chore(deps-dev): bump autoevals from 0.0.130 to 0.1.0

[dependabot]

Bumps autoevals from 0.0.130 to 0.1.0.

Commits

• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Disclaimer: Experimental PR review

Greptile Summary

This is a routine Dependabot dependency bump upgrading autoevals from 0.0.130 to 0.1.0 (a minor version release). The version constraint in pyproject.toml is widened from <0.1 to <0.2 to allow the new release, and the uv.lock file is updated with the corresponding hashes.

Key observations:

• The only consumer of autoevals in this codebase is langfuse/experiment.py's create_evaluator_from_autoevals, which accesses evaluation.name, evaluation.score, and evaluation.metadata on the returned Score object. These attributes remain stable in the 0.1.0 API.
• No transitive dependency changes are introduced in uv.lock.
• The bump from a 0.0.x to a 0.1.x version could theoretically carry breaking changes, but the public API surface used by this project is unchanged in 0.1.0.

Confidence Score: 5/5

Safe to merge — the update is isolated to a dev dependency and the API surface used by this project is unchanged in autoevals 0.1.0.

No production code is modified. The only integration point (create_evaluator_from_autoevals) relies on .name, .score, and .metadata attributes that are still present in autoevals 0.1.0. No breaking changes affect this codebase.

No files require special attention.

Important Files Changed

Filename	Overview
pyproject.toml	Upper bound for autoevals bumped from <0.1 to <0.2 to allow the 0.1.0 release; no other changes.
uv.lock	Lock file updated to reflect autoevals 0.1.0 with new sdist/wheel URLs and SHA-256 hashes; no unexpected transitive dependency changes.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[langfuse/experiment.py] -->|calls| B[create_evaluator_from_autoevals]
    B -->|wraps| C[autoevals evaluator]
    C -->|returns Score object| D{Access attributes}
    D -->|evaluation.name| E[Evaluation.name]
    D -->|evaluation.score| F[Evaluation.value]
    D -->|evaluation.metadata| G[Evaluation.metadata / comment]
    E & F & G -->|construct| H[Langfuse Evaluation]
    subgraph "autoevals 0.0.130 → 0.1.0"
    C
    end

Loading

_{Reviews (1): Last reviewed commit: "chore(deps-dev): bump autoevals from 0.0..." | Re-trigger Greptile}

[claude]

LGTM — straightforward dev dependency version bump.

Extended reasoning...

Overview

This PR bumps the dev dependency from 0.0.130 to 0.1.0, updating the version constraint in from to and refreshing the file with the new package hashes.

Security risks

None. is a dev-only dependency used for testing/evaluation purposes and does not ship in the production package. The lock file includes verified PyPI hashes for the new version.

Level of scrutiny

Low. This is a mechanical Dependabot update touching only the dev dependency group and lock file. No production code paths are affected.

Other factors

No bugs were found by the bug hunting system. The PR is cleanly scoped to two files with no logic changes.