fix: downgrade to edition 2021 and MSRV 1.80 for stable Rust compatibility

Edition 2024 requires Rust 1.85+ which breaks installation for users
on stable toolchains (e.g., Rust 1.84). Since we support Python 3.9+
targeting enterprise environments, a conservative MSRV aligns with
that philosophy.

Changes:
- Cargo.toml: edition 2024 → 2021, rust-version 1.85 → 1.80
- FFI: #[unsafe(no_mangle)] → #[no_mangle] (edition 2021 syntax)
- Import ordering updated by rustfmt (edition 2021 style)

Fixes cachekit-io/cachekit-py#30

Author: 27Bslash6

Cargo.toml

@@ -1,10 +1,10 @@
 [package]
 name = "cachekit-core"
 version = "0.1.0"
-edition = "2024"
+edition = "2021"
 authors = ["cachekit Contributors"]
 description = "LZ4 compression, xxHash3 integrity, AES-256-GCM encryption for byte payloads"
-rust-version = "1.85"
+rust-version = "1.80"
 license = "MIT"
 repository = "https://github.com/cachekit-io/cachekit-core"
 homepage = "https://github.com/cachekit-io/cachekit-core"

examples/bench_throughput.rs

@@ -55,7 +55,7 @@ fn bench_size(size: usize, iterations: usize) {
     // AES-256-GCM Encrypt
     #[cfg(feature = "encryption")]
     {
-        use ring::aead::{AES_256_GCM, Aad, LessSafeKey, Nonce, UnboundKey};
+        use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, AES_256_GCM};
         let key_bytes = [0u8; 32];
         let unbound = UnboundKey::new(&AES_256_GCM, &key_bytes).unwrap();
         let key = LessSafeKey::new(unbound);
@@ -75,7 +75,7 @@ fn bench_size(size: usize, iterations: usize) {
     // AES-256-GCM Decrypt
     #[cfg(feature = "encryption")]
     {
-        use ring::aead::{AES_256_GCM, Aad, LessSafeKey, Nonce, UnboundKey};
+        use ring::aead::{Aad, LessSafeKey, Nonce, UnboundKey, AES_256_GCM};
         let key_bytes = [0u8; 32];
         let unbound = UnboundKey::new(&AES_256_GCM, &key_bytes).unwrap();
         let key = LessSafeKey::new(unbound);

src/encryption/core.rs

@@ -21,7 +21,7 @@
 
 use crate::metrics::OperationMetrics;
 use ring::{
-    aead::{AES_256_GCM, Aad, LessSafeKey, Nonce, UnboundKey},
+    aead::{Aad, LessSafeKey, Nonce, UnboundKey, AES_256_GCM},
     rand::{SecureRandom, SystemRandom},
 };
 use std::sync::atomic::{AtomicU64, Ordering};

src/encryption/mod.rs

@@ -16,7 +16,7 @@ pub mod key_rotation;
 
 // Re-exports for convenience
 pub use core::{EncryptionError, ZeroKnowledgeEncryptor};
-pub use key_derivation::{KeyDerivationError, derive_domain_key};
+pub use key_derivation::{derive_domain_key, KeyDerivationError};
 pub use key_rotation::{KeyRotationState, RotationAwareHeader};
 
 // RotationAwareHeader is the canonical encryption header
@@ -59,7 +59,7 @@ mod tests {
         assert_eq!(decoded.key_fingerprint, [0x12; 16]);
         assert_eq!(decoded.domain, *b"ench");
         assert_eq!(decoded.key_version, 0); // Non-rotated data
-        // Verify algorithm is always AES-256-GCM (byte value 0)
+                                            // Verify algorithm is always AES-256-GCM (byte value 0)
         assert_eq!(bytes[1], 0);
     }
 

src/ffi/byte_storage.rs

@@ -36,7 +36,7 @@ use std::slice;
 /// - Pointers remain valid for duration of call
 ///
 /// Function is panic-safe and will never unwind across FFI boundary.
-#[unsafe(no_mangle)]
+#[no_mangle]
 pub unsafe extern "C" fn cachekit_compress(
     input: *const u8,
     input_len: usize,
@@ -133,7 +133,7 @@ pub unsafe extern "C" fn cachekit_compress(
 /// - Pointers remain valid for duration of call
 ///
 /// Function is panic-safe and will never unwind across FFI boundary.
-#[unsafe(no_mangle)]
+#[no_mangle]
 pub unsafe extern "C" fn cachekit_decompress(
     input: *const u8,
     input_len: usize,
@@ -220,7 +220,7 @@ pub unsafe extern "C" fn cachekit_decompress(
 ///
 /// # Safety
 /// This is a pure computation with no memory access. Always safe to call.
-#[unsafe(no_mangle)]
+#[no_mangle]
 pub extern "C" fn cachekit_compressed_bound(input_len: usize) -> usize {
     // LZ4 worst case: input_len + (input_len / 255) + 16
     // See: https://github.com/lz4/lz4/blob/dev/lib/lz4.h#L166

src/ffi/encryption.rs

@@ -19,7 +19,7 @@ const TAG_SIZE: usize = 16;
 const CIPHERTEXT_OVERHEAD: usize = NONCE_SIZE + TAG_SIZE; // 28 bytes
 
 #[cfg(feature = "encryption")]
-use crate::encryption::{ZeroKnowledgeEncryptor, derive_domain_key};
+use crate::encryption::{derive_domain_key, ZeroKnowledgeEncryptor};
 #[cfg(feature = "encryption")]
 use crate::ffi::error::CachekitError;
 #[cfg(feature = "encryption")]
@@ -77,7 +77,7 @@ use std::slice;
 /// **RECOMMENDATION**: Store the encryptor handle in a global/singleton and reuse it.
 /// Each handle supports 2^32 (~4 billion) encryptions before requiring a new key.
 #[cfg(feature = "encryption")]
-#[unsafe(no_mangle)]
+#[no_mangle]
 pub unsafe extern "C" fn cachekit_encryptor_new(
     error_out: *mut CachekitError,
 ) -> *mut CachekitEncryptor {
@@ -115,7 +115,7 @@ pub unsafe extern "C" fn cachekit_encryptor_new(
 /// - `handle` must not be used after this call
 /// - Function is panic-safe and will never unwind across FFI boundary
 #[cfg(feature = "encryption")]
-#[unsafe(no_mangle)]
+#[no_mangle]
 pub unsafe extern "C" fn cachekit_encryptor_free(handle: *mut CachekitEncryptor) {
     let _ = catch_unwind(|| {
         // from_opaque_ptr handles null check and validity tracking
@@ -144,7 +144,7 @@ pub unsafe extern "C" fn cachekit_encryptor_free(handle: *mut CachekitEncryptor)
 /// - `handle` must remain valid for duration of call
 /// - Function is panic-safe and will never unwind across FFI boundary
 #[cfg(feature = "encryption")]
-#[unsafe(no_mangle)]
+#[no_mangle]
 pub unsafe extern "C" fn cachekit_encryptor_get_counter(handle: *const CachekitEncryptor) -> u64 {
     let result = catch_unwind(|| {
         // as_ref handles null check and validity tracking
@@ -195,7 +195,7 @@ pub unsafe extern "C" fn cachekit_encryptor_get_counter(handle: *const CachekitE
 ///
 /// Function is panic-safe and will never unwind across FFI boundary.
 #[cfg(feature = "encryption")]
-#[unsafe(no_mangle)]
+#[no_mangle]
 pub unsafe extern "C" fn cachekit_encrypt(
     handle: *mut CachekitEncryptor,
     key: *const u8,
@@ -324,7 +324,7 @@ pub unsafe extern "C" fn cachekit_encrypt(
 ///
 /// Function is panic-safe and will never unwind across FFI boundary.
 #[cfg(feature = "encryption")]
-#[unsafe(no_mangle)]
+#[no_mangle]
 pub unsafe extern "C" fn cachekit_decrypt(
     handle: *const CachekitEncryptor,
     key: *const u8,
@@ -438,7 +438,7 @@ pub unsafe extern "C" fn cachekit_decrypt(
 ///
 /// Function is panic-safe and will never unwind across FFI boundary.
 #[cfg(feature = "encryption")]
-#[unsafe(no_mangle)]
+#[no_mangle]
 pub unsafe extern "C" fn cachekit_derive_key(
     master: *const u8,
     master_len: usize,

src/lib.rs

@@ -68,8 +68,8 @@ pub use byte_storage::{ByteStorage, StorageEnvelope};
 pub mod encryption;
 #[cfg(feature = "encryption")]
 pub use encryption::{
-    EncryptionError, EncryptionHeader, KeyDerivationError, KeyDomain, KeyRotationState,
-    RotationAwareHeader, ZeroKnowledgeEncryptor, derive_domain_key,
+    derive_domain_key, EncryptionError, EncryptionHeader, KeyDerivationError, KeyDomain,
+    KeyRotationState, RotationAwareHeader, ZeroKnowledgeEncryptor,
 };
 
 // C FFI layer (feature-gated)

tests/encryption_tests.rs

@@ -19,7 +19,7 @@
 mod common;
 
 use cachekit_core::encryption::core::{EncryptionError, ZeroKnowledgeEncryptor};
-use cachekit_core::encryption::key_derivation::{KeyDerivationError, derive_domain_key};
+use cachekit_core::encryption::key_derivation::{derive_domain_key, KeyDerivationError};
 use common::fixtures::*;
 
 // Local test constants only used in encryption tests