chore(deps): bump alloy-signer-local from 1.7.3 to 1.8.3

[dependabot]

Bumps alloy-signer-local from 1.7.3 to 1.8.3.

Release notes

Sourced from alloy-signer-local's releases.

v1.8.3

What's Changed

• fix(signer-gcp): use rustls instead of native-tls for gcloud-sdk by @​zerosnacks in alloy-rs/alloy#3844

Full Changelog: alloy-rs/alloy@v1.8.2...v1.8.3

v1.8.2

What's Changed

• revert: "fix(serde): validate JsonStorageKey length during deserialization" by @​mattsse in alloy-rs/alloy#3842
• fix(serde): fix off-by-one in JsonStorageKey length check by @​mattsse in alloy-rs/alloy#3843

Full Changelog: alloy-rs/alloy@v1.8.1...v1.8.2

v1.8.1

What's Changed

• revert: "chore: bump ethereum_ssz to 0.10 and tree_hash to 0.12" by @​mattsse in alloy-rs/alloy#3839

Full Changelog: alloy-rs/alloy@v1.8.0...v1.8.1

v1.8.0

What's Changed

• chore(deps): bump taiki-e/install-action from 2.68.16 to 2.68.25 by @​dependabot[bot] in alloy-rs/alloy#3788
• chore(rpc): clippy happy with outer match by @​jsvisa in alloy-rs/alloy#3793
• fix(serde): validate JsonStorageKey length during deserialization by @​jsvisa in alloy-rs/alloy#3792
• feat(rpc-types-eth): add parent beacon root to BlockOverrides by @​jsvisa in alloy-rs/alloy#3798
• chore(eips): add doc to let check happy by @​jsvisa in alloy-rs/alloy#3797
• fix(provider): use pending nonce in CachedNonceManager init by @​neowangreal in alloy-rs/alloy#3802
• fix(flashblocks): correct receipts type in FlashBlock metadata by @​0xSojol in alloy-rs/alloy#3795
• fix(eips): eip 7594 replace unoptimized iter by @​Syzygy106 in alloy-rs/alloy#3804
• fix(rpc-types-debug): enable serde_with alloc for no_std by @​Shresth79 in alloy-rs/alloy#3811
• chore(deps): bump taiki-e/install-action from 2.68.25 to 2.68.34 by @​dependabot[bot] in alloy-rs/alloy#3814
• chore(deps): bump Swatinem/rust-cache from 2.8.2 to 2.9.1 by @​dependabot[bot] in alloy-rs/alloy#3813
• fix(provider): detect EIP-7594 blob sidecars in BlobGasFiller by @​Shresth79 in alloy-rs/alloy#3815
• fix(consensus): delegate is_create() for Extended::Other instead of hardcoding false by @​neowangreal in alloy-rs/alloy#3796
• fix(rpc-client): return error instead of panic on unexpected batch response by @​neowangreal in alloy-rs/alloy#3807
• fix(transport): return clear error when no transports available by @​neowangreal in alloy-rs/alloy#3806
• chore: add id attributes to issue templates by @​decofe in alloy-rs/alloy#3822
• fix(build): bump gcloud-sdk 0.27.4 -> 0.29.0 for reqwest 0.13 compatibility by @​decofe in alloy-rs/alloy#3823
• fix(node-bindings): use graceful shutdown for anvil by @​mattsse in alloy-rs/alloy#3824
• fix: better arbitrary impl for header by @​klkvr in alloy-rs/alloy#3829
• chore(deps): bump taiki-e/install-action from 2.68.34 to 2.69.7 by @​dependabot[bot] in alloy-rs/alloy#3830
• feat(provider): add watch_headers to Provider trait by @​mattsse in alloy-rs/alloy#3800
• fix(rpc-client): detect is_local in connect_with_config by @​mattsse in alloy-rs/alloy#3837

New Contributors

• @​0xSojol made their first contribution in alloy-rs/alloy#3795
• @​Shresth79 made their first contribution in alloy-rs/alloy#3811

... (truncated)

Changelog

Sourced from alloy-signer-local's changelog.

1.8.3 - 2026-03-27

Bug Fixes

• [signer-gcp] Use rustls instead of native-tls for gcloud-sdk (#3844)

1.8.2 - 2026-03-26

Bug Fixes

• [serde] Fix off-by-one in JsonStorageKey length check (#3843)

Miscellaneous Tasks

• Release 1.8.2
• Release 1.8.2
• Release 1.8.2

Other

• "fix(serde): validate JsonStorageKey length during deserialization" (#3842)

1.8.1 - 2026-03-25

Dependencies

• "chore: bump ethereum_ssz to 0.10 and tree_hash to 0.12" (#3839)

Miscellaneous Tasks

• Release 1.8.1

1.8.0 - 2026-03-25

Bug Fixes

• [rpc-client] Detect is_local in connect_with_config (#3837)
• Better arbitrary impl for header (#3829)
• [node-bindings] Use graceful shutdown for anvil (#3824)
• [build] Bump gcloud-sdk 0.27.4 -> 0.29.0 for reqwest 0.13 compatibility (#3823)
• [transport] Return clear error when no transports available (#3806)
• [rpc-client] Return error instead of panic on unexpected batch response (#3807)
• [consensus] Delegate is_create() for Extended::Other instead of hardcoding false (#3796)
• [provider] Detect EIP-7594 blob sidecars in BlobGasFiller (#3815)
• [rpc-types-debug] Enable serde_with alloc for no_std (#3811)
• [eips] Eip 7594 replace unoptimized iter (#3804)
• [flashblocks] Correct receipts type in FlashBlock metadata (#3795)
• [provider] Use pending nonce in CachedNonceManager init (#3802)
• [serde] Validate JsonStorageKey length during deserialization (#3792)

... (truncated)

Commits

• 3bcda29 chore: release 1.8.3
• 867951b fix(signer-gcp): use rustls instead of native-tls for gcloud-sdk (#3844)
• c36b7b2 chore: release 1.8.2
• b479971 chore: release 1.8.2
• 61768da chore: release 1.8.2
• 2f6826f fix(serde): fix off-by-one in JsonStorageKey length check (#3843)
• 9282f7b revert: "fix(serde): validate JsonStorageKey length during deserialization" (...
• e90f33e chore: release 1.8.1
• 51bf871 revert: "chore: bump ethereum_ssz to 0.10 and tree_hash to 0.12" (#3839)
• 929312b chore: release 1.8.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: dependencies, rust. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[randygrok]

@claude can you review this?

[claude]

Claude finished @randygrok's task —— View job

---

PR Review: alloy-signer-local 1.7.3 → 1.8.3 ✅

Todo List:

• Read repository guidelines (CLAUDE.md)
• Examine the changed files (Cargo.toml and Cargo.lock)
• Review changelog and release notes for potential issues
• Check for breaking changes or compatibility concerns
• Provide comprehensive review feedback

---

Review Summary

Recommendation: ✅ APPROVE - Safe to merge

This is a clean dependency update from Dependabot that updates alloy-signer-local through 3 minor versions (1.7.3 → 1.8.0 → 1.8.1 → 1.8.2 → 1.8.3). All CI checks are passing ✅.

Analysis

Changes Overview

• Files Changed: Cargo.toml (version update) and Cargo.lock (dependency resolution)
• Usage Scope: Used in 2 crates:
  • bin/ev-dev - For mnemonic-based account generation in local dev chain (MnemonicBuilder, English)
  • crates/tests - For test key management (PrivateKeySigner)

Version History Review

The changelog shows only bug fixes and improvements, no breaking changes:

• 1.8.3: Fix for signer-gcp using rustls instead of native-tls
• 1.8.2: Fix off-by-one error in JsonStorageKey length check
• 1.8.1: Reverted ethereum_ssz version bump
• 1.8.0: Multiple bug fixes including better error handling, improved blob support, graceful shutdown

Compatibility Assessment

✅ No breaking changes - All changes are backward compatible
✅ Version alignment - The update maintains compatibility with other Alloy dependencies (most at 1.6.3)
✅ Feature usage - The ["mnemonic"] feature is preserved
✅ API stability - Both MnemonicBuilder and PrivateKeySigner APIs are unchanged

CI Status

• ✅ e2e tests: PASSED
• ✅ unit tests: PASSED
• ✅ integration tests: PASSED
• ✅ lint: PASSED
• ✅ docker: PASSED

Minor Issue Noted

The Dependabot comment mentions missing labels (dependencies, rust) in the repo configuration, but this doesn't affect the PR's technical merit.

Conclusion

This is a routine maintenance update with only bug fixes and improvements. The changes pose no risk to the existing functionality and all tests pass. The update should improve reliability, particularly around error handling and TLS usage.

Ready for merge 🚀

---

[randygrok]

close in favor of #199

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.