e4e4b5867c6ab40ed60360142519"
 
+[[package]]
+name = "arbitrary"
+version = "1.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "7d5a26814d8dcb93b0e5a0ff3c6d80a8843bafb21b39e8e18a6f05471870e110"
+dependencies = [
+ "derive_arbitrary",
+]
+
 [[package]]
 name = "arboard"
 version = "3.3.2"
@@ -1489,6 +1498,17 @@ dependencies = [
  "syn 1.0.109",
 ]
 
+[[package]]
+name = "derive_arbitrary"
+version = "1.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "67e77553c4162a157adbf834ebae5b415acbecbeafc7a74b0e886657506a7611"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.57",
+]
+
 [[package]]
 name = "derive_more"
 version = "0.99.17"
@@ -1573,6 +1593,17 @@ version = "0.2.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "bd0c93bb4b0c6d9b77f4435b0ae98c24d17f1c45b2ff844c6151a07256ca923b"
 
+[[package]]
+name = "displaydoc"
+version = "0.2.4"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.57",
+]
+
 [[package]]
 name = "dns-lookup"
 version = "2.0.4"
@@ -8140,14 +8171,17 @@ dependencies = [
 
 [[package]]
 name = "zip"
-version = "0.6.6"
+version = "1.2.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "760394e246e4c28189f19d488c058bf16f564016aefac5d32bb1f3b51d5e9261"
+checksum = "c700ea425e148de30c29c580c1f9508b93ca57ad31c9f4e96b83c194c37a7a8f"
 dependencies = [
- "byteorder",
+ "arbitrary",
  "crc32fast",
  "crossbeam-utils",
+ "displaydoc",
  "flate2",
+ "indexmap 2.2.6",
+ "thiserror",
  "time",
 ]
 

rust/gui-client/src-tauri/Cargo.toml

@@ -50,7 +50,7 @@ tracing-panic = "0.1.2"
 tracing-subscriber = { version = "0.3.17", features = ["env-filter"] }
 url = { version = "2.5.0", features = ["serde"] }
 uuid = { version = "1.7.0", features = ["v4"] }
-zip = { version = "0.6.6", features = ["deflate", "time"], default-features = false }
+zip = { version = "1.2.3", features = ["deflate", "time"], default-features = false }
 
 [target.'cfg(target_os = "linux")'.dependencies]
 dirs = "5.0.1"

rust/gui-client/src-tauri/src/client/logging.rs

@@ -178,7 +178,7 @@ fn add_dir_to_zip(
     src_dir: &Path,
     dst_stem: &Path,
 ) -> Result<()> {
-    let options = zip::write::FileOptions::default();
+    let options = zip::write::SimpleFileOptions::default();
     for entry in fs::read_dir(src_dir).context("Failed to `read_dir` log dir")? {
         let entry = entry.context("Got bad entry from `read_dir`")?;
         let Some(path) = dst_stem