Bump the tensorflow group across 1 directory with 2 updates

[dependabot]

Bumps the tensorflow group with 2 updates in the /tensorflow directory: neural-compressor and numpy.

Updates neural-compressor from 3.0 to 3.0.2

Commits

• 7b09f84 bump version
• 44af8a9 remove true_sequential
• efb5100 update 3x pt binary build (#1992)
• f478012 bump version
• 6f57eef Update installation_guide.md (#1989)
• 3cdcd3c add quantize, save, load function for transformers-like api (#1986)
• 65235e4 add hasattr check for torch fp8 dtype (#1985)
• 0e88b25 update installation and ci test for 3x api (#1991)
• 9486bf3 Fix UT env and upgrade torch to 2.4.0 (#1978)
• See full diff in compare view

Updates numpy from 2.1.0 to 2.1.1

Release notes

Sourced from numpy's releases.

2.1.1 (Sep 3, 2024)

NumPy 2.1.1 Release Notes

NumPy 2.1.1 is a maintenance release that fixes bugs and regressions discovered after the 2.1.0 release.

The Python versions supported by this release are 3.10-3.13.

Contributors

A total of 7 people contributed to this release. People with a "+" by their names contributed a patch for the first time.

• Andrew Nelson
• Charles Harris
• Mateusz Sokół
• Maximilian Weigand +
• Nathan Goldbaum
• Pieter Eendebak
• Sebastian Berg

Pull requests merged

A total of 10 pull requests were merged for this release.

• #27236: REL: Prepare for the NumPy 2.1.0 release [wheel build]
• #27252: MAINT: prepare 2.1.x for further development
• #27259: BUG: revert unintended change in the return value of set_printoptions
• #27266: BUG: fix reference counting bug in __array_interface__ implementation...
• #27267: TST: Add regression test for missing descr in array-interface
• #27276: BUG: Fix #27256 and #27257
• #27278: BUG: Fix array_equal for numeric and non-numeric scalar types
• #27287: MAINT: Update maintenance/2.1.x after the 2.0.2 release
• #27303: BLD: cp311- macosx_arm64 wheels [wheel build]
• #27304: BUG: f2py: better handle filtering of public/private subroutines

Checksums

MD5

3053a97400db800b7377749e691eb39e  numpy-2.1.1-cp310-cp310-macosx_10_9_x86_64.whl
84b752a2220dce7c96ff89eef4f4aec3  numpy-2.1.1-cp310-cp310-macosx_11_0_arm64.whl
47ed4f704a64261f07ca24ef2e674524  numpy-2.1.1-cp310-cp310-macosx_14_0_arm64.whl
b8a45caa870aee980c298053cf064d28  numpy-2.1.1-cp310-cp310-macosx_14_0_x86_64.whl
e097ad5eee572b791b4a25eedad6df4a  numpy-2.1.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl
ae502c99315884cda7f0236a07c035c4  numpy-2.1.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl
841a859d975c55090c0b60b72aab93a3  numpy-2.1.1-cp310-cp310-musllinux_1_1_x86_64.whl
d51be2b17f5b87aac64ab80fdfafc85e  numpy-2.1.1-cp310-cp310-musllinux_1_2_aarch64.whl
1f8249bd725397c6233fe6a0e8ad18b1  numpy-2.1.1-cp310-cp310-win32.whl
d38d6f06589c1ec104a6a31ff6035781  numpy-2.1.1-cp310-cp310-win_amd64.whl

... (truncated)

Commits

• 48606ab Merge pull request #27328 from charris/prepare-2.1.1
• a7cb4c4 REL: Prepare for the NumPy 2.1.1 release [wheel build]
• 884c92b Merge pull request #27303 from charris/backport-27284
• ca7f5c1 Merge pull request #27304 from charris/backport-27049
• 2a49507 BUG: f2py: better handle filtering of public/private subroutines
• d4306dd TST: Add regression test for gh-26920
• db9668d BLD: cp311- macosx_arm64 wheels [wheel build]
• c6ff254 Merge pull request #27287 from charris/post-2.0.2-release-update
• 326bc17 MAINT: Update main after the 2.0.2 release
• 8164b7c Merge pull request #27278 from charris/backport-27275
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
pip/neural-compressor	3.0.2	🟢 7.3	Details Check Score Reason Code-Review 🟢 9 Found 27/30 approved changesets -- score normalized to 9 Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 License 🟢 10 license file detected CII-Best-Practices ⚠️ 2 badge detected: InProgress Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Security-Policy 🟢 10 security policy file detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Branch-Protection 🟢 8 branch protection is not maximal on development and all release branches SAST 🟢 10 SAST tool is run on all commits Binary-Artifacts 🟢 10 no binaries found in the repo Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 92 existing vulnerabilities detected
pip/numpy	2.1.1	🟢 8	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches CI-Tests 🟢 10 18 out of 18 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed Contributors 🟢 10 project has 93 contributing companies or organizations Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Dependency-Update-Tool 🟢 10 update tool detected Fuzzing 🟢 10 project is fuzzed License 🟢 9 license file detected Maintained 🟢 10 30 commit(s) and 17 issue activity found in the last 90 days -- score normalized to 10 Packaging ⚠️ -1 packaging workflow not detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 SAST 🟢 10 SAST tool is run on all commits Security-Policy 🟢 9 security policy file detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Token-Permissions 🟢 9 detected GitHub workflow tokens with excessive permissions Vulnerabilities 🟢 10 0 existing vulnerabilities detected

Scanned Manifest Files

tensorflow/multinode/requirements.txt

• neural-compressor@3.0.2
• neural-compressor@3.0

tensorflow/serving/requirements.txt

• numpy@2.1.1
• numpy@2.1.0

[github-advanced-security]

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

[github-actions]

Test-Group	Test	Status
tensorflow-tests-logs	import-itex-cpu-pip	PASS
tensorflow-tests-logs	import-itex-cpu-idp	PASS
tensorflow-tests-logs	import-itex-xpu-pip	PASS
tensorflow-tests-logs	import-itex-xpu-idp	PASS
tensorflow-tests-logs	import-cpu-jupyter-pip	PASS
tensorflow-tests-logs	import-cpu-jupyter-idp	PASS
tensorflow-tests-logs	import-xpu-jupyter-pip	PASS
tensorflow-tests-logs	import-xpu-jupyter-idp	PASS
tensorflow-tests-logs	import-multinode-pip	PASS
tensorflow-tests-logs	import-multinode-idp	PASS
tensorflow-tests-logs	import-inc-pip	PASS
tensorflow-tests-logs	import-inc-idp	PASS
tensorflow-tests-logs	itex-cpu-pip	PASS
tensorflow-tests-logs	itex-cpu-idp	PASS
tensorflow-tests-logs	itex-xpu-pip	PASS
tensorflow-tests-logs	itex-xpu-idp	PASS
tensorflow-tests-logs	itex-xpu-jupyter-pip	PASS
tensorflow-tests-logs	itex-xpu-jupyter-idp	PASS
tensorflow-tests-logs	multinode-pip	PASS
tensorflow-tests-logs	multinode-idp	PASS
tensorflow-tests-logs	inc-pip	PASS
tensorflow-tests-logs	inc-idp	PASS