chore(deps): bump the rust-dependencies group with 6 updates

[dependabot]

Bumps the rust-dependencies group with 6 updates:

Package	From	To
anyhow	1.0.102	1.0.103
rustls	0.23.40	0.23.41
napi	3.9.3	3.9.4
napi-derive	3.5.6	3.5.7
rustyline	18.0.0	18.0.1
mira-eval	0.2.0	0.3.0

Updates anyhow from 1.0.102 to 1.0.103

Release notes

Sourced from anyhow's releases.

1.0.103

• Fix Stacked Borrows violation (UB) in Error::downcast_mut (#451, #452)

Commits

• 5bdb0e2 Release 1.0.103
• e621bd3 Merge pull request #452 from dtolnay/downcast
• 6e8c000 Eliminate pointer->reference->pointer during downcast
• 67c4abd Add regression test for issue 451
• 917a169 Update actions/upload-artifact@v6 -> v7
• d9dc3fa Update actions/checkout@v6 -> v7
• 841522b Raise minimum tested compiler to rust 1.85
• See full diff in compare view

Updates rustls from 0.23.40 to 0.23.41

Commits

• 642a103 ci: drop Taplo job
• 752c144 Drop nightly clippy tests
• 8d8611a Fix new clippy::useless-borrows-in-formatting
• ebf3297 Fix new clippy::manual_clear
• 46808e7 ci: sync cargo-check-external-types nightly
• 041a8d2 Cargo deny: allow RUSTSEC-2026-0173
• 62e220e Take semver-compatible dependency updates
• 3c14696 Upgrade to hickory-resolver 0.26
• 848a2cc connect-tests: delete ech.rs
• 5ce9cac Bump version to 0.23.41
• Additional commits viewable in compare view

Updates napi from 3.9.3 to 3.9.4

Release notes

Sourced from napi's releases.

napi-v3.9.4

Other

• (napi-derive) outline #[napi(object)] field-error decoration (#3338)

Commits

• 9cc199f chore: release (#3345)
• b77119e chore(release): publish
• 71ce9f6 chore(deps): update actions/cache action to v6 (#3349)
• 8c87f47 chore(deps): update @​tybys/wasm-util to 0.10.3 (#3348)
• 04e2a76 chore(deps): update cross-platform-actions/action action to v1.3.0 (#3346)
• 54ecbe4 chore(deps): update actions/checkout action to v7 (#3340)
• 3dd0c30 perf(napi-derive): outline #[napi(object)] field-error decoration (#3338)
• 81ac3d9 build(deps): bump undici from 6.26.0 to 6.27.0 (#3342)
• See full diff in compare view

Updates napi-derive from 3.5.6 to 3.5.7

Release notes

Sourced from napi-derive's releases.

napi-derive-v3.5.7

Other

• updated the following local packages: napi-derive-backend

Commits

• 9cc199f chore: release (#3345)
• b77119e chore(release): publish
• 71ce9f6 chore(deps): update actions/cache action to v6 (#3349)
• 8c87f47 chore(deps): update @​tybys/wasm-util to 0.10.3 (#3348)
• 04e2a76 chore(deps): update cross-platform-actions/action action to v1.3.0 (#3346)
• 54ecbe4 chore(deps): update actions/checkout action to v7 (#3340)
• 3dd0c30 perf(napi-derive): outline #[napi(object)] field-error decoration (#3338)
• 81ac3d9 build(deps): bump undici from 6.26.0 to 6.27.0 (#3342)
• ee58383 chore(napi): release v3.9.3 (#3335)
• c787276 fix(napi): sync referred flag when creating a weak ThreadsafeFunction (#3337)
• Additional commits viewable in compare view

Updates rustyline from 18.0.0 to 18.0.1

Release notes

Sourced from rustyline's releases.

18.0.1

What's Changed

• Fix page_completions #949, #948

Full Changelog: kkawakam/rustyline@v18.0.0...v18.0.1

Commits

• cc1aab0 Prepare 18.0.1 release
• eb7ab82 Merge pull request #949 from gwenn/comp
• See full diff in compare view

Updates mira-eval from 0.2.0 to 0.3.0

Release notes

Sourced from mira-eval's releases.

Release v0.3.0

Added

• Self-describing results. A RunResult (and the persisted cases/<key>/result.json) now carries the sample's input (the prompt turns sent) and expected (the reference value, when the dataset provides one), so a saved result can be read back without the original dataset. Both are optional on the wire — input omitted when empty, expected when absent.
• Docs diagrams. Five new committed SVGs visualise the model, each in its topical guide: the end-to-end workflow (mira-workflow.svg — author → plan → execute → score → report) in getting-started.md, the entity hierarchy (mira-entities.svg — study ▸ eval ▸ dataset/subject/scorers/targets/axes, expanded into cases · trials · transcripts · scores) in authoring.md, the host ⇄ study run lifecycle (mira-run-lifecycle.svg — the protocol sequence for one run) in how-it-works.md, the subject fan-in (mira-subjects.svg — the three subject shapes normalising into one Transcript) in subjects.md, and the scoring flow (mira-scoring.svg — transcript surfaces → scorers → case verdict) in scorers.md. Indexed in docs/README.md.
• JSONL and CSV report formats (--format jsonl / --format csv) for un-aggregated, analysis-ready exports. jsonl writes one RunResult per line (lossless — the line-delimited dual of json); csv is long-format, one row per (case × score) with the case columns repeated and open-vocabulary metrics/metadata flattened into stable metric.*/meta.* columns. Both work anywhere --out/--format do (run, report, score); a --group-by view is intentionally not folded in — the consumer aggregates the rows.
• Per-case wall-clock timeout: give up on a case after a budget of seconds, cancelling the in-flight run (best-effort cancel over the protocol) and recording it as a failed case. Set it on the CLI (mira run --timeout SECONDS, all targets), per target in mira.toml ([targets.LABEL].timeout), or as a preset default ([presets.NAME].timeout). Precedence, first set wins: --timeout > per-target > preset; unset ⇒ no limit. A timeout is non-retryable (retrying would burn the same budget) and counts as a target failure.
• Glob case selection. --targets, --samples (new), and --evals (new) match the target label / sample id / eval name by glob (*, ?, [set], {a,b}); a literal value stays an exact match. --axis values are globbed too. A small dep-free matcher (mira::glob_match) backs both the host and the in-process Runner (Runner::samples(…), glob-aware Runner::targets(…)).

Changed

• BREAKING (preset): the preset filter key is replaced by per-dimension samples (glob on sample id). targets/samples/evals in [presets.NAME] now glob-match and accept either a single string or a list. The cross-cutting case-key substring stays available as the positional mira run [filter].

Changelog

Sourced from mira-eval's changelog.

[0.3.0] - 2026-06-28

Added

• Self-describing results. A RunResult (and the persisted cases/<key>/result.json) now carries the sample's input (the prompt turns sent) and expected (the reference value, when the dataset provides one), so a saved result can be read back without the original dataset. Both are optional on the wire — input omitted when empty, expected when absent.
• Docs diagrams. Five new committed SVGs visualise the model, each in its topical guide: the end-to-end workflow (mira-workflow.svg — author → plan → execute → score → report) in getting-started.md, the entity hierarchy (mira-entities.svg — study ▸ eval ▸ dataset/subject/scorers/targets/axes, expanded into cases · trials · transcripts · scores) in authoring.md, the host ⇄ study run lifecycle (mira-run-lifecycle.svg — the protocol sequence for one run) in how-it-works.md, the subject fan-in (mira-subjects.svg — the three subject shapes normalising into one Transcript) in subjects.md, and the scoring flow (mira-scoring.svg — transcript surfaces → scorers → case verdict) in scorers.md. Indexed in docs/README.md.
• JSONL and CSV report formats (--format jsonl / --format csv) for un-aggregated, analysis-ready exports. jsonl writes one RunResult per line (lossless — the line-delimited dual of json); csv is long-format, one row per (case × score) with the case columns repeated and open-vocabulary metrics/metadata flattened into stable metric.*/meta.* columns. Both work anywhere --out/--format do (run, report, score); a --group-by view is intentionally not folded in — the consumer aggregates the rows.
• Per-case wall-clock timeout: give up on a case after a budget of seconds, cancelling the in-flight run (best-effort cancel over the protocol) and recording it as a failed case. Set it on the CLI (mira run --timeout SECONDS, all targets), per target in mira.toml ([targets.LABEL].timeout), or as a preset default ([presets.NAME].timeout). Precedence, first set wins: --timeout > per-target > preset; unset ⇒ no limit. A timeout is non-retryable (retrying would burn the same budget) and counts as a target failure.
• Glob case selection. --targets, --samples (new), and --evals (new) match the target label / sample id / eval name by glob (*, ?, [set], {a,b}); a literal value stays an exact match. --axis values are globbed too. A small dep-free matcher (mira::glob_match) backs both the host and the in-process Runner (Runner::samples(…), glob-aware Runner::targets(…)).

Changed

• BREAKING (preset): the preset filter key is replaced by per-dimension samples (glob on sample id). targets/samples/evals in [presets.NAME] now glob-match and accept either a single string or a list. The cross-cutting case-key substring stays available as the positional mira run [filter].

Commits

• 0830385 chore(release): prepare v0.3.0 (#57)
• 5c4dd31 docs: richer crate READMEs with CLI flow diagram and brew install (#56)
• b40f4f7 docs: drop diagrams section from docs index (#55)
• 314dc97 feat(report): JSONL and CSV export formats for raw analysis (#54)
• 3d9fc22 feat(protocol): add input/expected to RunResult and result.json (#53)
• 015e486 docs: add conceptual diagrams for the core model (#52)
• bc07e5c feat(sdks): full deterministic scorer parity across SDKs (#51)
• 5a60c66 chore: scope publish-dry-run to release time, fix dependent verify (#50)
• dafef79 feat(cli): glob case selection; rename preset filter to samples (#49)
• e77e1e6 feat: per-case wall-clock timeout (give up + auto-cancel) (#48)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Preview URL	Updated (UTC)
✅ Deployment successful! View logs	bashkit	4da294d	Commit Preview URL Branch Preview URL	Jun 29 2026, 09:39 AM