Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the tensorflow group across 1 directory with 8 updates #315

Merged
merged 4 commits into from
Aug 17, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 16, 2024

Bumps the tensorflow group with 8 updates in the /tensorflow directory:

Package From To
tensorflow 2.15.0 2.17.0
jupyterlab 4.3.0a0 4.3.0b0
notebook 7.3.0a0 7.3.0a1
neural-compressor 2.6 3.0
intel-extension-for-tensorflow[cpu] 2.15.0.0 2.15.0.1
pillow 10.3.0 10.4.0
numpy 2.0.0 2.0.1
tensorflow-serving-api 2.16.1 2.17.0

Updates tensorflow from 2.15.0 to 2.17.0

Release notes

Sourced from tensorflow's releases.

TensorFlow 2.17.0

Release 2.17.0

TensorFlow

Breaking Changes

  • GPU
    • Support for NVIDIA GPUs with compute capability 5.x (Maxwell generation) has been removed from TF binary distributions (Python wheels).

Major Features and Improvements

  • Add is_cpu_target_available, which indicates whether or not TensorFlow was built with support for a given CPU target. This can be useful for skipping target-specific tests if a target is not supported.

  • tf.data

    • Support data.experimental.distribued_save. distribued_save uses tf.data service (https://www.tensorflow.org/api_docs/python/tf/data/experimental/service) to write distributed dataset snapshots. The call is non-blocking and returns without waiting for the snapshot to finish. Setting wait=True to tf.data.Dataset.load allows the snapshots to be read while they are being written.

Bug Fixes and Other Changes

  • GPU

    • Support for NVIDIA GPUs with compute capability 8.9 (e.g. L4 & L40) has been added to TF binary distributions (Python wheels).
  • Replace DebuggerOptions of TensorFlow Quantizer, and migrate to DebuggerConfig of StableHLO Quantizer.

  • Add TensorFlow to StableHLO converter to TensorFlow pip package.

  • TensorRT support: this is the last release supporting TensorRT. It will be removed in the next release.

  • NumPy 2.0 support: TensorFlow is going to support NumPy 2.0 in the next release. It may break some edge cases of TensorFlow API usage.

  • tf.lite

    • Quantization for FullyConnected layer is switched from per-tensor to per-channel scales for dynamic range quantization use case (float32 inputs / outputs and int8 weights). The change enables new quantization schema globally in the converter and inference engine. The new behaviour can be disabled via experimental flag converter._experimental_disable_per_channel_quantization_for_dense_layers = True.
    • C API:
      • The experimental TfLiteRegistrationExternal type has been renamed as TfLiteOperator, and likewise for the corresponding API functions.
    • The Python TF Lite Interpreter bindings now have an option experimental_default_delegate_latest_features to enable all default delegate features.
    • Flatbuffer version update:
      • GetTemporaryPointer() bug fixed.
  • tf.data

    • Add wait to tf.data.Dataset.load. If True, for snapshots written with distributed_save, it reads the snapshot while it is being written. For snapshots written with regular save, it waits for the snapshot until it's finished. The default is False for backward compatibility. Users of distributed_save are recommended to set it to True.
  • tf.tpu.experimental.embedding.TPUEmbeddingV2

    • Add compute_sparse_core_stats for sparse core users to profile the data with this API to get the max_ids and max_unique_ids. These numbers will be needed to configure the sparse core embedding mid level api.
    • Remove the preprocess_features method since that's no longer needed.

Thanks to our Contributors

This release contains contributions from many people at Google, as well as:

Abdulaziz Aloqeely, Ahmad-M-Al-Khateeb, Akhil Goel, akhilgoe, Alexander Pivovarov, Amir Samani, Andrew Goodbody, Andrey Portnoy, Ashiq Imran, Ben Olson, Chao, Chase Riley Roberts, Clemens Giuliani, dependabot[bot], Dimitris Vardoulakis, Dragan Mladjenovic, ekuznetsov139, Elfie Guo, Faijul Amin, Gauri1 Deshpande, Georg Stefan Schmid, guozhong.zhuang, Hao Wu, Haoyu (Daniel), Harsha H S, Harsha Hs, Harshit Monish, Ilia Sergachev, Jane Liu, Jaroslav Sevcik, Jinzhe Zeng, Justin Dhillon, Kaixi Hou, Kanvi Khanna, LakshmiKalaKadali, Learning-To-Play, lingzhi98, Lu Teng, Matt Bahr, Max Ren, Meekail Zain, Mmakevic-Amd, mraunak, neverlva, nhatle, Nicola Ferralis, Olli Lupton, Om Thakkar, orangekame3, ourfor, pateldeev, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratik Joshi, prrathi, rahulbatra85, Raunak, redwrasse, Robert Kalmar, Robin Zhang, RoboSchmied, Ruturaj Vaidya, sachinmuradi, Shawn Wang, Sheng Yang, Surya, Thibaut Goetghebuer-Planchon, Thomas Preud'Homme, tilakrayal, Tj Xu, Trevor Morris, wenchenvincent, Yimei Sun, zahiqbal, Zhu Jianjiang, Zoranjovanovic-Ns

TensorFlow 2.17.0-rc1

Release 2.17.0

... (truncated)

Changelog

Sourced from tensorflow's changelog.

Release 2.17.0

TensorFlow

Breaking Changes

  • GPU
    • Support for NVIDIA GPUs with compute capability 5.x (Maxwell generation) has been removed from TF binary distributions (Python wheels).

Major Features and Improvements

  • Add is_cpu_target_available, which indicates whether or not TensorFlow was built with support for a given CPU target. This can be useful for skipping target-specific tests if a target is not supported.

  • tf.data

    • Support data.experimental.distribued_save. distribued_save uses tf.data service (https://www.tensorflow.org/api_docs/python/tf/data/experimental/service) to write distributed dataset snapshots. The call is non-blocking and returns without waiting for the snapshot to finish. Setting wait=True to tf.data.Dataset.load allows the snapshots to be read while they are being written.

Bug Fixes and Other Changes

  • GPU

    • Support for NVIDIA GPUs with compute capability 8.9 (e.g. L4 & L40) has been added to TF binary distributions (Python wheels).
  • Replace DebuggerOptions of TensorFlow Quantizer, and migrate to DebuggerConfig of StableHLO Quantizer.

  • Add TensorFlow to StableHLO converter to TensorFlow pip package.

  • TensorRT support: this is the last release supporting TensorRT. It will be removed in the next release.

  • NumPy 2.0 support: TensorFlow is going to support NumPy 2.0 in the next release. It may break some edge cases of TensorFlow API usage.

  • tf.lite

    • Quantization for FullyConnected layer is switched from per-tensor to per-channel scales for dynamic range quantization use case (float32 inputs / outputs and int8 weights). The change enables new quantization schema globally in the converter and inference engine. The new behaviour can be disabled via experimental flag converter._experimental_disable_per_channel_quantization_for_dense_layers = True.
    • C API:
      • The experimental TfLiteRegistrationExternal type has been renamed as TfLiteOperator, and likewise for the corresponding API functions.
    • The Python TF Lite Interpreter bindings now have an option experimental_default_delegate_latest_features to enable all default delegate features.
    • Flatbuffer version update:
      • GetTemporaryPointer() bug fixed.
  • tf.data

    • Add wait to tf.data.Dataset.load. If True, for snapshots written with distributed_save, it reads the snapshot while it is being written. For snapshots written with regular save, it waits for the snapshot until it's finished. The default is False for backward compatibility. Users of distributed_save are recommended to set it to True.
  • tf.tpu.experimental.embedding.TPUEmbeddingV2

    • Add compute_sparse_core_stats for sparse core users to profile the data with this API to get the max_ids and max_unique_ids. These numbers will be needed to configure the sparse core embedding mid level api.
    • Remove the preprocess_features method since that's no longer needed.

Thanks to our Contributors

This release contains contributions from many people at Google, as well as:

Abdulaziz Aloqeely, Ahmad-M-Al-Khateeb, Akhil Goel, akhilgoe, Alexander Pivovarov, Amir Samani, Andrew Goodbody, Andrey Portnoy, Ashiq Imran, Ben Olson, Chao, Chase Riley Roberts, Clemens Giuliani, dependabot[bot], Dimitris Vardoulakis, Dragan Mladjenovic, ekuznetsov139, Elfie Guo, Faijul Amin, Gauri1 Deshpande, Georg Stefan Schmid, guozhong.zhuang, Hao Wu, Haoyu (Daniel), Harsha H S, Harsha Hs, Harshit Monish, Ilia Sergachev, Jane Liu, Jaroslav Sevcik, Jinzhe Zeng, Justin Dhillon, Kaixi Hou, Kanvi Khanna, LakshmiKalaKadali, Learning-To-Play, lingzhi98, Lu Teng, Matt Bahr, Max Ren, Meekail Zain, Mmakevic-Amd, mraunak, neverlva, nhatle, Nicola Ferralis, Olli Lupton, Om Thakkar, orangekame3, ourfor, pateldeev, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratik Joshi, prrathi, rahulbatra85, Raunak, redwrasse, Robert Kalmar, Robin Zhang, RoboSchmied, Ruturaj Vaidya, sachinmuradi, Shawn Wang, Sheng Yang, Surya, Thibaut Goetghebuer-Planchon, Thomas Preud'Homme, tilakrayal, Tj Xu, Trevor Morris, wenchenvincent, Yimei Sun, zahiqbal, Zhu Jianjiang, Zoranjovanovic-Ns

Release 2.16.2

Bug Fixes and Other Changes

... (truncated)

Commits
  • ad6d8cc Merge pull request #71345 from tensorflow-jenkins/version-numbers-2.17.0-6959
  • 8ca87bf Update version numbers to 2.17.0
  • b3dcff9 Merge pull request #70600 from tensorflow/r2.17-2d72742d40f
  • 742ccbb Add tensorflow support for 16k page sizes on arm64
  • 8581151 Merge pull request #70475 from tensorflow-jenkins/version-numbers-2.17.0rc1-8204
  • d6b2aa0 Update version numbers to 2.17.0-rc1
  • bb8057c Merge pull request #70454 from vladbelit/gcs_trailing_dot_undo
  • 72f4b02 Fix issues with TF GCS operations not working in certain environments.
  • 6ed0a1a Merge pull request #70358 from tensorflow/r2.17-b24db0b2a85
  • ffca2f5 Add back xla/stream_executor:cuda_platform to tf_additional_binary_deps.
  • Additional commits viewable in compare view

Updates jupyterlab from 4.3.0a0 to 4.3.0b0

Release notes

Sourced from jupyterlab's releases.

v4.3.0b0

4.3.0b0

(Full Changelog)

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

... (truncated)

Changelog

Sourced from jupyterlab's changelog.

4.3.0b0

(Full Changelog)

Enhancements made

Bugs fixed

Maintenance and upkeep improvements

Documentation improvements

... (truncated)

Commits

Updates notebook from 7.3.0a0 to 7.3.0a1

Release notes

Sourced from notebook's releases.

v7.3.0a1

7.3.0a1

(Full Changelog)

Enhancements made

Bugs fixed

Contributors to this release

(GitHub contributors page for this release)

@​github-actions | @​jtpio | @​krassowski

Changelog

Sourced from notebook's changelog.

7.3.0a1

(Full Changelog)

Enhancements made

Bugs fixed

Contributors to this release

(GitHub contributors page for this release)

@​github-actions | @​jtpio | @​krassowski

Commits

Updates neural-compressor from 2.6 to 3.0

Release notes

Sourced from neural-compressor's releases.

Intel® Neural Compressor v3.0 Release

  • Highlights
  • Features
  • Improvements
  • Examples
  • Bug Fixes
  • Documentations
  • Validated Configurations

Highlights

  • FP8 quantization and INT4 model loading support on Intel® Gaudi® AI accelerator
  • Framework extension API for quantization, mixed-precision and benchmarking
  • Accuracy-aware FP16 mixed precision support on Intel® Xeon® 6 Processors
  • Performance optimizations and usability improvements on client-side quantization

Features

Improvements

  • [Quantization] Integrate AutoRound v0.3 (bfa27e, fd9685)
  • [Quantization] Support auto_host2device on RTN and GPTQ(f75ff4)
  • [Quantization] Support transformers.Conv1D WOQ quantization (b6237c)
  • [Quantization] support quant_lm_head argument in all WOQ configs (4ae2e8)
  • [Quantization] Update fp4_e2m1 mapping list to fit neural_speed and qbits inference (5fde50)
  • [Quantization] Enhance load_empty_model import (29471d)
  • [Common] Add common logger to the quantization process (1cb844, 482f87, 83bc77, f50baf)
  • [Common] Enhance the set_local for operator type (a58638)
  • [Common] Port more helper classes from 2.x (3b150d)
  • [Common] Refine base config for 3.x API (be42d0, efea08)
  • [Export] Migrate export feature to 2.x and 3.x from deprecated (794b27)

Examples

  • Add save/load for PT2E example (0e724a)

... (truncated)

Commits

Updates intel-extension-for-tensorflow[cpu] from 2.15.0.0 to 2.15.0.1

Release notes

Sourced from intel-extension-for-tensorflow[cpu]'s releases.

Intel® Extension for TensorFlow* 2.15.0.1

Major Features and Improvements

Intel® Extension for TensorFlow* extends the official TensorFlow capabilities, allowing TensorFlow workloads to run on Intel® Data Center GPU Max Series, Intel® Data Center GPU Flex Series, and Intel® Xeon® Scalable Processors. This release includes the following major features and improvements:

  • New Install Channel: New install channel is provided, to solve the package size limitation of Pypi. pip install --upgrade intel-extension-for-tensorflow[xpu] -f https://developer.intel.com/itex-whl-weekly

  • Toolkit Support: Supports Intel® oneAPI Base Toolkit 2024.2.

  • Updated Support: The Intel® Extension for TensorFlow* has been upgraded to support oneDNN 3.4.3.

  • Expreimental Support: Continues to provide experimental support for Intel® Arc™ A-Series GPUs on Windows Subsystem for Linux 2 with Ubuntu Linux installed and native Ubuntu Linux.

Bug Fixes

  • Fixes device memory leak issues exposed by ZeroLike, SetOneDnnLayout, GetDeviceInfo and SegmentReduce.
  • Fixes potential host memory leak issue.
  • Fixes accurancy issue exposed by Softmax.
  • Fixes performance regression issue exposed by AddV2WithSoftmax.
  • Fixes SYCL ESIMD feature not support on host issue.

Known Issues

  • TensorList limitation: TensorList is not supported with NextPluggableDevice by TensorFlow 2.15.
  • Allocation limitation of WSL: A maximum size of single allocation allowed on a single device is set on the Windows Subsystem for Linux (WSL2), which may cause Out-of-Memory error. Users can remove the limitation with environment variable UR_L0_ENABLE_RELAXED_ALLOCATION_LIMITS=1
  • FP64 support: FP64 is not natively supported by the Intel® Data Center GPU Flex Series platform. If you run any AI workload with the FP64 kernel on that platform, the workload will exit with an exception as 'XXX' Op uses fp64 data type, while fp64 instructions are not supported on the platform.
  • GLIBC++ mismatch: A GLIBC++ version mismatch may cause a workload exit with the exception, Can not find any devices. To check runtime environment on your host, please run itex/tools/python/env_check.py. Try running env_check.py script to confirm.

Documentations

Commits

Updates pillow from 10.3.0 to 10.4.0

Release notes

Sourced from pillow's releases.

10.4.0

https://pillow.readthedocs.io/en/stable/releasenotes/10.4.0.html

Changes

Bumps the tensorflow group with 8 updates in the /tensorflow directory:

| Package | From | To |
| --- | --- | --- |
| [tensorflow](https://github.com/tensorflow/tensorflow) | `2.15.0` | `2.17.0` |
| [jupyterlab](https://github.com/jupyterlab/jupyterlab) | `4.3.0a0` | `4.3.0b0` |
| [notebook](https://github.com/jupyter/notebook) | `7.3.0a0` | `7.3.0a1` |
| [neural-compressor](https://github.com/intel/neural-compressor) | `2.6` | `3.0` |
| [intel-extension-for-tensorflow[cpu]](https://github.com/intel/intel-extension-for-tensorflow) | `2.15.0.0` | `2.15.0.1` |
| [pillow](https://github.com/python-pillow/Pillow) | `10.3.0` | `10.4.0` |
| [numpy](https://github.com/numpy/numpy) | `2.0.0` | `2.0.1` |
| [tensorflow-serving-api](http://tensorflow.org/serving) | `2.16.1` | `2.17.0` |



Updates `tensorflow` from 2.15.0 to 2.17.0
- [Release notes](https://github.com/tensorflow/tensorflow/releases)
- [Changelog](https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md)
- [Commits](tensorflow/tensorflow@v2.15.0...v2.17.0)

Updates `jupyterlab` from 4.3.0a0 to 4.3.0b0
- [Release notes](https://github.com/jupyterlab/jupyterlab/releases)
- [Changelog](https://github.com/jupyterlab/jupyterlab/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jupyterlab/jupyterlab/compare/@jupyterlab/[email protected]...@jupyterlab/[email protected])

Updates `notebook` from 7.3.0a0 to 7.3.0a1
- [Release notes](https://github.com/jupyter/notebook/releases)
- [Changelog](https://github.com/jupyter/notebook/blob/main/CHANGELOG.md)
- [Commits](https://github.com/jupyter/notebook/compare/@jupyter-notebook/[email protected]...@jupyter-notebook/[email protected])

Updates `neural-compressor` from 2.6 to 3.0
- [Release notes](https://github.com/intel/neural-compressor/releases)
- [Commits](intel/neural-compressor@v2.6...v3.0)

Updates `intel-extension-for-tensorflow[cpu]` from 2.15.0.0 to 2.15.0.1
- [Release notes](https://github.com/intel/intel-extension-for-tensorflow/releases)
- [Commits](intel/intel-extension-for-tensorflow@v2.15.0.0...v2.15.0.1)

Updates `pillow` from 10.3.0 to 10.4.0
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](python-pillow/Pillow@10.3.0...10.4.0)

Updates `numpy` from 2.0.0 to 2.0.1
- [Release notes](https://github.com/numpy/numpy/releases)
- [Changelog](https://github.com/numpy/numpy/blob/main/doc/RELEASE_WALKTHROUGH.rst)
- [Commits](numpy/numpy@v2.0.0...v2.0.1)

Updates `tensorflow-serving-api` from 2.16.1 to 2.17.0

---
updated-dependencies:
- dependency-name: tensorflow
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tensorflow
- dependency-name: jupyterlab
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: tensorflow
- dependency-name: notebook
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: tensorflow
- dependency-name: neural-compressor
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: tensorflow
- dependency-name: intel-extension-for-tensorflow[cpu]
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: tensorflow
- dependency-name: pillow
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tensorflow
- dependency-name: numpy
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: tensorflow
- dependency-name: tensorflow-serving-api
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: tensorflow
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Aug 16, 2024
@dependabot dependabot bot requested a review from sharvil10 as a code owner August 16, 2024 21:16
@dependabot dependabot bot added the python Pull requests that update Python code label Aug 16, 2024
Copy link

github-actions bot commented Aug 16, 2024

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 4 package(s) with unknown licenses.
See the Details below.

License Issues

tensorflow/multinode/requirements.txt

PackageVersionLicenseIssue Type
impi-rt>= 2021.12.0NullUnknown License

tensorflow/serving/requirements.txt

PackageVersionLicenseIssue Type
tensorflow-serving-api2.17.0NullUnknown License

tensorflow/jupyter-requirements.txt

PackageVersionLicenseIssue Type
jupyterlab>= 4.2.4NullUnknown License

tensorflow/requirements.txt

PackageVersionLicenseIssue Type
intel-extension-for-tensorflow>= 2.15,< 2.16NullUnknown License

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
pip/jupyterlab >= 4.2.4 🟢 5.8
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1030 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 2badge detected: InProgress
License🟢 9license file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(4.2.x): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
SAST🟢 10SAST tool is run on all commits
Security-Policy🟢 10security policy file detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 28 existing vulnerabilities detected
pip/notebook >= 7.1.3 🟢 4.2
Details
CheckScoreReason
Code-Review⚠️ 2Found 8/30 approved changesets -- score normalized to 2
Maintained🟢 1017 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(7.2.x): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Security-Policy🟢 10security policy file detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities⚠️ 012 existing vulnerabilities detected
pip/cython >= 3.0.11 🟢 4.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 1Found 3/30 approved changesets -- score normalized to 1
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Security-Policy⚠️ 0security policy file not detected
Vulnerabilities🟢 100 existing vulnerabilities detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
pip/impi-rt >= 2021.12.0 UnknownUnknown
pip/mpi4py >= 3.1.0 🟢 6.2
Details
CheckScoreReason
Code-Review⚠️ 0Found 1/20 approved changesets -- score normalized to 0
Maintained🟢 1030 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Security-Policy⚠️ 0security policy file not detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Fuzzing⚠️ 0project is not fuzzed
Packaging🟢 10packaging workflow detected
SAST🟢 10SAST tool is run on all commits
pip/neural-compressor 3.0 🟢 7.3
Details
CheckScoreReason
Code-Review🟢 9Found 27/29 approved changesets -- score normalized to 9
Maintained🟢 1030 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10
License🟢 10license file detected
CII-Best-Practices⚠️ 2badge detected: InProgress
Signed-Releases⚠️ -1no releases found
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Branch-Protection🟢 8branch protection is not maximal on development and all release branches
SAST🟢 10SAST tool is run on all commits
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities⚠️ 092 existing vulnerabilities detected
pip/tf2onnx >= 1.16.1 🟢 5.8
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 1030 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during GetBranch(r1.16): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 9binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Security-Policy⚠️ 0security policy file not detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
pip/intel-extension-for-tensorflow >= 2.15,< 2.16 🟢 6.3
Details
CheckScoreReason
Code-Review⚠️ 0Found 1/30 approved changesets -- score normalized to 0
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices🟢 5badge detected: Passing
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 10security policy file detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected
pip/pillow 10.4.0 🟢 7.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 8Found 7/8 approved changesets -- score normalized to 8
CII-Best-Practices⚠️ 2badge detected: InProgress
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing🟢 10project is fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Packaging🟢 10packaging workflow detected
pip/tensorflow 2.15.1 🟢 7.8
Details
CheckScoreReason
Binary-Artifacts🟢 7binaries present in source code
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
CI-Tests🟢 927 out of 28 merged PRs checked by a CI test -- score normalized to 9
CII-Best-Practices🟢 5badge detected: Passing
Code-Review⚠️ 0Found 2/28 approved changesets -- score normalized to 0
Contributors🟢 10project has 21 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Packaging🟢 10packaging workflow detected
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
SAST🟢 4SAST tool is not run on all commits -- score normalized to 4
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
pip/numpy 2.0.1 🟢 8
Details
CheckScoreReason
Binary-Artifacts🟢 10no binaries found in the repo
Branch-Protection🟢 3branch protection is not maximal on development and all release branches
CI-Tests🟢 1017 out of 17 merged PRs checked by a CI test -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Code-Review🟢 10all changesets reviewed
Contributors🟢 10project has 93 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 9license file detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
SAST🟢 9SAST tool detected but not run on all commits
Security-Policy🟢 9security policy file detected
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Vulnerabilities🟢 100 existing vulnerabilities detected
pip/pillow 10.4.0 🟢 7.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 23 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 8Found 7/8 approved changesets -- score normalized to 8
CII-Best-Practices⚠️ 2badge detected: InProgress
License🟢 9license file detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing🟢 10project is fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Packaging🟢 10packaging workflow detected
pip/tensorflow 2.17.0 🟢 7.8
Details
CheckScoreReason
Binary-Artifacts🟢 7binaries present in source code
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
CI-Tests🟢 927 out of 28 merged PRs checked by a CI test -- score normalized to 9
CII-Best-Practices🟢 5badge detected: Passing
Code-Review⚠️ 0Found 2/28 approved changesets -- score normalized to 0
Contributors🟢 10project has 21 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Packaging🟢 10packaging workflow detected
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
SAST🟢 4SAST tool is not run on all commits -- score normalized to 4
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected
pip/tensorflow-serving-api 2.17.0 UnknownUnknown
pip/tensorflow 2.15.0 🟢 7.8
Details
CheckScoreReason
Binary-Artifacts🟢 7binaries present in source code
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
CI-Tests🟢 927 out of 28 merged PRs checked by a CI test -- score normalized to 9
CII-Best-Practices🟢 5badge detected: Passing
Code-Review⚠️ 0Found 2/28 approved changesets -- score normalized to 0
Contributors🟢 10project has 21 contributing companies or organizations
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Dependency-Update-Tool🟢 10update tool detected
Fuzzing🟢 10project is fuzzed
License🟢 10license file detected
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Packaging🟢 10packaging workflow detected
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
SAST🟢 4SAST tool is not run on all commits -- score normalized to 4
Security-Policy🟢 10security policy file detected
Signed-Releases⚠️ -1no releases found
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
Vulnerabilities🟢 100 existing vulnerabilities detected

Scanned Manifest Files

tensorflow/jupyter-requirements.txt
tensorflow/multinode/requirements.txt
tensorflow/hvd-requirements.txt
tensorflow/multinode-requirements.txt
tensorflow/ompi-requirements.txt
  • impi-rt@>= 2021.12.0
tensorflow/requirements.txt
tensorflow/serving/requirements.txt
tensorflow/xpu-requirements.txt

tylertitsworth added 3 commits August 16, 2024 16:07
Signed-off-by: tylertitsworth <[email protected]>
Signed-off-by: tylertitsworth <[email protected]>
Signed-off-by: tylertitsworth <[email protected]>
@tylertitsworth
Copy link
Contributor

[
    {
        "Group": "output",
        "Test": "import-itex-cpu-pip",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "import-itex-cpu-idp",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "import-itex-xpu-pip",
        "Status": "FAIL"
    },
    {
        "Group": "output",
        "Test": "import-itex-xpu-idp",
        "Status": "FAIL"
    },
    {
        "Group": "output",
        "Test": "import-cpu-jupyter-pip",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "import-cpu-jupyter-idp",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "import-xpu-jupyter-pip",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "import-xpu-jupyter-idp",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "import-multinode-pip",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "import-multinode-idp",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "import-inc-pip",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "import-inc-idp",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "itex-cpu-pip",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "itex-cpu-idp",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "itex-xpu-pip",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "itex-xpu-idp",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "itex-xpu-jupyter-pip",
        "Status": "FAIL"
    },
    {
        "Group": "output",
        "Test": "itex-xpu-jupyter-idp",
        "Status": "FAIL"
    },
    {
        "Group": "output",
        "Test": "multinode-pip",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "multinode-idp",
        "Status": "PASS"
    },
    {
        "Group": "output",
        "Test": "inc-pip",
        "Status": "PASS"
    }
    {
        "Group": "output",
        "Test": "inc-idp",
        "Status": "PASS"
    }
]

@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@tylertitsworth tylertitsworth merged commit 47d5dfb into main Aug 17, 2024
38 of 39 checks passed
@tylertitsworth tylertitsworth deleted the dependabot/pip/tensorflow/tensorflow-af52bdc1a2 branch August 17, 2024 02:23
tylertitsworth pushed a commit that referenced this pull request Sep 25, 2024
Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: tylertitsworth <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: tylertitsworth <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code Review
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant