Skip to content

build(deps): bump inspect-ai from 0.3.241 to 0.3.242#123

Merged
amrit110 merged 1 commit into
mainfrom
dependabot/uv/inspect-ai-0.3.242
Jun 30, 2026
Merged

build(deps): bump inspect-ai from 0.3.241 to 0.3.242#123
amrit110 merged 1 commit into
mainfrom
dependabot/uv/inspect-ai-0.3.242

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps inspect-ai from 0.3.241 to 0.3.242.

Changelog

Sourced from inspect-ai's changelog.

0.3.242 (29 June 2026)

  • Log: Shared sample buffer files synced to S3 (via --log-shared) are now tagged inspect-ephemeral=true so they can be targeted by an S3 lifecycle rule.
  • Log: Reading sample summaries from an in-progress .eval on a remote filesystem (e.g. S3) now fetches the per-sample journal summary files concurrently, reducing load time for logs with many samples.
  • Log: Sample event condensing is now linear, not quadratic, in conversation length.
  • Eval: Warn when non-empty task_args are passed but cannot be applied to any task. (#4194)
  • Eval Set: Fix KeyError at finalisation when a provider rewrites its own model name mid-run (e.g. vLLM resolving a base:adapter LoRA spec to base).
  • Eval Logs: Add read_eval_log_samples_by_id() to concurrently read a specific subset of samples by (id, epoch) (#2873).
  • Model API: Keep the connection-pool/adaptive-concurrency scope stable when a provider's api_key is a short-lived credential.
  • HuggingFace: Forward an explicitly supplied API key when loading tokenizers for private or gated models.
  • HuggingFace: Fixed model weights being loaded a second time (wasting GPU memory and risking OOM) when recording usage, checking the context window for compaction, or validating cost limits.
  • NNterp: Forward an explicitly supplied API key when loading private or gated Hugging Face models and tokenizers.
  • OpenAI-compatible providers: Report the source environment variable (e.g. CLOUDFLARE_API_TOKEN, HF_TOKEN) to API key override hooks rather than the derived *_API_KEY name.
  • AzureAI: Offer AZUREAI_API_KEY values to API key override hooks.
  • AzureAI: Honor an explicitly supplied api_key instead of replacing it with an environment credential.
  • Google: Retry truncated response streams (ClientPayloadError wrapping a PayloadEncodingError, e.g. a connection reset mid-body) instead of crashing the sample.
  • Model Info: Look up custom cost/info registrations under both the user-facing model string and the canonical name, so configured costs aren't dropped for routed providers (e.g. together, hf-inference-providers, custom routed providers).
  • Agent Bridge: Forward the Google generationConfig structured-output schema (responseSchema/responseJsonSchema) instead of dropping it.
  • Agent Bridge: Forward Anthropic output_config.effort for adaptive thinking.
  • Sandbox Tools: Lower the glibc build floor from 2.31 to 2.17 (build against a conda-forge CPython) so injected tools run on older glibc sandboxes including Ubuntu 16.04 and 18.04.
  • Control Channel: inspect ctl tasks now pins each eval's reported start to its first sample's start instead of letting it drift forward as early samples finish.
  • Control Channel: inspect ctl reads now use a 15s timeout and retry a busy eval up to 8 times (printing a status on each timeout) before failing with a non-zero exit, instead of silently dropping a momentarily-unresponsive eval from the listing.
  • Control Channel: Stop printing a misleading "Control server did not shut down cleanly" warning when an eval is interrupted with Ctrl-C (the cancellation is now re-raised as the expected teardown it is).
  • Scoring: Support model and model_roles overrides for re-scoring (inspect score --model / --model-role).
  • Scoring: Harden default model-graded verdict extraction so words ending in "grade", zero-width formatting marks around the verdict separator, and lowercase verdict letters no longer silently score incorrectly.
  • Sandbox: self_check now verifies that a large (~1 MiB) command argument round-trips correctly through exec.
  • Sandbox: Added override_sandbox_output_limit() context manager to temporarily raise the exec-output and/or read-file size caps for the current context.
  • Inspect View: Require frontend-only headers for mutations and use non-GET routes for log deletion and client messages.
  • Inspect View: Improve MathJax Sanitization
  • Inspect View: Fix stale running status on nav
  • Inspect View: Fix broken commit links for ssh-style GitHub origins
  • Inspect View: Cap oversized tool/text output to prevent resize layerization stalls
  • Inspect View: Fix event panel nav pills never expanding back from picker mode
  • Inspect View: Fix inline MathJax stacking under inherited white-space: pre-wrap
  • Inspect View: guard Inspect view mutation requests
  • Security: git_context() now redacts credentials embedded in the git remote URL (e.g. https://user:token@host) before recording origin, preventing tokens from leaking into eval logs and downstream consumers.
  • Security: Apply the data tar filter when extracting sandbox checkpoint egress tarballs on the host, preventing a sandboxed agent from writing files outside the destination repo via crafted ../absolute-path/symlink entries.
  • Bugfix: Keep torn checkpoint files out of remote egress uploads and manifests so resumed runs can repair and ship reused checkpoint ids.
  • Bugfix: Make the no-op trailing-separator strip in FileSystem.is_writeable() actually take effect, avoiding a double-separator write-test path for direct callers.
  • Bugfix: Header-only reads of .json eval logs no longer parse the entire samples array, making header reads of large logs dramatically faster (e.g. a 29MB S3 log: ~47s -> ~0.4s).
Commits
  • 0a7f6bf update changelog for release
  • dad9423 override_sandbox_output_limit() context manager to temporarily raise the ex...
  • f077cbe fix(scorer): raise a clear error when reducing mismatched list/dict scores (#...
  • cb98864 Fix default model-graded GRADE parsing (#4297)
  • 8a44989 fix(scorer): return NaN instead of crashing when reducing an empty score list...
  • 47c2638 Fix/type error for model args (#4354)
  • 92dd737 Fix slow header-only reads of large .json eval logs (#4367)
  • 9bcc47b Fix local models loaded multiple times (#4324)
  • 5c4e12b read eval log samples by id (#4365)
  • 0801495 docs(extensions): add Inspect Claim Support to the extensions gallery (#4364)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code labels Jun 29, 2026
Bumps [inspect-ai](https://github.com/UKGovernmentBEIS/inspect_ai) from 0.3.241 to 0.3.242.
- [Changelog](https://github.com/UKGovernmentBEIS/inspect_ai/blob/main/CHANGELOG.md)
- [Commits](UKGovernmentBEIS/inspect_ai@0.3.241...0.3.242)

---
updated-dependencies:
- dependency-name: inspect-ai
  dependency-version: 0.3.242
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@amrit110 amrit110 force-pushed the dependabot/uv/inspect-ai-0.3.242 branch from cdab253 to e286069 Compare June 30, 2026 01:04
@amrit110 amrit110 merged commit 16c9d82 into main Jun 30, 2026
1 check passed
@amrit110 amrit110 deleted the dependabot/uv/inspect-ai-0.3.242 branch June 30, 2026 01:05
@amrit110

Copy link
Copy Markdown
Member

Automated fix applied and PR merged

The agentic fix loop successfully fixed this PR and merged it.

✓ Successfully fixed merge_only failures - Modified 0 files - Executed 124 agent actions - (62 info, 28 tool_call, 8 error, 21 tool_result, 5 reasoning)

View detailed trace on dashboard | Raw trace

AI Engineering Maintenance Bot

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python:uv Pull requests that update python:uv code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant