{"id":9163,"name":"tensorflow","ecosystem":"pip","repository_url":"https://github.com/tensorflow/tensorflow","issues_count":716,"created_at":"2025-06-06T22:32:08.449Z","updated_at":"2025-06-06T22:32:08.449Z","purl":"pkg:pypi/tensorflow","metadata":{"id":2942175,"name":"tensorflow","ecosystem":"pypi","description":"TensorFlow is an open source machine learning framework for everyone.","homepage":"https://www.tensorflow.org/","licenses":"Apache 2.0","normalized_licenses":["Apache-2.0"],"repository_url":"https://github.com/tensorflow/tensorflow","keywords_array":["tensorflow","tensor","machine","learning"],"namespace":null,"versions_count":149,"first_release_published_at":"2016-12-19T19:10:10.000Z","latest_release_published_at":"2025-03-12T00:11:40.000Z","latest_release_number":"2.18.1","last_synced_at":"2025-03-12T00:31:39.621Z","created_at":"2022-04-10T12:48:15.174Z","updated_at":"2025-06-07T02:00:39.801Z","registry_url":"https://pypi.org/project/tensorflow/","install_command":"pip install tensorflow --index-url https://pypi.org/simple","documentation_url":"https://tensorflow.readthedocs.io/","metadata":{"funding":null,"documentation":null,"classifiers":["Development Status :: 5 - Production/Stable","Environment :: GPU :: NVIDIA CUDA :: 12","Environment :: GPU :: NVIDIA CUDA :: 12 :: 12.2","Intended Audience :: Developers","Intended Audience :: Education","Intended Audience :: Science/Research","License :: OSI Approved :: Apache Software License","Programming Language :: Python :: 3","Programming Language :: Python :: 3 :: Only","Programming Language :: Python :: 3.10","Programming Language :: Python :: 3.11","Programming Language :: Python :: 3.12","Programming Language :: Python :: 3.9","Topic :: Scientific/Engineering","Topic :: Scientific/Engineering :: Artificial Intelligence","Topic :: Scientific/Engineering :: Mathematics","Topic :: Software Development","Topic :: Software Development :: Libraries","Topic :: Software Development :: Libraries :: Python Modules"],"normalized_name":"tensorflow"},"repo_metadata":{"id":37251499,"uuid":"45717250","full_name":"tensorflow/tensorflow","owner":"tensorflow","description":"An Open Source Machine Learning Framework for Everyone","archived":false,"fork":false,"pushed_at":"2024-10-29T09:19:06.000Z","size":1087910,"stargazers_count":186239,"open_issues_count":5582,"forks_count":74298,"subscribers_count":7584,"default_branch":"master","last_synced_at":"2024-10-29T09:19:33.249Z","etag":null,"topics":["deep-learning","deep-neural-networks","distributed","machine-learning","ml","neural-network","python","tensorflow"],"latest_commit_sha":null,"homepage":"https://tensorflow.org","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tensorflow.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":"CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2015-11-07T01:19:20.000Z","updated_at":"2024-10-29T09:19:26.000Z","dependencies_parsed_at":"2023-10-27T15:27:29.446Z","dependency_job_id":"4202f94c-a761-4b1a-b3e0-60136ad66b70","html_url":"https://github.com/tensorflow/tensorflow","commit_stats":{"total_commits":158389,"total_committers":4341,"mean_commits":"36.486754204100436","dds":0.7325003630302609,"last_synced_commit":"e300ca3646349f86fd0c62b1e83d30b0469bd56b"},"previous_names":[],"tags_count":217,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tensorflow","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":235441752,"owners_count":18990776,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"tensorflow","name":"tensorflow","uuid":"15658638","kind":"organization","description":"","email":"github-admin@tensorflow.org","website":"http://www.tensorflow.org","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/15658638?v=4","repositories_count":108,"last_synced_at":"2023-04-09T07:13:22.653Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/tensorflow","funding_links":[],"total_stars":468581,"followers":null,"following":null,"created_at":"2022-11-02T16:22:56.353Z","updated_at":"2023-04-09T07:13:22.946Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tensorflow","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tensorflow/repositories"},"tags":[{"name":"v2.18.0","sha":"6550e4bd80223cdb8be6c3afd1f81e86a4d433c3","kind":"commit","published_at":"2024-10-21T23:10:20.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.18.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.18.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.18.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.18.0/manifests"},{"name":"v2.17.1","sha":"3c92ac03cab816044f7b18a86eb86aa01a294d95","kind":"commit","published_at":"2024-10-15T18:13:05.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.17.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.17.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.17.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.17.1/manifests"},{"name":"v2.18.0-rc2","sha":"d5f4a3f5ddc60df66d732cdba0c3ad1e51b7a339","kind":"commit","published_at":"2024-10-10T21:39:34.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.18.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.18.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.18.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.18.0-rc2/manifests"},{"name":"v2.18.0-rc1","sha":"2c3c798c33a5fbb8b63b7785716702aff222f2c4","kind":"commit","published_at":"2024-10-03T20:49:39.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.18.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.18.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.18.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.18.0-rc1/manifests"},{"name":"v2.18.0-rc0","sha":"4b55ed05d34b5be52067e450a2876d656f5ca7d8","kind":"commit","published_at":"2024-09-26T22:11:03.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.18.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.18.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.18.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.18.0-rc0/manifests"},{"name":"v2.17.0","sha":"ad6d8cc177d0c868982e39e0823d0efbfb95f04c","kind":"commit","published_at":"2024-07-09T22:13:22.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.17.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.17.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.17.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.17.0/manifests"},{"name":"v2.17.0-rc1","sha":"b3dcff925010e3be83cbc8556ad4e66012f3a44e","kind":"commit","published_at":"2024-06-28T17:52:50.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.17.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.17.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.17.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.17.0-rc1/manifests"},{"name":"v2.16.2","sha":"810f233968cec850915324948bbbc338c97cf57f","kind":"commit","published_at":"2024-06-25T15:45:39.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.16.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.16.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.16.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.16.2/manifests"},{"name":"v2.17.0-rc0","sha":"c12935684083ee1f182530d417afde060a60a7a5","kind":"commit","published_at":"2024-06-12T16:54:11.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.17.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.17.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.17.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.17.0-rc0/manifests"},{"name":"v2.15.1","sha":"63f5a65c7cd7b6241bede8d2e0082058566ea364","kind":"commit","published_at":"2024-03-08T02:19:10.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.15.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.15.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.15.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.15.1/manifests"},{"name":"v2.16.1","sha":"5bc9d26649cca274750ad3625bd93422617eed4b","kind":"commit","published_at":"2024-03-06T00:30:15.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.16.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.16.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.16.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.16.1/manifests"},{"name":"v2.16.0-rc0","sha":"4bdc149ac84738b06a592473595c1c9c2bd2a9a3","kind":"commit","published_at":"2024-02-26T22:50:07.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.16.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.16.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.16.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.16.0-rc0/manifests"},{"name":"v2.14.1","sha":"99d80a9e254c9df7940b2902b14d15914dbbbcd9","kind":"commit","published_at":"2023-11-10T21:47:47.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.14.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.14.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.14.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.14.1/manifests"},{"name":"v2.15.0","sha":"6887368d6d46223f460358323c4b76d61d1558a8","kind":"commit","published_at":"2023-11-10T21:16:52.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.15.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.15.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.15.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.15.0/manifests"},{"name":"v2.15.0-rc1","sha":"2a4ec940bac104cc94ce8738fcb31824158baff1","kind":"commit","published_at":"2023-11-02T00:55:06.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.15.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.15.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.15.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.15.0-rc1/manifests"},{"name":"v2.15.0-rc0","sha":"5b2454e3de818c7ac24cf7fbb8d82aed83a577ca","kind":"commit","published_at":"2023-10-19T23:06:04.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.15.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.15.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.15.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.15.0-rc0/manifests"},{"name":"v2.14.0","sha":"4dacf3f368eb7965e9b5c3bbdd5193986081c3b2","kind":"commit","published_at":"2023-09-21T17:17:23.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.14.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.14.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.14.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.14.0/manifests"},{"name":"v2.13.1","sha":"f841394b1b714c5cc5366536411cf146c8c570df","kind":"commit","published_at":"2023-09-12T16:46:28.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.13.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.13.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.13.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.13.1/manifests"},{"name":"v2.14.0-rc1","sha":"dd01672d9a99ac372cc77a2a84faf0aedaefa36c","kind":"commit","published_at":"2023-08-30T13:46:27.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.14.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.14.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.14.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.14.0-rc1/manifests"},{"name":"v2.14.0-rc0","sha":"71056bdc9ea85dfe478ede45b86a80be1eecaa5b","kind":"commit","published_at":"2023-08-15T22:03:02.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.14.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.14.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.14.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.14.0-rc0/manifests"},{"name":"v2.13.0","sha":"1cb1a030a62b169d90d34c747ab9b09f332bf905","kind":"commit","published_at":"2023-06-28T18:38:35.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.13.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.13.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.13.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.13.0/manifests"},{"name":"v2.12.1","sha":"8e2b6655c0c488290179ab90a0daed0f6d3006f7","kind":"commit","published_at":"2023-06-27T18:05:39.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.12.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.12.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.12.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.12.1/manifests"},{"name":"v2.13.0-rc2","sha":"5b6abc8a9bb1bbef914a3e830c18e30e4477f036","kind":"commit","published_at":"2023-06-16T19:39:23.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.13.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.13.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.13.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.13.0-rc2/manifests"},{"name":"v2.13.0-rc1","sha":"57633696be6c5cd93ae6832e81338a31b10428b8","kind":"commit","published_at":"2023-05-26T00:14:50.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.13.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.13.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.13.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.13.0-rc1/manifests"},{"name":"v2.13.0-rc0","sha":"525da8a93eca846e32e5c41eddc0496b25a2ef5b","kind":"commit","published_at":"2023-05-05T21:50:40.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.13.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.13.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.13.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.13.0-rc0/manifests"},{"name":"v2.12.0","sha":"0db597d0d758aba578783b5bf46c889700a45085","kind":"commit","published_at":"2023-03-20T23:12:24.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.12.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.12.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.12.0/manifests"},{"name":"v2.11.1","sha":"a3e2c692c18649329c4210cf8df2487d2028e267","kind":"commit","published_at":"2023-03-16T17:20:00.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.11.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.11.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.11.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.11.1/manifests"},{"name":"v2.12.0-rc1","sha":"0d8efc960d2874c2f56eed8690d132763a92a33c","kind":"commit","published_at":"2023-03-03T23:26:03.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.12.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.12.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.12.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.12.0-rc1/manifests"},{"name":"v2.12.0-rc0","sha":"80170ee25b406758c04880a3b49ed9499667012e","kind":"commit","published_at":"2023-02-14T00:49:26.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.12.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.12.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.12.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.12.0-rc0/manifests"},{"name":"v2.11.0","sha":"d5b57ca93e506df258271ea00fc29cf98383a374","kind":"commit","published_at":"2022-11-16T01:17:12.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.11.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.11.0/manifests"},{"name":"v2.9.3","sha":"a5ed5f39b675a1c6f315e0caf3ad4b38478fa571","kind":"commit","published_at":"2022-11-15T01:23:24.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.9.3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.3/manifests"},{"name":"v2.8.4","sha":"1b8f5c396f0c016ebe81fe1af029e6f205c926a4","kind":"commit","published_at":"2022-11-15T01:07:24.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.8.4","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.4/manifests"},{"name":"v2.10.1","sha":"fdfc646704c37bdf450525f6ced9d80df86e4993","kind":"commit","published_at":"2022-11-15T00:46:00.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.10.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.10.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.10.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.10.1/manifests"},{"name":"v2.11.0-rc2","sha":"db80fa53b76cbb149c3a2580539c49ccc7f92141","kind":"commit","published_at":"2022-11-01T18:55:58.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.11.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.11.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.11.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.11.0-rc2/manifests"},{"name":"v2.11.0-rc1","sha":"8aa3c875bb16f60650a3b41a637097b3bae4b4c2","kind":"commit","published_at":"2022-10-19T00:14:58.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.11.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.11.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.11.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.11.0-rc1/manifests"},{"name":"v2.11.0-rc0","sha":"ba36eac6614d5c1f1e9bab6d2399749b68e8732e","kind":"commit","published_at":"2022-10-18T15:57:32.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.11.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.11.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.11.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.11.0-rc0/manifests"},{"name":"v2.10.0","sha":"359c3cdfc5fabac82b3c70b3b6de2b0a8c16874f","kind":"commit","published_at":"2022-09-02T22:59:55.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.10.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.10.0/manifests"},{"name":"v2.9.2","sha":"18960c44ad3f5219c22dca55f842912dbce78a07","kind":"commit","published_at":"2022-09-01T18:34:47.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.9.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.2/manifests"},{"name":"v2.8.3","sha":"92a51d52ad199319e4f9de83fcbe970151dfed7e","kind":"commit","published_at":"2022-09-01T18:22:43.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.8.3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.3/manifests"},{"name":"v2.7.4","sha":"a73cc22ba39f89463d3e0910dd12d84dbf8596d2","kind":"commit","published_at":"2022-09-01T18:04:52.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.7.4","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.4/manifests"},{"name":"v2.10.0-rc3","sha":"f082fa907cf1a8e127436f12c05dff97ba599e3a","kind":"commit","published_at":"2022-08-26T15:05:21.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.10.0-rc3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0-rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.10.0-rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.10.0-rc3/manifests"},{"name":"v2.10.0-rc2","sha":"4bf2119f1d93411479981108dd0a3c3a46e8e3c4","kind":"commit","published_at":"2022-08-22T17:25:57.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.10.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.10.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.10.0-rc2/manifests"},{"name":"v2.10.0-rc1","sha":"5dd05fd5304ae9b2dd3e588a96e47238527f1fc5","kind":"commit","published_at":"2022-08-12T17:58:13.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.10.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.10.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.10.0-rc1/manifests"},{"name":"v2.10.0-rc0","sha":"371c061252f993fc48f12a7ab3924debfe637b2a","kind":"commit","published_at":"2022-08-02T17:54:45.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.10.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.10.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.10.0-rc0/manifests"},{"name":"v2.9.1","sha":"d8ce9f9c301d021a69953134185ab728c1c248d3","kind":"commit","published_at":"2022-05-22T22:28:22.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.9.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.1/manifests"},{"name":"v2.8.2","sha":"2ea19cbb575d076b4f521d3603211c8316ad5f8f","kind":"commit","published_at":"2022-05-22T22:24:29.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.8.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.2/manifests"},{"name":"v2.6.5","sha":"6b54e9fa35d6261adae9565f18cde359003b551b","kind":"commit","published_at":"2022-05-22T22:16:09.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.6.5","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.5/manifests"},{"name":"v2.7.3","sha":"fa3dcb4eadd639abb116f2b8d3019e51064e45b1","kind":"commit","published_at":"2022-05-20T22:44:46.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.7.3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.3/manifests"},{"name":"v2.9.0","sha":"8a20d54a3c1bfa38c03ea99a2ad3c1b0a45dfa95","kind":"commit","published_at":"2022-05-13T18:05:15.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.9.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.0/manifests"},{"name":"v2.6.4","sha":"33ed2b11cb8e879d86c371700e6573db1814a69e","kind":"commit","published_at":"2022-05-13T17:11:29.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.6.4","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.4/manifests"},{"name":"v2.8.1","sha":"0516d4d8bced506cae97dc3cb45dbd2fe4311f26","kind":"commit","published_at":"2022-05-12T17:27:32.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.8.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.1/manifests"},{"name":"v2.7.2","sha":"dd7b8a3c1714d0052ce4b4a2fd8dcef927439a24","kind":"commit","published_at":"2022-05-12T17:27:30.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.7.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.2/manifests"},{"name":"v2.9.0-rc2","sha":"84326b3712ebc48827d7a0bce087c15ab6b389a6","kind":"commit","published_at":"2022-05-04T16:21:35.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.9.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.0-rc2/manifests"},{"name":"v2.9.0-rc1","sha":"ca9b0dfd6e01d691f8467ca1f68f6baaf538c6b4","kind":"commit","published_at":"2022-04-21T17:30:05.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.9.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.0-rc1/manifests"},{"name":"v2.9.0-rc0","sha":"8727d035e7aa593720d16a5f57f70f3b5a93bd00","kind":"commit","published_at":"2022-04-07T16:50:03.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.9.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.9.0-rc0/manifests"},{"name":"v2.8.0","sha":"3f878cff5b698b82eea85db2b60d65a2e320850e","kind":"commit","published_at":"2022-01-31T19:17:33.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.8.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.0/manifests"},{"name":"v2.5.3","sha":"959e9b2a0c06df945f9fb66bd367af8832ca0d28","kind":"commit","published_at":"2022-01-30T15:39:47.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.5.3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.5.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.3/manifests"},{"name":"v2.7.1","sha":"2a0f59ecfe64d4e7750e406f00f783ff4bd34631","kind":"commit","published_at":"2022-01-30T15:27:47.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.7.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.1/manifests"},{"name":"v2.6.3","sha":"92a6bb06549e74a8bd8cdb8e28552496e5520007","kind":"commit","published_at":"2022-01-30T00:24:32.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.6.3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.3/manifests"},{"name":"v2.8.0-rc1","sha":"244b9d77fd42003042968a22d0cda6bea0c01435","kind":"commit","published_at":"2022-01-22T16:57:16.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.8.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.0-rc1/manifests"},{"name":"v2.8.0-rc0","sha":"804ef7223ef08fd14c274b4a4044cc4aeee68863","kind":"commit","published_at":"2021-12-22T02:09:05.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.8.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.8.0-rc0/manifests"},{"name":"v2.6.2","sha":"c2363d6d025981c661f8cbecf4c73ca7fbf38caf","kind":"commit","published_at":"2021-11-03T20:34:02.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.6.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.2/manifests"},{"name":"v2.7.0","sha":"c256c071bb26e1e13b4666d1b3e229e110bc914a","kind":"commit","published_at":"2021-11-01T01:31:04.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.7.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.0/manifests"},{"name":"v2.6.1","sha":"3aa40c3ce9d16eae296f086bc4ac4d62deb2affc","kind":"commit","published_at":"2021-10-31T17:10:05.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.6.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.1/manifests"},{"name":"v2.4.4","sha":"64918868e2154b06c7479347a59a4230f785e9fa","kind":"commit","published_at":"2021-10-30T22:59:09.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.4.4","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.4.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.4/manifests"},{"name":"v2.5.2","sha":"957590ea15cc03ee2e00fc61934647d54836676f","kind":"commit","published_at":"2021-10-30T22:58:36.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.5.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.5.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.2/manifests"},{"name":"v2.7.0-rc1","sha":"ff68385595088304cf772086b9a259a65b007622","kind":"commit","published_at":"2021-10-20T03:29:02.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.7.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.0-rc1/manifests"},{"name":"v2.7.0-rc0","sha":"ce35e5c3a8efdb8161c6a85c8fb9ffb5bbdc9ffd","kind":"commit","published_at":"2021-10-04T19:36:31.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.7.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.7.0-rc0/manifests"},{"name":"v2.4.3","sha":"4c0b84bf2a714bcdd18da1f1f94d533d72399d52","kind":"commit","published_at":"2021-08-11T22:06:57.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.4.3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.4.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.3/manifests"},{"name":"v2.3.4","sha":"7462dcaae1e8cfe1dfd0c62dd6083f9749a9d827","kind":"commit","published_at":"2021-08-11T22:06:44.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.3.4","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.3.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.4/manifests"},{"name":"v2.6.0","sha":"919f693420e35d00c8d0a42100837ae3718f7927","kind":"commit","published_at":"2021-08-09T19:10:27.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.6.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.0/manifests"},{"name":"v2.5.1","sha":"8222c1cfc866126111f23bd9872998480cebf2c1","kind":"commit","published_at":"2021-08-08T20:49:54.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.5.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.1/manifests"},{"name":"v2.6.0-rc2","sha":"5368d50428b30b7c9ccd038aec65d09252d16596","kind":"commit","published_at":"2021-08-03T00:34:40.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.6.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.0-rc2/manifests"},{"name":"v2.6.0-rc1","sha":"79f2d3a179ac6ea6b4c3d07b6849afad4e8730cd","kind":"commit","published_at":"2021-07-09T21:29:59.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.6.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.0-rc1/manifests"},{"name":"v2.6.0-rc0","sha":"a5317d67e6ce6e93de18011bfdcdd4ff7aa894cf","kind":"commit","published_at":"2021-06-29T00:23:36.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.6.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.6.0-rc0/manifests"},{"name":"v2.4.2","sha":"1923123d32ea41d92b70a27a3f6ecf0763b56f6c","kind":"commit","published_at":"2021-06-11T16:09:43.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.4.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.4.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.2/manifests"},{"name":"v2.2.3","sha":"cfe0c80169ae984bcdc99ff6de7444164aaa8e07","kind":"commit","published_at":"2021-06-10T18:18:38.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.2.3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.2.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.3/manifests"},{"name":"v2.1.4","sha":"0931ea3d985bb9c8fdd054a5e29c4129623c849b","kind":"commit","published_at":"2021-06-08T23:03:14.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.1.4","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.1.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.4/manifests"},{"name":"v2.3.3","sha":"3929ffacfbef7c431e8397920d040aaf47acff19","kind":"commit","published_at":"2021-06-04T22:32:44.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.3.3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.3.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.3/manifests"},{"name":"v2.5.0","sha":"a4dfb8d1a71385bd6d122e4f27f86dcebb96712d","kind":"commit","published_at":"2021-05-12T13:26:41.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.5.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.0/manifests"},{"name":"v2.5.0-rc3","sha":"fcdf659347024dc5a3130e866ba3dde10bac72b0","kind":"commit","published_at":"2021-05-04T23:35:43.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.5.0-rc3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.5.0-rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.0-rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.0-rc3/manifests"},{"name":"v2.5.0-rc2","sha":"e0b8bbee7a66d5afa8b309a06fbfb61b4169266f","kind":"commit","published_at":"2021-04-24T00:13:00.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.5.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.5.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.0-rc2/manifests"},{"name":"v2.5.0-rc1","sha":"0d1805aede03d25aa9d49adcef6903535fa5ad14","kind":"commit","published_at":"2021-04-12T16:43:40.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.5.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.5.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.0-rc1/manifests"},{"name":"v2.5.0-rc0","sha":"a8b6d5ff93a37ccba92137e1cab2ae2ee6640ad6","kind":"commit","published_at":"2021-04-01T04:24:10.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.5.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.5.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.5.0-rc0/manifests"},{"name":"v2.4.1","sha":"85c8b2a817f95a3e979ecd1ed95bff1dc1335cff","kind":"commit","published_at":"2021-01-21T00:25:54.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.4.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.1/manifests"},{"name":"v2.3.2","sha":"9edbe5075f79a4a95ed14a2be831f9b59e61f49d","kind":"commit","published_at":"2021-01-04T20:20:31.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.3.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.3.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.2/manifests"},{"name":"v2.2.2","sha":"d745ff2a48cebf18e847e8b602a744e97e058946","kind":"commit","published_at":"2021-01-04T20:20:11.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.2.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.2.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.2/manifests"},{"name":"v2.1.3","sha":"77f47d6ed6ca1f50b6f2c4919097e625d50398a9","kind":"commit","published_at":"2021-01-04T20:19:34.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.1.3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.1.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.3/manifests"},{"name":"v2.0.4","sha":"cdf2c541c3dd3fb6d03cce4d23fc6c548bc9017c","kind":"commit","published_at":"2021-01-04T20:19:09.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.0.4","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.4/manifests"},{"name":"v1.15.5","sha":"3db52be7be81a87c623cdeb7f03d3767521c5246","kind":"commit","published_at":"2021-01-04T20:18:42.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.15.5","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.15.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.5/manifests"},{"name":"v2.4.0","sha":"582c8d236cb079023657287c318ff26adb239002","kind":"commit","published_at":"2020-12-12T01:37:22.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.4.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.0/manifests"},{"name":"v2.4.0-rc4","sha":"97c3fef64ba9937a52af2d72fb4104b6e541d4b2","kind":"commit","published_at":"2020-12-04T03:09:50.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.4.0-rc4","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.4.0-rc4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.0-rc4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.0-rc4/manifests"},{"name":"v2.4.0-rc3","sha":"68f236364cdd261754c68782d99ec2fc791922e6","kind":"commit","published_at":"2020-11-24T02:38:14.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.4.0-rc3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.4.0-rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.0-rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.0-rc3/manifests"},{"name":"v2.4.0-rc2","sha":"0b06f2927be226ffe44f47bfa9e03e4ea649d7f3","kind":"commit","published_at":"2020-11-17T22:39:53.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.4.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.4.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.0-rc2/manifests"},{"name":"v2.4.0-rc1","sha":"ef82f4c66cae4a719a3815c307061a941a88b206","kind":"commit","published_at":"2020-11-07T01:46:19.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.4.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.4.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.0-rc1/manifests"},{"name":"v2.4.0-rc0","sha":"5e5730ba9d15a3b328d2b20a01bf8a9762f3711c","kind":"commit","published_at":"2020-11-02T06:18:39.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.4.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.4.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.4.0-rc0/manifests"},{"name":"v2.1.2","sha":"ab35f2bf7132f9d20a0bea9a5d1849862737d4b4","kind":"commit","published_at":"2020-09-23T23:30:37.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.1.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.1.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.2/manifests"},{"name":"v2.3.1","sha":"fcc4b966f1265f466e82617020af93670141b009","kind":"commit","published_at":"2020-09-22T01:57:17.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.3.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.1/manifests"},{"name":"v2.2.1","sha":"25fba035f3e453d94490932096282c7b0624bbb3","kind":"commit","published_at":"2020-09-22T01:57:12.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.2.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.1/manifests"},{"name":"v2.0.3","sha":"295ad2781683835be974faba0a191528d8079768","kind":"commit","published_at":"2020-09-22T01:54:47.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.0.3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.3/manifests"},{"name":"v1.15.4","sha":"df8c55ce12b5cfc6f29b01889f7773911a75e6ef","kind":"commit","published_at":"2020-09-22T01:53:53.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.15.4","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.15.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.4/manifests"},{"name":"v2.3.0","sha":"b36436b087bd8e8701ef51718179037cccdfc26e","kind":"commit","published_at":"2020-07-24T00:09:13.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.3.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.0/manifests"},{"name":"v2.3.0-rc2","sha":"bb3c460114b13fda5c730fe43587b8e8c2243cd7","kind":"commit","published_at":"2020-07-17T19:45:59.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.3.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.3.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.0-rc2/manifests"},{"name":"v2.3.0-rc1","sha":"14b2d686d68696f90dbd08564b11af04066ce291","kind":"commit","published_at":"2020-07-08T19:51:39.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.3.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.3.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.0-rc1/manifests"},{"name":"v2.3.0-rc0","sha":"99fea8da0d98fb271b60b58cfa5755f2bd430079","kind":"commit","published_at":"2020-06-26T04:41:11.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.3.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.3.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.3.0-rc0/manifests"},{"name":"v1.15.3","sha":"4386a6640c9fb65503750c37714971031f3dc1fd","kind":"commit","published_at":"2020-05-14T22:21:31.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.15.3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.15.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.3/manifests"},{"name":"v2.1.1","sha":"3ffdb91f122f556a74a6e1efd2469bfe1063cb5c","kind":"commit","published_at":"2020-05-14T02:17:30.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.1.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.1.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.1/manifests"},{"name":"v2.0.2","sha":"2c2fdd3205a8d31e5f09a71ac7eb52b8c0294a60","kind":"commit","published_at":"2020-05-12T19:46:23.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.0.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.0.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.2/manifests"},{"name":"v2.2.0","sha":"2b96f3662bd776e277f86997659e61046b56c315","kind":"commit","published_at":"2020-05-05T21:58:49.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.2.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.0/manifests"},{"name":"v2.2.0-rc4","sha":"70087ab4f46a4bebaacce1023cd12bd9c655e159","kind":"commit","published_at":"2020-04-29T17:43:22.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.2.0-rc4","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.2.0-rc4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.0-rc4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.0-rc4/manifests"},{"name":"v2.2.0-rc3","sha":"aad398b5e9eb8c617f2b70e16166bb2b797be10a","kind":"commit","published_at":"2020-04-10T22:59:49.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.2.0-rc3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.2.0-rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.0-rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.0-rc3/manifests"},{"name":"v2.2.0-rc2","sha":"e6e5d6df2ab26620548f35bf2e652b19f6d06652","kind":"commit","published_at":"2020-03-26T22:19:19.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.2.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.2.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.0-rc2/manifests"},{"name":"v2.2.0-rc1","sha":"acf4951a2f5fdc181ed14c163381c0cf135d9ee6","kind":"commit","published_at":"2020-03-18T22:54:49.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.2.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.2.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.0-rc1/manifests"},{"name":"v2.2.0-rc0","sha":"3c1e8c03419266bb6ba379d303d3e03a380617a8","kind":"commit","published_at":"2020-03-10T17:18:52.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.2.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.2.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.2.0-rc0/manifests"},{"name":"v1.15.2","sha":"5d80e1e8e6ee999be7db39461e0e79c90403a2e4","kind":"commit","published_at":"2020-01-26T03:57:51.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.15.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.15.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.2/manifests"},{"name":"v2.0.1","sha":"765ac8d16eff6d6ff997ee73809b402d8b1194ae","kind":"commit","published_at":"2020-01-22T23:43:57.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.0.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.1/manifests"},{"name":"v2.1.0","sha":"e5bf8de410005de06a7ff5393fafdf832ef1d4ad","kind":"commit","published_at":"2020-01-07T16:57:39.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.1.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.0/manifests"},{"name":"v2.1.0-rc2","sha":"9837eceb39171aba9e28dc1f120f53271b6b1ef0","kind":"commit","published_at":"2019-12-21T02:27:18.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.1.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.1.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.0-rc2/manifests"},{"name":"v2.1.0-rc1","sha":"064e1535a7ba3cb9f67b9d9171309a1e9ebca2b0","kind":"commit","published_at":"2019-12-10T22:17:34.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.1.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.1.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.0-rc1/manifests"},{"name":"v2.1.0-rc0","sha":"c6daad319d78e08d2dacbc4aa58094ce541188cf","kind":"commit","published_at":"2019-11-26T23:28:10.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.1.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.1.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.1.0-rc0/manifests"},{"name":"v1.15.0","sha":"590d6eef7e91a6a7392c8ffffb7b58f2e0c8bc6b","kind":"commit","published_at":"2019-10-14T21:08:43.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.15.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.15.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.0/manifests"},{"name":"v1.15.0-rc3","sha":"38ea9bbfea423eb968fcc70bc454471277c9537c","kind":"commit","published_at":"2019-10-07T22:36:38.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.15.0-rc3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.15.0-rc3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.0-rc3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.0-rc3/manifests"},{"name":"v1.15.0-rc2","sha":"5adb433d781597468ca8eba66a0d2466b2aff10c","kind":"commit","published_at":"2019-09-30T23:36:12.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.15.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.15.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.0-rc2/manifests"},{"name":"v2.0.0","sha":"64c3d382cadf7bbe8e7e99884bede8284ff67f56","kind":"commit","published_at":"2019-09-27T21:56:33.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.0.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0/manifests"},{"name":"v2.0.0-rc2","sha":"2646d230746240eb52312aab3cceeeb7df33e380","kind":"commit","published_at":"2019-09-19T21:51:25.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.0.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.0.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0-rc2/manifests"},{"name":"v1.15.0-rc1","sha":"ea930781c3164c9646e26cf3716f86804aa65b63","kind":"commit","published_at":"2019-09-16T05:00:45.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.15.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.15.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.0-rc1/manifests"},{"name":"v2.0.0-rc1","sha":"f03fe1bf795061408fafda9704c485aea7bddde2","kind":"commit","published_at":"2019-09-11T17:43:51.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.0.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.0.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0-rc1/manifests"},{"name":"v1.15.0-rc0","sha":"a0163a0a727c9c7af5ac976debd5e28d42275b8c","kind":"commit","published_at":"2019-09-08T20:24:52.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.15.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.15.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.15.0-rc0/manifests"},{"name":"v2.0.0-rc0","sha":"c75bb66a99ad45e5a3c9fc4625c8abeb705520b5","kind":"commit","published_at":"2019-08-22T17:40:23.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.0.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.0.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0-rc0/manifests"},{"name":"v1.13.2","sha":"04256c89d8783c5cfd7e550f9512e9478beb6454","kind":"commit","published_at":"2019-07-15T18:15:22.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.13.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.13.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.13.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.13.2/manifests"},{"name":"v1.12.3","sha":"5b900cfe4b3b848f577315a0dde09a729f770e95","kind":"commit","published_at":"2019-06-21T17:20:35.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.12.3","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.12.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.3/manifests"},{"name":"v1.14.0","sha":"87989f69597d6b2d60de8f112e1e3cea23be7298","kind":"commit","published_at":"2019-06-18T22:48:23.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.14.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.14.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.14.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.14.0/manifests"},{"name":"v2.0.0-beta1","sha":"8e423e3d56390671f0d954c90f4fd163ab02a9c1","kind":"commit","published_at":"2019-06-13T17:41:13.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.0.0-beta1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.0.0-beta1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0-beta1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0-beta1/manifests"},{"name":"v1.14.0-rc1","sha":"648ea74ea01deda6f13db83770564a2660d15925","kind":"commit","published_at":"2019-06-08T02:23:20.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.14.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.14.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.14.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.14.0-rc1/manifests"},{"name":"v2.0.0-beta0","sha":"f59745a38177bbc6f52a84af3a8a6d5c323d6db0","kind":"commit","published_at":"2019-06-07T07:00:18.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.0.0-beta0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.0.0-beta0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0-beta0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0-beta0/manifests"},{"name":"v1.14.0-rc0","sha":"f5ce1c00d4397875ff3d706881bd46430f4a9667","kind":"commit","published_at":"2019-05-23T18:33:28.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.14.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.14.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.14.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.14.0-rc0/manifests"},{"name":"v1.12.2","sha":"6b634657d8ff1355132c3838271e4f569d1ffaba","kind":"commit","published_at":"2019-04-18T17:36:20.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.12.2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.12.2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.2/manifests"},{"name":"v1.12.1","sha":"c20310273f663b1dbf9ca9e68068784d44a95ae2","kind":"commit","published_at":"2019-04-18T13:15:58.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.12.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.12.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.1/manifests"},{"name":"v2.0.0-alpha0","sha":"2c319fb415a5c91ed7c0b81af72df410a69b8576","kind":"commit","published_at":"2019-03-05T21:41:53.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v2.0.0-alpha0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.0.0-alpha0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0-alpha0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v2.0.0-alpha0/manifests"},{"name":"v1.13.1","sha":"6612da89516247503f03ef76e974b51a434fb52e","kind":"commit","published_at":"2019-02-25T20:37:04.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.13.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.13.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.13.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.13.1/manifests"},{"name":"v1.13.0-rc2","sha":"c865ec5621c013a7f8a4a26d380782e63117224f","kind":"commit","published_at":"2019-02-15T00:42:33.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.13.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.13.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.13.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.13.0-rc2/manifests"},{"name":"v1.13.0-rc1","sha":"63c13ff9b330682d136bc9219fa658f589b639f4","kind":"commit","published_at":"2019-02-07T18:19:52.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.13.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.13.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.13.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.13.0-rc1/manifests"},{"name":"v1.13.0-rc0","sha":"a8e5c41c5bbe684a88b9285e07bd9838c089e83b","kind":"commit","published_at":"2019-01-23T10:05:14.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.13.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.13.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.13.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.13.0-rc0/manifests"},{"name":"v1.12.0","sha":"a6d8ffae097d0132989ae4688d224121ec6d8f35","kind":"commit","published_at":"2018-11-02T01:35:10.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.12.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.12.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.0/manifests"},{"name":"v1.12.0-rc2","sha":"748435b8ef55a554e011e97a9f893304e737775a","kind":"commit","published_at":"2018-10-26T03:26:00.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.12.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.12.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.0-rc2/manifests"},{"name":"v1.12.0-rc1","sha":"7b081981131bf6da32065b8ecc3b8c5bd1280c4a","kind":"commit","published_at":"2018-10-16T17:14:23.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.12.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.12.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.0-rc1/manifests"},{"name":"v1.12.0-rc0","sha":"1a6dea36de673139af3ccb3728535f024436fc5d","kind":"commit","published_at":"2018-10-08T18:36:57.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.12.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.12.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.12.0-rc0/manifests"},{"name":"v1.11.0","sha":"c19e29306ce1777456b2dbb3a14f511edf7883a8","kind":"commit","published_at":"2018-09-25T21:50:52.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.11.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.11.0/manifests"},{"name":"v1.11.0-rc2","sha":"b903b819d396ced0f0ad83726eae1db5f216de80","kind":"commit","published_at":"2018-09-20T18:15:35.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.11.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.11.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.11.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.11.0-rc2/manifests"},{"name":"v1.11.0-rc1","sha":"e4c4b20805064c67ea624cdedf3f295ea1ee800d","kind":"commit","published_at":"2018-09-14T19:38:07.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.11.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.11.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.11.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.11.0-rc1/manifests"},{"name":"v1.11.0-rc0","sha":"1e438195399650604fb3aa3a53c67339f1167882","kind":"commit","published_at":"2018-09-11T23:18:00.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.11.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.11.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.11.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.11.0-rc0/manifests"},{"name":"v1.10.1","sha":"4dcfddc5d12018a5a0fdca652b9221ed95e9eb23","kind":"commit","published_at":"2018-08-23T19:58:44.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.10.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.10.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.10.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.10.1/manifests"},{"name":"v1.10.0","sha":"656e7a2b347c3c6eb76a6c130ed4b1def567b6c1","kind":"commit","published_at":"2018-08-07T23:52:04.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.10.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.10.0/manifests"},{"name":"v1.10.0-rc1","sha":"e5e9a8f4e97e6910cac46d84966ed82de2ec21b3","kind":"commit","published_at":"2018-07-30T18:46:35.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.10.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.10.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.10.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.10.0-rc1/manifests"},{"name":"v1.10.0-rc0","sha":"f2e8ef305e90151dfd3092a77880c9d046878ef8","kind":"commit","published_at":"2018-07-21T00:59:01.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.10.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.10.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.10.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.10.0-rc0/manifests"},{"name":"v1.9.0","sha":"25c197e02393bd44f50079945409009dd4d434f8","kind":"commit","published_at":"2018-07-09T20:38:25.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.9.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.9.0/manifests"},{"name":"v1.9.0-rc2","sha":"16a965c5c9a64ef82ccfcb849dd61e6aad00d10e","kind":"commit","published_at":"2018-07-02T22:07:51.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.9.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.9.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.9.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.9.0-rc2/manifests"},{"name":"v1.9.0-rc1","sha":"17d6639b550cdcedf31ee01bd6eb26c592aeac42","kind":"commit","published_at":"2018-06-14T13:24:27.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.9.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.9.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.9.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.9.0-rc1/manifests"},{"name":"v1.9.0-rc0","sha":"e1436b2952c7600c8ac88114210381db0398be16","kind":"commit","published_at":"2018-06-06T22:07:00.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.9.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.9.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.9.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.9.0-rc0/manifests"},{"name":"v1.7.1","sha":"c8137f3a8e1a22b6e274d0ffc84013624523df59","kind":"commit","published_at":"2018-05-04T19:13:34.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.7.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.7.1/manifests"},{"name":"tflite-v0.1.7","sha":"fa1db5eb0da85b5baccc2a46d534fdeb3bb473d0","kind":"commit","published_at":"2018-04-27T20:32:35.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/tflite-v0.1.7","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/tflite-v0.1.7","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/tflite-v0.1.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/tflite-v0.1.7/manifests"},{"name":"v1.8.0","sha":"93bc2e2072e0daccbcff7a90d397b704a9e8f778","kind":"commit","published_at":"2018-04-27T16:36:49.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.8.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.8.0/manifests"},{"name":"v1.8.0-rc1","sha":"cf9afc9467b12013d93c4fe779c4158944c85e93","kind":"commit","published_at":"2018-04-19T15:53:13.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.8.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.8.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.8.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.8.0-rc1/manifests"},{"name":"v1.8.0-rc0","sha":"3970b47da568a783818f43ec9f8df5acf692fe7c","kind":"commit","published_at":"2018-04-12T18:07:34.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.8.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.8.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.8.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.8.0-rc0/manifests"},{"name":"v1.7.0","sha":"024aecf414941e11eb643e29ceed3e1c47a115ad","kind":"commit","published_at":"2018-03-29T04:18:40.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.7.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.7.0/manifests"},{"name":"v1.7.0-rc1","sha":"e79eb0b8de130bf905a101608681e9c18561356c","kind":"commit","published_at":"2018-03-21T03:28:38.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.7.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.7.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.7.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.7.0-rc1/manifests"},{"name":"v1.5.1","sha":"6a1ec9deeb2b04dc698db385ea582f6949b4f8bc","kind":"commit","published_at":"2018-03-20T19:51:33.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.5.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.5.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.5.1/manifests"},{"name":"v1.7.0-rc0","sha":"9af25bb2a76b0e5607acecaa93ae421352a70748","kind":"commit","published_at":"2018-03-13T04:02:38.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.7.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.7.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.7.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.7.0-rc0/manifests"},{"name":"v1.6.0","sha":"d2e24b6039433bd83478da8c8c2d6c58034be607","kind":"commit","published_at":"2018-02-28T18:52:31.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.6.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.6.0/manifests"},{"name":"v1.6.0-rc1","sha":"b2a0f1c45b2283910548ebd88ee5aaf4b6fc6077","kind":"commit","published_at":"2018-02-13T23:20:07.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.6.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.6.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.6.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.6.0-rc1/manifests"},{"name":"v1.6.0-rc0","sha":"aaf367ed8ed416f9a86674bf1ddd660c11609e63","kind":"commit","published_at":"2018-02-04T20:28:47.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.6.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.6.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.6.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.6.0-rc0/manifests"},{"name":"v1.5.0","sha":"37aa430d84ced579342a4044c89c236664be7f68","kind":"commit","published_at":"2018-01-25T22:22:10.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.5.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.5.0/manifests"},{"name":"v1.5.0-rc1","sha":"b1f157f4d2d871f7a6d8eeb21fddf97b5216608a","kind":"commit","published_at":"2018-01-13T00:29:30.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.5.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.5.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.5.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.5.0-rc1/manifests"},{"name":"v1.5.0-rc0","sha":"622487f55481fd914bbf8f340c44ff2bb1d059de","kind":"commit","published_at":"2018-01-03T00:00:43.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.5.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.5.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.5.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.5.0-rc0/manifests"},{"name":"v1.4.1","sha":"438604fc885208ee05f9eef2d0f2c630e1360a83","kind":"commit","published_at":"2017-12-08T04:12:18.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.4.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.4.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.4.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.4.1/manifests"},{"name":"v1.4.0","sha":"d752244fbaad5e4268243355046d30990f59418f","kind":"commit","published_at":"2017-11-01T20:21:13.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.4.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.4.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.4.0/manifests"},{"name":"v1.4.0-rc1","sha":"358298a3c25e0736a408cac8ae46fb198ec397c3","kind":"commit","published_at":"2017-10-20T23:10:16.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.4.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.4.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.4.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.4.0-rc1/manifests"},{"name":"v1.4.0-rc0","sha":"5a944dc4f46edd464d8e645956d3a4f653f0d14e","kind":"commit","published_at":"2017-10-10T23:45:41.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.4.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.4.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.4.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.4.0-rc0/manifests"},{"name":"v1.3.1","sha":"48c54eee17b35ebc15e274e36632eccb76072f7d","kind":"commit","published_at":"2017-09-26T17:54:56.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.3.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.3.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.3.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.3.1/manifests"},{"name":"v1.3.0","sha":"9e76bf324f6bac63137a02bb6e6ec9120703ea9b","kind":"commit","published_at":"2017-08-17T01:20:31.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.3.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.3.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.3.0/manifests"},{"name":"v1.3.0-rc2","sha":"2784b1c4318add93d9cc9d1877962fed75ef604b","kind":"commit","published_at":"2017-08-03T20:32:46.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.3.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.3.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.3.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.3.0-rc2/manifests"},{"name":"v1.3.0-rc1","sha":"6f0d70e7c0e63c15020d889e5b63e0438e14d3b3","kind":"commit","published_at":"2017-07-26T23:47:36.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.3.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.3.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.3.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.3.0-rc1/manifests"},{"name":"v1.3.0-rc0","sha":"181971fd1dfc01730ce8b2aa74d90553709ee61d","kind":"commit","published_at":"2017-07-19T20:17:35.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.3.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.3.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.3.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.3.0-rc0/manifests"},{"name":"v1.2.1","sha":"b4957ffc69e73cf8348db7f381438c3b0ccabd14","kind":"commit","published_at":"2017-06-30T01:34:24.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.2.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.2.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.2.1/manifests"},{"name":"v1.2.0","sha":"12f033df4c8fa3feb88ce936eb1581eaa92b303e","kind":"commit","published_at":"2017-06-14T19:02:07.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.2.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.2.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.2.0/manifests"},{"name":"v1.2.0-rc2","sha":"ce1d6ec49bb0aea2ee2e5bd90e424345e6846fc8","kind":"commit","published_at":"2017-06-06T02:34:52.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.2.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.2.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.2.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.2.0-rc2/manifests"},{"name":"v1.2.0-rc1","sha":"636367bba8ceddc456419b0278e8c7655ea97edd","kind":"commit","published_at":"2017-05-26T18:29:48.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.2.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.2.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.2.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.2.0-rc1/manifests"},{"name":"v1.2.0-rc0","sha":"c462db435a45ec173c9e0fd946ce8e6d09b7d192","kind":"commit","published_at":"2017-05-19T21:49:40.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.2.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.2.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.2.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.2.0-rc0/manifests"},{"name":"v1.1.0","sha":"1ec6ed51182adf8f1b03a3188c16cd8a45ca6c85","kind":"commit","published_at":"2017-04-21T01:01:36.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.1.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.1.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.1.0/manifests"},{"name":"v1.1.0-rc2","sha":"4019c5837d21aee67e7365ae579bfd04c7ec6f88","kind":"commit","published_at":"2017-04-14T21:41:11.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.1.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.1.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.1.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.1.0-rc2/manifests"},{"name":"v1.1.0-rc1","sha":"efe5376f3dec8fcc2bf3299a4ff4df6ad3591c88","kind":"commit","published_at":"2017-04-04T18:07:14.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.1.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.1.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.1.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.1.0-rc1/manifests"},{"name":"v1.1.0-rc0","sha":"a23f5d7f7757623a4ea8c6e1d743d178a0c561c5","kind":"commit","published_at":"2017-03-24T02:51:15.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.1.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.1.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.1.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.1.0-rc0/manifests"},{"name":"v1.0.1","sha":"e895d5ca395c2362df4f5c8f08b68501b41f8a98","kind":"commit","published_at":"2017-03-07T22:16:05.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.0.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.0.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.0.1/manifests"},{"name":"v1.0.0","sha":"07bb8ea2379bd459832b23951fb20ec47f3fdbd4","kind":"commit","published_at":"2017-02-11T06:33:43.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.0.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.0.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.0.0/manifests"},{"name":"v1.0.0-rc2","sha":"1536a84f32f1fe77efd3fee6e5933a1dfe4e10bb","kind":"commit","published_at":"2017-02-08T18:32:14.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.0.0-rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.0.0-rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.0.0-rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.0.0-rc2/manifests"},{"name":"v1.0.0-rc1","sha":"114a4627cb4b05dacb3228d5815a8dac30ddb07a","kind":"commit","published_at":"2017-02-03T23:13:00.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.0.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.0.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.0.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.0.0-rc1/manifests"},{"name":"v1.0.0-rc0","sha":"0174cb2541b540653859399491ff9c2192a3d29d","kind":"commit","published_at":"2017-01-26T18:57:25.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.0.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.0.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.0.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.0.0-rc0/manifests"},{"name":"v1.0.0-alpha","sha":"9937f8c6459c18529b31e50262726a8b40c12a7a","kind":"commit","published_at":"2017-01-10T00:17:51.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v1.0.0-alpha","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v1.0.0-alpha","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.0.0-alpha","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v1.0.0-alpha/manifests"},{"name":"0.12.1","sha":"4d924e796368163eff11a8151e8505715345f58d","kind":"commit","published_at":"2016-12-25T13:44:34.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/0.12.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/0.12.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/0.12.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/0.12.1/manifests"},{"name":"v0.12.0","sha":"c62a66bcd4d6f009e0b416055e2ecb8ef50fd0aa","kind":"commit","published_at":"2016-12-19T23:18:10.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.12.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.12.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.12.0/manifests"},{"name":"0.12.0-rc1","sha":"68322a636fdcd8cbc6548d103a0cf82667b7c8b1","kind":"commit","published_at":"2016-12-10T04:59:10.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/0.12.0-rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/0.12.0-rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/0.12.0-rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/0.12.0-rc1/manifests"},{"name":"0.12.0-rc0","sha":"48408fc0e26669998cdb7f28604d163b0feb8130","kind":"commit","published_at":"2016-11-28T22:31:19.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/0.12.0-rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/0.12.0-rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/0.12.0-rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/0.12.0-rc0/manifests"},{"name":"v0.11.0","sha":"282823b877f173e6a33bbc9d4b9ad7dd8413ada6","kind":"commit","published_at":"2016-11-09T22:07:53.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.11.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.11.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.11.0/manifests"},{"name":"v0.11.0rc2","sha":"b5943bd1bcaa1510ab035a82f20adb6f7b2f7b05","kind":"commit","published_at":"2016-10-31T17:55:37.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.11.0rc2","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.11.0rc2","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.11.0rc2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.11.0rc2/manifests"},{"name":"v0.11.0rc1","sha":"671f4c6519b4d82d3e97ab96825e0a748fae8e5d","kind":"commit","published_at":"2016-10-21T00:06:33.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.11.0rc1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.11.0rc1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.11.0rc1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.11.0rc1/manifests"},{"name":"v0.11.0rc0","sha":"2dea76c0b8eb5b8302454137c055f9e7b7dcea39","kind":"commit","published_at":"2016-09-30T17:15:46.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.11.0rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.11.0rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.11.0rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.11.0rc0/manifests"},{"name":"v0.10.0","sha":"c715c3102df1556fc0ce88fc987440a3c80e5380","kind":"commit","published_at":"2016-09-08T21:49:36.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.10.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.10.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.10.0/manifests"},{"name":"v0.10.0rc0","sha":"3cb39956e622b322e43547cf2b6e337020643f21","kind":"commit","published_at":"2016-07-29T21:34:44.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.10.0rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.10.0rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.10.0rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.10.0rc0/manifests"},{"name":"v0.9.0","sha":"25023dffcf88f46777b5ddab457ac84a5bed5d2f","kind":"commit","published_at":"2016-06-21T21:36:21.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.9.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.9.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.9.0/manifests"},{"name":"v0.9.0rc0","sha":"9425f822d8a5dc657022eed5c5142b4bf7b1087a","kind":"commit","published_at":"2016-06-06T06:56:44.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.9.0rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.9.0rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.9.0rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.9.0rc0/manifests"},{"name":"v0.8.0","sha":"4b7bc3174ed67b4a0eb1803537c9d00f132e9ae7","kind":"commit","published_at":"2016-04-22T20:51:21.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.8.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.8.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.8.0/manifests"},{"name":"v0.8.0rc0","sha":"31ea3dbf57d67b32ca1708e7d8cd5fb43e7810b1","kind":"commit","published_at":"2016-04-13T15:26:19.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.8.0rc0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.8.0rc0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.8.0rc0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.8.0rc0/manifests"},{"name":"v0.7.1","sha":"028d0b46004c921acd48fdd0ec18128d79e18bf4","kind":"commit","published_at":"2016-02-20T07:42:14.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.7.1","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.7.1","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.7.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.7.1/manifests"},{"name":"v0.7.0","sha":"d0db73a0648e3f1e8367606225e4df2f0d34d0c0","kind":"commit","published_at":"2016-02-16T16:57:59.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.7.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.7.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.7.0/manifests"},{"name":"v0.6.0","sha":"09e2e823bdbcb86542acef851c42754578be3f6c","kind":"commit","published_at":"2016-02-10T20:27:36.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/v0.6.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/v0.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/v0.6.0/manifests"},{"name":"0.6.0","sha":"8242b4dd1b36440e191fef8a07b6f37d8bcee60d","kind":"tag","published_at":"2015-12-10T04:26:27.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/0.6.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/0.6.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/0.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/0.6.0/manifests"},{"name":"0.5.0","sha":"b2dc60eaa9c00421293b87824a2047fdcf6fa331","kind":"tag","published_at":"2015-11-09T03:08:54.000Z","download_url":"https://codeload.github.com/tensorflow/tensorflow/tar.gz/0.5.0","html_url":"https://github.com/tensorflow/tensorflow/releases/tag/0.5.0","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/0.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tensorflow%2Ftensorflow/tags/0.5.0/manifests"}]},"repo_metadata_updated_at":"2025-01-25T17:08:43.516Z","dependent_packages_count":2172,"downloads":19162083,"downloads_period":"last-month","dependent_repos_count":73755,"rankings":{"downloads":0.05447472244486957,"dependent_repos_count":0.017607991093291173,"dependent_packages_count":0.012105493876637681,"stargazers_count":0.0005502497216653492,"forks_count":0.0027512486083267453,"docker_downloads_count":0.26356961667770223,"average":0.05850988707041546},"purl":"pkg:pypi/tensorflow","advisories":[{"uuid":"GSA_kwCzR0hTQS1wZ2NxLWg3OWotMmY2Oc0XDQ","url":"https://github.com/advisories/GHSA-pgcq-h79j-2f69","title":"Incomplete validation of shapes in multiple TF ops","description":"### Impact\nSeveral TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or `CHECK`-fail related crashes but in some scenarios writes and reads from heap populated arrays are also possible.\n\nWe have discovered these issues internally via tooling while working on improving/testing GPU op determinism. As such, we don't have reproducers and there will be multiple fixes for these issues.\n\n### Patches\nWe have patched the issue in GitHub commits [68422b215e618df5ad375bcdc6d2052e9fd3080a](https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a), [4d74d8a00b07441cba090a02e0dd9ed385145bf4](https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4), [579261dcd446385831fe4f7457d802a59685121d](https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d), [da4aad5946be30e5f049920fa076e1f7ef021261](https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261), [4dddb2fd0b01cdd196101afbba6518658a2c9e07](https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07), and [e7f497570abb6b4ae5af4970620cd880e4c0c904](https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904).\n\nThese fixes will be included in TensorFlow 2.7.0. We will also cherrypick these commits on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-11-10T19:03:38.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.3,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69","https://nvd.nist.gov/vuln/detail/CVE-2021-41206","https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4","https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07","https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d","https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a","https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261","https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-845.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-847.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-843.yaml","https://github.com/advisories/GHSA-pgcq-h79j-2f69"],"source_kind":"github","identifiers":["GHSA-pgcq-h79j-2f69","CVE-2021-41206"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":35.53487771162465,"packages":[{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:43.353Z","updated_at":"2024-11-13T21:54:41.000Z","epss_percentage":0.0001,"epss_percentile":0.00501},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc4d2ctY2p3Yy14aGhw","url":"https://github.com/advisories/GHSA-g8wg-cjwc-xhhp","title":"Heap OOB in nested `tf.map_fn` with `RaggedTensor`s","description":"### Impact\nIt is possible to nest a `tf.map_fn` within another `tf.map_fn` call. However, if the input tensor is a `RaggedTensor` and there is no function signature provided, code assumes the output is a fully specified tensor and fills output buffer with uninitialized contents from the heap:\n\n```python\nimport tensorflow as tf\nx = tf.ragged.constant([[1,2,3], [4,5], [6]])\nt = tf.map_fn(lambda r: tf.map_fn(lambda y: r, r), x)\nz = tf.ragged.constant([[[1,2,3],[1,2,3],[1,2,3]],[[4,5],[4,5]],[[6]]])\n```\n  \nThe `t` and `z` outputs should be identical, however this is not the case. The last row of `t` contains data from the heap which can be used to leak other memory information.\n\nThe bug lies in the conversion from a `Variant` tensor to a `RaggedTensor`. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/ragged_tensor_from_variant_op.cc#L177-L190) does not check that all inner shapes match and this results in the additional dimensions in the above example.\n\nThe same implementation can result in data loss, if input tensor is tweaked:\n\n```python\nimport tensorflow as tf\nx = tf.ragged.constant([[1,2], [3,4,5], [6]])\nt = tf.map_fn(lambda r: tf.map_fn(lambda y: r, r), x) \n```\n\nHere, the output tensor will only have 2 elements for each inner dimension.\n\n### Patches\nWe have patched the issue in GitHub commit [4e2565483d0ffcadc719bd44893fb7f609bb5f12](https://github.com/tensorflow/tensorflow/commit/4e2565483d0ffcadc719bd44893fb7f609bb5f12).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Haris Sahovic.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-08-25T14:41:00.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.4,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g8wg-cjwc-xhhp","https://nvd.nist.gov/vuln/detail/CVE-2021-37679","https://github.com/tensorflow/tensorflow/commit/4e2565483d0ffcadc719bd44893fb7f609bb5f12","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-592.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-790.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-301.yaml","https://github.com/advisories/GHSA-g8wg-cjwc-xhhp"],"source_kind":"github","identifiers":["GHSA-g8wg-cjwc-xhhp","CVE-2021-37679"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":40.889448325705075,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:49.241Z","updated_at":"2024-11-13T21:15:11.000Z","epss_percentage":0.00033,"epss_percentile":0.08064},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc0eGYtMnBxdy01bXE3","url":"https://github.com/advisories/GHSA-w4xf-2pqw-5mq7","title":"Reference binding to nullptr in `RaggedTensorToVariant`","description":"### Impact\nAn attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.RaggedTensorToVariant`:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.RaggedTensorToVariant(\n  rt_nested_splits=[],\n  rt_dense_values=[1,2,3],\n  batched_input=True)\n```\n  \nThe [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/ragged_tensor_to_variant_op.cc#L129) has an incomplete validation of the splits values, missing the case when the argument would be empty.\n\n### Patches\nWe have patched the issue in GitHub commit [be7a4de6adfbd303ce08be4332554dff70362612](https://github.com/tensorflow/tensorflow/commit/be7a4de6adfbd303ce08be4332554dff70362612).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n  \n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-08-25T14:42:13.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.5,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w4xf-2pqw-5mq7","https://nvd.nist.gov/vuln/detail/CVE-2021-37666","https://github.com/tensorflow/tensorflow/commit/be7a4de6adfbd303ce08be4332554dff70362612","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-579.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-777.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-288.yaml","https://github.com/advisories/GHSA-w4xf-2pqw-5mq7"],"source_kind":"github","identifiers":["GHSA-w4xf-2pqw-5mq7","CVE-2021-37666"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":41.37622747243966,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:49.362Z","updated_at":"2024-11-13T20:58:49.000Z","epss_percentage":0.0003,"epss_percentile":0.06871},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY4MnAtaHYzdi1wNnFw","url":"https://github.com/advisories/GHSA-v82p-hv3v-p6qp","title":"Incomplete validation in MKL requantization","description":"### Impact\nDue to incomplete validation in MKL implementation of requantization, an  attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.RequantizationRangePerChannel(\n  input=[],\n  input_min=[0,0,0,0,0],\n  input_max=[1,1,1,1,1],\n  clip_value_max=1)\n```\n  \nThe [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/mkl/mkl_requantization_range_per_channel_op.cc) does not validate the dimensions of the `input` tensor.\n\nA similar issue occurs in `MklRequantizePerChannelOp`:\n\n```python\nimport tensorflow as tf \nfrom tensorflow.python.ops import gen_math_ops\n\ngen_math_ops.requantize_per_channel(\n  input=[],\n  input_min=[-100,-100,-100,-100,-100],\n  input_max=[-100,-100,-100],\n  requested_output_min=[-100,-100,-100,-100,-100],\n  requested_output_max=[],\n  out_type=tf.int)\n``` \n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/mkl/mkl_requantize_per_channel_op.cc) does not perform full validation for all the input arguments.\n\n### Patches\nWe have patched the issue in GitHub commit [9e62869465573cb2d9b5053f1fa02a81fce21d69](https://github.com/tensorflow/tensorflow/commit/9e62869465573cb2d9b5053f1fa02a81fce21d69) and in the Github commit [203214568f5bc237603dbab6e1fd389f1572f5c9](https://github.com/tensorflow/tensorflow/commit/203214568f5bc237603dbab6e1fd389f1572f5c9).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-08-25T14:42:16.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.5,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v82p-hv3v-p6qp","https://nvd.nist.gov/vuln/detail/CVE-2021-37665","https://github.com/tensorflow/tensorflow/commit/203214568f5bc237603dbab6e1fd389f1572f5c9","https://github.com/tensorflow/tensorflow/commit/9e62869465573cb2d9b5053f1fa02a81fce21d69","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-578.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-776.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-287.yaml","https://github.com/advisories/GHSA-v82p-hv3v-p6qp"],"source_kind":"github","identifiers":["GHSA-v82p-hv3v-p6qp","CVE-2021-37665"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":41.37622747243966,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:49.378Z","updated_at":"2024-11-13T20:58:22.000Z","epss_percentage":0.00084,"epss_percentile":0.25669},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXEzZzMtaDlyNC1wcnJj","url":"https://github.com/advisories/GHSA-q3g3-h9r4-prrc","title":"Reference binding to nullptr and heap OOB in binary cwise ops","description":"### Impact\nAn attacker can cause undefined behavior via binding a reference to null pointer in all binary cwise operations that don't require broadcasting (e.g., gradients of binary cwise operations):\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.SqrtGrad(y=[4, 16],dy=[])\n```\n  \nThe [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/cwise_ops_common.h#L264) assumes that the two inputs have exactly the same number of elements but does not check that. Hence, when the eigen functor executes it triggers heap OOB reads and undefined behavior due to binding to nullptr.\n\n### Patches\nWe have patched the issue in GitHub commit [93f428fd1768df147171ed674fee1fc5ab8309ec](https://github.com/tensorflow/tensorflow/commit/93f428fd1768df147171ed674fee1fc5ab8309ec).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n  \n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution \nThis vulnerability has been reported by members of the Aivul Team from Qihoo  360.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-08-25T14:42:47.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q3g3-h9r4-prrc","https://nvd.nist.gov/vuln/detail/CVE-2021-37659","https://github.com/tensorflow/tensorflow/commit/93f428fd1768df147171ed674fee1fc5ab8309ec","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-572.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-770.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-281.yaml","https://github.com/advisories/GHSA-q3g3-h9r4-prrc"],"source_kind":"github","identifiers":["GHSA-q3g3-h9r4-prrc","CVE-2021-37659"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":34.0745402714209,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:49.595Z","updated_at":"2024-11-13T20:53:29.000Z","epss_percentage":0.0004,"epss_percentile":0.11509},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdmdngtM2pmYy0yY3Bj","url":"https://github.com/advisories/GHSA-7fvx-3jfc-2cpc","title":"Heap OOB in `ResourceScatterUpdate`","description":"### Impact\nAn attacker can trigger a read from outside of bounds of heap allocated data by sending invalid arguments to `tf.raw_ops.ResourceScatterUpdate`:\n\n```python\nimport tensorflow as tf\n\nv = tf.Variable([b'vvv'])\ntf.raw_ops.ResourceScatterUpdate(\n  resource=v.handle,\n  indices=[0],\n  updates=['1', '2', '3', '4', '5'])\n```\n  \nThe [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L919-L923) has an incomplete validation of the relationship between the shapes of `indices` and `updates`: instead of checking that the shape of `indices` is a prefix of the shape of `updates` (so that broadcasting can happen), code only checks that the number of elements in these two tensors are in a divisibility relationship.\n\n### Patches \nWe have patched the issue in GitHub commit [01cff3f986259d661103412a20745928c727326f](https://github.com/tensorflow/tensorflow/commit/01cff3f986259d661103412a20745928c727326f).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n    \n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n    \n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-08-25T14:42:58.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7fvx-3jfc-2cpc","https://nvd.nist.gov/vuln/detail/CVE-2021-37655","https://github.com/tensorflow/tensorflow/commit/01cff3f986259d661103412a20745928c727326f","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-568.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-766.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-277.yaml","https://github.com/advisories/GHSA-7fvx-3jfc-2cpc"],"source_kind":"github","identifiers":["GHSA-7fvx-3jfc-2cpc","CVE-2021-37655"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":34.0745402714209,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:49.712Z","updated_at":"2024-11-13T17:28:44.000Z","epss_percentage":0.0003,"epss_percentile":0.06976},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdwNzctNGdtbS03Y3E4","url":"https://github.com/advisories/GHSA-wp77-4gmm-7cq8","title":"Incorrect validation of `SaveV2` inputs","description":"### Impact\nThe code for `tf.raw_ops.SaveV2` does not properly validate the inputs and an attacker can trigger a null pointer dereference:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.SaveV2(\n  prefix=['tensorflow'],\n  tensor_name=['v'],\n  shape_and_slices=[],\n  tensors=[1,2,3])\n```\n  \nThe [implementation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/save_restore_v2_ops.cc) uses `ValidateInputs` to  check that the input arguments are valid. This validation would have caught the illegal state represented by the reproducer  above.\n\nHowever, the validation uses `OP_REQUIRES` which translates to setting the `Status` object of the current `OpKernelContext` to an error status, followed by an empty `return` statement which just terminates the execution of the function it is present in. However, this does not mean that the kernel execution is finalized: instead, execution continues from the next line in `Compute` that follows the call to `ValidateInputs`. This is equivalent to lacking the validation.\n      \n### Patches\nWe have patched the issue in GitHub commit [9728c60e136912a12d99ca56e106b7cce7af5986](https://github.com/tensorflow/tensorflow/commit/9728c60e136912a12d99ca56e106b7cce7af5986).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.                                                                                                                                                                                                                                               \n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-08-25T14:43:29.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.5,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wp77-4gmm-7cq8","https://nvd.nist.gov/vuln/detail/CVE-2021-37648","https://github.com/tensorflow/tensorflow/commit/9728c60e136912a12d99ca56e106b7cce7af5986","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-561.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-759.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-270.yaml","https://github.com/advisories/GHSA-wp77-4gmm-7cq8"],"source_kind":"github","identifiers":["GHSA-wp77-4gmm-7cq8","CVE-2021-37648"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":41.37622747243966,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:49.909Z","updated_at":"2024-11-13T17:23:03.000Z","epss_percentage":0.00024,"epss_percentile":0.04743},{"uuid":"GSA_kwCzR0hTQS05M3ZyLTlxOW0tcGo4cM4AAyUE","url":"https://github.com/advisories/GHSA-93vr-9q9m-pj8p","title":"TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch","description":"### Impact\nIf the parameter `indices` for `DynamicStitch` does not match the shape of the parameter `data`, it can trigger an stack OOB read.\n\n```python\nimport tensorflow as tf\nfunc = tf.raw_ops.DynamicStitch\npara={'indices': [[0xdeadbeef], [405], [519], [758], [1015]], 'data': [[110.27793884277344], [120.29475402832031], [157.2418212890625], [157.2626953125], [188.45382690429688]]}\ny = func(**para)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [ee004b18b976eeb5a758020af8880236cd707d05](https://github.com/tensorflow/tensorflow/commit/ee004b18b976eeb5a758020af8880236cd707d05).\n\nThe fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis has been reported via Google OSS VRP.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-03-24T21:58:53.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p","https://github.com/tensorflow/tensorflow/commit/ee004b18b976eeb5a758020af8880236cd707d05","https://nvd.nist.gov/vuln/detail/CVE-2023-25659","https://github.com/advisories/GHSA-93vr-9q9m-pj8p"],"source_kind":"github","identifiers":["GHSA-93vr-9q9m-pj8p","CVE-2023-25659"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2023-03-24T22:03:48.152Z","updated_at":"2023-03-27T21:26:46.000Z","epss_percentage":0.0018,"epss_percentile":0.40396},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWp3ZjktdzV4bS1mNDM3","url":"https://github.com/advisories/GHSA-jwf9-w5xm-f437","title":"Heap OOB in TFLite's `Gather*` implementations","description":"### Impact\nTFLite's [`GatherNd` implementation](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather_nd.cc#L124) does not support negative indices but there are no checks for this situation.\n\nHence, an attacker can read arbitrary data from the heap by carefully crafting a model with negative values in `indices`.\n\nSimilar issue exists in [`Gather` implementation](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather.cc).\n\n```python\nimport tensorflow as tf\nimport numpy as np\ntf.compat.v1.disable_v2_behavior()\n\nparams = tf.compat.v1.placeholder(name=\"params\", dtype=tf.int64, shape=(1,))\nindices = tf.compat.v1.placeholder(name=\"indices\", dtype=tf.int64, shape=())\n\nout = tf.gather(params, indices, name='out')\n\nwith tf.compat.v1.Session() as sess:\n   converter = tf.compat.v1.lite.TFLiteConverter.from_session(sess, [params, indices], [out])\n   tflite_model = converter.convert()\n\ninterpreter = tf.lite.Interpreter(model_content=tflite_model)\ninterpreter.allocate_tensors()\n\ninput_details = interpreter.get_input_details()\noutput_details = interpreter.get_output_details()\n\nparams_data = np.reshape(np.array([1], dtype=np.int64), newshape=(1,))\nindices_data = np.reshape(np.array(-10, dtype=np.int64), newshape=())\ninterpreter.set_tensor(input_details[0]['index'], params_data)\ninterpreter.set_tensor(input_details[1]['index'], indices_data)\n\ninterpreter.invoke()\n```\n\n### Patches\nWe have patched the issue in GitHub commits [bb6a0383ed553c286f87ca88c207f6774d5c4a8f](https://github.com/tensorflow/tensorflow/commit/bb6a0383ed553c286f87ca88c207f6774d5c4a8f) and [eb921122119a6b6e470ee98b89e65d721663179d](https://github.com/tensorflow/tensorflow/commit/eb921122119a6b6e470ee98b89e65d721663179d).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security  guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang of Baidu Security.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2021-08-25T14:40:02.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":6.8,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jwf9-w5xm-f437","https://nvd.nist.gov/vuln/detail/CVE-2021-37687","https://github.com/tensorflow/tensorflow/commit/bb6a0383ed553c286f87ca88c207f6774d5c4a8f","https://github.com/tensorflow/tensorflow/commit/eb921122119a6b6e470ee98b89e65d721663179d","https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather.cc","https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather_nd.cc#L124","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-600.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-798.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-309.yaml","https://github.com/advisories/GHSA-jwf9-w5xm-f437"],"source_kind":"github","identifiers":["GHSA-jwf9-w5xm-f437","CVE-2021-37687"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":33.100981977951726,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:49.162Z","updated_at":"2024-11-13T21:21:56.000Z","epss_percentage":0.0009,"epss_percentile":0.26834},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1NDUtYzRmOS1yZjZ2","url":"https://github.com/advisories/GHSA-c545-c4f9-rf6v","title":"Heap OOB in TFLite","description":"### Impact\nTFLite's [`expand_dims.cc`](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/expand_dims.cc#L36-L50) contains a vulnerability which allows reading one element outside of bounds of heap allocated data:\n\n```cc\n  if (axis \u003c 0) { \n    axis = input_dims.size + 1 + axis;\n  }   \n  TF_LITE_ENSURE(context, axis \u003c= input_dims.size);\n\n  TfLiteIntArray* output_dims = TfLiteIntArrayCreate(input_dims.size + 1);\n  for (int i = 0; i \u003c output_dims-\u003esize; ++i) {\n    if (i \u003c axis) {\n      output_dims-\u003edata[i] = input_dims.data[i];\n    } else if (i == axis) {\n      output_dims-\u003edata[i] = 1;\n    } else {\n      output_dims-\u003edata[i] = input_dims.data[i - 1];\n    }\n  }\n```\n\nIf `axis` is a large negative value (e.g., `-100000`), then after the first `if` it would still be negative. The check following the `if` statement will pass and the `for` loop would read one element before the start of `input_dims.data` (when `i = 0`).\n\n### Patches\nWe have patched the issue in GitHub commit [d94ffe08a65400f898241c0374e9edc6fa8ed257](https://github.com/tensorflow/tensorflow/commit/d94ffe08a65400f898241c0374e9edc6fa8ed257).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang of Baidu Security.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2021-08-25T14:40:09.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":6.8,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c545-c4f9-rf6v","https://nvd.nist.gov/vuln/detail/CVE-2021-37685","https://github.com/tensorflow/tensorflow/commit/d94ffe08a65400f898241c0374e9edc6fa8ed257","https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/expand_dims.cc#L36-L50","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-598.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-796.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-307.yaml","https://github.com/advisories/GHSA-c545-c4f9-rf6v"],"source_kind":"github","identifiers":["GHSA-c545-c4f9-rf6v","CVE-2021-37685"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":33.100981977951726,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:49.173Z","updated_at":"2024-11-13T21:18:38.000Z","epss_percentage":0.00043,"epss_percentile":0.12506},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRjNGctY3JxbS14cnh3","url":"https://github.com/advisories/GHSA-4c4g-crqm-xrxw","title":"Use of unitialized value in TFLite","description":"### Impact\nAll TFLite operations that use quantization can be made to use unitialized values. [For example](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/depthwise_conv.cc#L198-L200):\n\n```cc\n    const auto* affine_quantization =\n        reinterpret_cast\u003cTfLiteAffineQuantization*\u003e(\n            filter-\u003equantization.params);\n```\n\nThe issue stems from the fact that `quantization.params` is only valid if `quantization.type` is different that `kTfLiteNoQuantization`. However, these checks are missing in large parts of the code.\n\n### Patches\nWe have patched the issue in GitHub commits [537bc7c723439b9194a358f64d871dd326c18887](https://github.com/tensorflow/tensorflow/commit/537bc7c723439b9194a358f64d871dd326c18887),\n[4a91f2069f7145aab6ba2d8cfe41be8a110c18a5](https://github.com/tensorflow/tensorflow/commit/4a91f2069f7145aab6ba2d8cfe41be8a110c18a5) and [8933b8a21280696ab119b63263babdb54c298538](https://github.com/tensorflow/tensorflow/commit/8933b8a21280696ab119b63263babdb54c298538).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution \nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360. ","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2021-08-25T14:40:32.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":4.8,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4c4g-crqm-xrxw","https://nvd.nist.gov/vuln/detail/CVE-2021-37682","https://github.com/tensorflow/tensorflow/commit/4a91f2069f7145aab6ba2d8cfe41be8a110c18a5","https://github.com/tensorflow/tensorflow/commit/537bc7c723439b9194a358f64d871dd326c18887","https://github.com/tensorflow/tensorflow/commit/8933b8a21280696ab119b63263babdb54c298538","https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/depthwise_conv.cc#L198-L200","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-595.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-793.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-304.yaml","https://github.com/advisories/GHSA-4c4g-crqm-xrxw"],"source_kind":"github","identifiers":["GHSA-4c4g-crqm-xrxw","CVE-2021-37682"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":23.365399043260044,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:49.212Z","updated_at":"2024-11-13T21:16:22.000Z","epss_percentage":0.00072,"epss_percentile":0.22555},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWg0cGMtZ3gydy1mMnh2","url":"https://github.com/advisories/GHSA-h4pc-gx2w-f2xv","title":"Heap OOB read in TFLite","description":"### Impact\nA specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of [`Split_V`](https://github.com/tensorflow/tensorflow/blob/c59c37e7b2d563967da813fa50fe20b21f4da683/tensorflow/lite/kernels/split_v.cc#L99):\n\n```cc\nconst int input_size = SizeOfDimension(input, axis_value);\n``` \n\nIf `axis_value` is not a value between 0 and `NumDimensions(input)`, then the [`SizeOfDimension` function](https://github.com/tensorflow/tensorflow/blob/102b211d892f3abc14f845a72047809b39cc65ab/tensorflow/lite/kernels/kernel_util.h#L148-L150) will access data outside the bounds of the tensor shape array:\n\n```cc\ninline int SizeOfDimension(const TfLiteTensor* t, int dim) {\n  return t-\u003edims-\u003edata[dim];\n}\n```\n  \n### Patches \nWe have patched the issue in GitHub commit [ae2daeb45abfe2c6dda539cf8d0d6f653d3ef412](https://github.com/tensorflow/tensorflow/commit/ae2daeb45abfe2c6dda539cf8d0d6f653d3ef412).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2021-05-21T14:28:24.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":6.9,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h4pc-gx2w-f2xv","https://nvd.nist.gov/vuln/detail/CVE-2021-29606","https://github.com/tensorflow/tensorflow/commit/ae2daeb45abfe2c6dda539cf8d0d6f653d3ef412","https://github.com/tensorflow/tensorflow/blob/c59c37e7b2d563967da813fa50fe20b21f4da683/tensorflow/lite/kernels/split_v.cc#L99","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-534.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-732.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-243.yaml","https://github.com/advisories/GHSA-h4pc-gx2w-f2xv"],"source_kind":"github","identifiers":["GHSA-h4pc-gx2w-f2xv","CVE-2021-29606"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":33.58776112468632,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:03.284Z","updated_at":"2024-11-13T16:10:32.000Z","epss_percentage":0.00017,"epss_percentile":0.0262},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWo4cWgtM3hycS1jODI1","url":"https://github.com/advisories/GHSA-j8qh-3xrq-c825","title":"Division by zero in TFLite's implementation of `OneHot`","description":"### Impact\nThe implementation of the `OneHot` TFLite operator is [vulnerable to a division by zero error](https://github.com/tensorflow/tensorflow/blob/f61c57bd425878be108ec787f4d96390579fb83e/tensorflow/lite/kernels/one_hot.cc#L68-L72):\n\n```cc\nint prefix_dim_size = 1;\nfor (int i = 0; i \u003c op_context.axis; ++i) {\n  prefix_dim_size *= op_context.indices-\u003edims-\u003edata[i];\n}\nconst int suffix_dim_size = NumElements(op_context.indices) / prefix_dim_size;\n```\n\nAn attacker can craft a model such that at least one of the dimensions of `indices` would be 0. In turn, the `prefix_dim_size` value would become 0.\n\n### Patches\nWe have patched the issue in GitHub commit [3ebedd7e345453d68e279cfc3e4072648e5e12e5](https://github.com/tensorflow/tensorflow/commit/3ebedd7e345453d68e279cfc3e4072648e5e12e5).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:28:04.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8qh-3xrq-c825","https://nvd.nist.gov/vuln/detail/CVE-2021-29600","https://github.com/tensorflow/tensorflow/commit/3ebedd7e345453d68e279cfc3e4072648e5e12e5","https://github.com/tensorflow/tensorflow/blob/f61c57bd425878be108ec787f4d96390579fb83e/tensorflow/lite/kernels/one_hot.cc#L68-L72","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-528.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-726.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-237.yaml","https://github.com/advisories/GHSA-j8qh-3xrq-c825"],"source_kind":"github","identifiers":["GHSA-j8qh-3xrq-c825","CVE-2021-29600"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:03.216Z","updated_at":"2024-11-13T16:07:48.000Z","epss_percentage":0.00017,"epss_percentile":0.0262},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY1MnAtaGZqZi13Zzg4","url":"https://github.com/advisories/GHSA-v52p-hfjf-wg88","title":"Division by zero in TFLite's implementation of `SpaceToBatchNd`","description":"### Impact\nThe implementation of the `SpaceToBatchNd` TFLite operator is [vulnerable to a division by zero error](https://github.com/tensorflow/tensorflow/blob/412c7d9bb8f8a762c5b266c9e73bfa165f29aac8/tensorflow/lite/kernels/space_to_batch_nd.cc#L82-L83):\n\n```cc\nTF_LITE_ENSURE_EQ(context, final_dim_size % block_shape[dim], 0);\noutput_size-\u003edata[dim + 1] = final_dim_size / block_shape[dim];\n```\n\nAn attacker can craft a model such that one dimension of the `block` input is 0. Hence, the corresponding value in `block_shape` is 0.\n\n### Patches\nWe have patched the issue in GitHub commit [6d36ba65577006affb272335b7c1abd829010708](https://github.com/tensorflow/tensorflow/commit/6d36ba65577006affb272335b7c1abd829010708).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:27:54.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v52p-hfjf-wg88","https://nvd.nist.gov/vuln/detail/CVE-2021-29597","https://github.com/tensorflow/tensorflow/commit/6d36ba65577006affb272335b7c1abd829010708","https://github.com/tensorflow/tensorflow/blob/412c7d9bb8f8a762c5b266c9e73bfa165f29aac8/tensorflow/lite/kernels/space_to_batch_nd.cc#L82-L83","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-525.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-723.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-234.yaml","https://github.com/advisories/GHSA-v52p-hfjf-wg88"],"source_kind":"github","identifiers":["GHSA-v52p-hfjf-wg88","CVE-2021-29597"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:03.189Z","updated_at":"2024-11-13T16:06:17.000Z","epss_percentage":0.00017,"epss_percentile":0.0262},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNmeDctMnhwYy04dzRo","url":"https://github.com/advisories/GHSA-cfx7-2xpc-8w4h","title":"Division by zero in TFLite's implementation of `BatchToSpaceNd`","description":"### Impact\nThe implementation of the `BatchToSpaceNd` TFLite operator is [vulnerable to a division by zero error](https://github.com/tensorflow/tensorflow/blob/b5ed552fe55895aee8bd8b191f744a069957d18d/tensorflow/lite/kernels/batch_to_space_nd.cc#L81-L82):\n\n```cc\nTF_LITE_ENSURE_EQ(context, output_batch_size % block_shape[dim], 0);\noutput_batch_size = output_batch_size / block_shape[dim];\n```\n\nAn attacker can craft a model such that one dimension of the `block` input is 0. Hence, the corresponding value in `block_shape` is 0.\n\n### Patches\nWe have patched the issue in GitHub commit [2c74674348a4708ced58ad6eb1b23354df8ee044](https://github.com/tensorflow/tensorflow/commit/2c74674348a4708ced58ad6eb1b23354df8ee044).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:27:01.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cfx7-2xpc-8w4h","https://nvd.nist.gov/vuln/detail/CVE-2021-29593","https://github.com/tensorflow/tensorflow/commit/2c74674348a4708ced58ad6eb1b23354df8ee044","https://github.com/tensorflow/tensorflow/blob/b5ed552fe55895aee8bd8b191f744a069957d18d/tensorflow/lite/kernels/batch_to_space_nd.cc#L81-L82","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-521.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-719.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-230.yaml","https://github.com/advisories/GHSA-cfx7-2xpc-8w4h"],"source_kind":"github","identifiers":["GHSA-cfx7-2xpc-8w4h","CVE-2021-29593"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:03.344Z","updated_at":"2024-10-31T21:23:54.000Z","epss_percentage":0.00017,"epss_percentile":0.0262},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWh4MngtODVnci13cnBx","url":"https://github.com/advisories/GHSA-hx2x-85gr-wrpq","title":"Out of bounds access in tensorflow-lite","description":"### Impact\nIn TensorFlow Lite models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor:\nhttps://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/internal/reference/reference_ops.h#L2625-L2631\n\nUsers having access to `segment_ids_data` can alter `output_index` and then write to outside of `output_data` buffer.\n\nThis might result in a segmentation fault but it can also be used to further corrupt the memory and can be chained with other vulnerabilities to create more advanced exploits.\n\n### Patches\nWe have patched the issue in 204945b and will release patch releases for all affected versions.\n\nWe recommend users to upgrade to TensorFlow 2.2.1, or 2.3.1.\n\n### Workarounds\nA potential workaround would be to add a custom `Verifier` to the model loading code to ensure that the segment ids are all positive, although this only handles the case when the segment ids are stored statically in the model.\n\nA similar validation could be done if the segment ids are generated at runtime between inference steps.\n\nIf the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been discovered from a variant analysis of [GHSA-p2cq-cprg-frvm](https://github.com/tensorflow/tensorflow/security/advisories/GHSA-p2cq-cprg-frvm).","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2020-09-25T18:29:00.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":9.1,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx2x-85gr-wrpq","https://github.com/tensorflow/tensorflow/commit/204945b19e44b57906c9344c0d00120eeeae178a","https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1","https://nvd.nist.gov/vuln/detail/CVE-2020-15212","https://github.com/tensorflow/tensorflow/commit/00c7ed7ce81c2126ebc17dfe7073b5c0efd5ec0a","https://github.com/tensorflow/tensorflow/commit/a4030d8ba3692c438997c27be2dd95f3d5f54827","https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/internal/reference/reference_ops.h#L2625-L2631","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-292.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-327.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-135.yaml","https://github.com/advisories/GHSA-hx2x-85gr-wrpq"],"source_kind":"github","identifiers":["GHSA-hx2x-85gr-wrpq","CVE-2020-15212"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":44.29690235284716,"packages":[{"versions":[{"first_patched_version":"2.3.1","vulnerable_version_range":"= 2.3.0"},{"first_patched_version":"2.2.1","vulnerable_version_range":"= 2.2.0"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.3.1","vulnerable_version_range":"= 2.3.0"},{"first_patched_version":"2.2.1","vulnerable_version_range":"= 2.2.0"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.3.1","vulnerable_version_range":"= 2.3.0"},{"first_patched_version":"2.2.1","vulnerable_version_range":"= 2.2.0"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:13.640Z","updated_at":"2024-10-30T21:18:37.000Z","epss_percentage":0.00238,"epss_percentile":0.4695},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXAyY3EtY3ByZy1mcnZt","url":"https://github.com/advisories/GHSA-p2cq-cprg-frvm","title":"Out of bounds write in tensorflow-lite","description":"### Impact\nIn TensorFlow Lite models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the dimensionality of output tensor:\nhttps://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/segment_sum.cc#L39-L44\n\nThis results in allocating insufficient memory for the output tensor and in a write outside the bounds of the output array:\nhttps://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/internal/reference/reference_ops.h#L2625-L2631\n\nThis usually results in a segmentation fault, but depending on runtime conditions it can provide for a write gadget to be used in future memory corruption-based exploits.\n\n### Patches\nWe have patched the issue in 204945b and will release patch releases for all affected versions.\n\nWe recommend users to upgrade to TensorFlow 2.2.1, or 2.3.1.\n\n### Workarounds\nA potential workaround would be to add a custom `Verifier` to the model loading code to ensure that the segment ids are sorted, although this only handles the case when the segment ids are stored statically in the model.\n\nA similar validation could be done if the segment ids are generated at runtime between inference steps.\n\nIf the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2020-09-25T18:28:56.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":9.1,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:L/SI:L/SA:H","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-p2cq-cprg-frvm","https://github.com/tensorflow/tensorflow/commit/204945b19e44b57906c9344c0d00120eeeae178a","https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1","https://nvd.nist.gov/vuln/detail/CVE-2020-15214","https://github.com/tensorflow/tensorflow/commit/00c7ed7ce81c2126ebc17dfe7073b5c0efd5ec0a","https://github.com/tensorflow/tensorflow/commit/a4030d8ba3692c438997c27be2dd95f3d5f54827","https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/internal/reference/reference_ops.h#L2625-L2631","https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/segment_sum.cc#L39-L44","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-294.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-329.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-137.yaml","https://github.com/advisories/GHSA-p2cq-cprg-frvm"],"source_kind":"github","identifiers":["GHSA-p2cq-cprg-frvm","CVE-2020-15214"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":44.29690235284716,"packages":[{"versions":[{"first_patched_version":"2.3.1","vulnerable_version_range":"= 2.3.0"},{"first_patched_version":"2.2.1","vulnerable_version_range":"= 2.2.0"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.3.1","vulnerable_version_range":"= 2.3.0"},{"first_patched_version":"2.2.1","vulnerable_version_range":"= 2.2.0"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.3.1","vulnerable_version_range":"= 2.3.0"},{"first_patched_version":"2.2.1","vulnerable_version_range":"= 2.2.0"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:13.649Z","updated_at":"2024-10-28T15:10:11.000Z","epss_percentage":0.00261,"epss_percentile":0.49208},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWN2cGMtOHBoaC04ZjQ1","url":"https://github.com/advisories/GHSA-cvpc-8phh-8f45","title":"Out of bounds access in tensorflow-lite","description":"### Impact\nIn TensorFlow Lite, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices for the tensors, indexing into an array of tensors that is owned by the subgraph. This results in a pattern of double array indexing when trying to get the data of each tensor: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/kernel_util.cc#L36\n\nHowever, some operators can have some tensors be optional. To handle this scenario, the flatbuffer model uses a negative `-1` value as index for these tensors:\nhttps://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/c/common.h#L82\n\nThis results in special casing during validation at model loading time: https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/core/subgraph.cc#L566-L580\n\nUnfortunately, this means that the `-1` index is a valid tensor index for any operator, including those that don't expect optional inputs and including for output tensors. Thus, this allows writing and reading from outside the bounds of heap allocated arrays, although only at a specific offset from the start of these arrays.\n\nThis results in both read and write gadgets, albeit very limited in scope.\n\n### Patches\nWe have patched the issue in several commits (46d5b0852, 00302787b7, e11f5558, cd31fd0ce, 1970c21, and fff2c83). We will release patch releases for all versions between 1.15 and 2.3.\n\nWe recommend users to upgrade to TensorFlow 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.\n\n### Workarounds\nA potential workaround would be to add a custom `Verifier` to the model loading code to ensure that only operators which accept optional inputs use the `-1` special value and only for the tensors that they expect to be optional. Since this allow-list type approach is erro-prone, we advise upgrading to the patched code.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2020-09-25T18:28:49.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":6.3,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cvpc-8phh-8f45","https://github.com/tensorflow/tensorflow/commit/00302787b788c5ff04cb6f62aed5a74d936e86c0","https://github.com/tensorflow/tensorflow/commit/1970c2158b1ffa416d159d03c3370b9a462aee35","https://github.com/tensorflow/tensorflow/commit/46d5b0852528ddfd614ded79bccc75589f801bd9","https://github.com/tensorflow/tensorflow/commit/cd31fd0ce0449a9e0f83dcad08d6ed7f1d6bef3f","https://github.com/tensorflow/tensorflow/commit/e11f55585f614645b360563072ffeb5c3eeff162","https://github.com/tensorflow/tensorflow/commit/fff2c8326280c07733828f990548979bdc893859","https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1","https://nvd.nist.gov/vuln/detail/CVE-2020-15211","http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html","https://github.com/tensorflow/tensorflow/commit/f911af101dc0ce0eec17a8740bec9b613ae4195e","https://github.com/tensorflow/tensorflow/commit/e6b213cebb56f485bd400961a2ed109aeeac9d3c","https://github.com/tensorflow/tensorflow/commit/e47eb1453f35666795a31e208c28922b08756c69","https://github.com/tensorflow/tensorflow/commit/d8f8236c29744b8e3247c083fd21c9a87180505c","https://github.com/tensorflow/tensorflow/commit/c22736982844d19af623ccd7d33e2d199493eee7","https://github.com/tensorflow/tensorflow/commit/7e283f97d8c784d3eae5062d9de25d0f432ad239","https://github.com/tensorflow/tensorflow/commit/42ed6ac86856956da65b5957a26fab130ff9471c","https://github.com/tensorflow/tensorflow/commit/38cbad757b2e1c0d64b95e4582408fa66627a67c","https://github.com/tensorflow/tensorflow/commit/1a8528bfb572884eb8137dab1bf649705c960c47","https://github.com/tensorflow/tensorflow/commit/0b5be2717a19ca7bf505369eb8bdd341405d263d","https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/kernel_util.cc#L36","https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/core/subgraph.cc#L566-L580","https://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/c/common.h#L82","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-134.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-326.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-291.yaml","https://github.com/advisories/GHSA-cvpc-8phh-8f45"],"source_kind":"github","identifiers":["GHSA-cvpc-8phh-8f45","CVE-2020-15211"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":30.667086244278806,"packages":[{"versions":[{"first_patched_version":"2.3.1","vulnerable_version_range":"= 2.3.0"},{"first_patched_version":"2.2.1","vulnerable_version_range":"= 2.2.0"},{"first_patched_version":"2.1.2","vulnerable_version_range":"\u003e= 2.1.0, \u003c 2.1.2"},{"first_patched_version":"2.0.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.0.3"},{"first_patched_version":"1.15.4","vulnerable_version_range":"\u003c 1.15.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.3.1","vulnerable_version_range":"= 2.3.0"},{"first_patched_version":"2.2.1","vulnerable_version_range":"= 2.2.0"},{"first_patched_version":"2.1.2","vulnerable_version_range":"\u003e= 2.1.0, \u003c 2.1.2"},{"first_patched_version":"2.0.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.0.3"},{"first_patched_version":"1.15.4","vulnerable_version_range":"\u003c 1.15.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.3.1","vulnerable_version_range":"= 2.3.0"},{"first_patched_version":"2.2.1","vulnerable_version_range":"= 2.2.0"},{"first_patched_version":"2.1.2","vulnerable_version_range":"\u003e= 2.1.0, \u003c 2.1.2"},{"first_patched_version":"2.0.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.0.3"},{"first_patched_version":"1.15.4","vulnerable_version_range":"\u003c 1.15.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:13.677Z","updated_at":"2024-10-28T15:02:08.000Z","epss_percentage":0.00344,"epss_percentile":0.55968},{"uuid":"GSA_kwCzR0hTQS1oN2ZmLWNmYzktd21taM4AAu2p","url":"https://github.com/advisories/GHSA-h7ff-cfc9-wmmh","title":" TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVarsPerChannelGradient`","description":"### Impact\nWhen `tf.quantization.fake_quant_with_min_max_vars_per_channel_gradient` receives input `min` or `max` of rank other than 1, it gives a `CHECK` fail that can trigger a denial of service attack.\n```python\nimport tensorflow as tf\narg_0=tf.random.uniform(shape=(1,1), dtype=tf.float32, maxval=None)\narg_1=tf.random.uniform(shape=(1,1), dtype=tf.float32, maxval=None)\narg_2=tf.random.uniform(shape=(1,1), dtype=tf.float32, maxval=None)\narg_3=tf.random.uniform(shape=(1,1), dtype=tf.float32, maxval=None)\narg_4=8\narg_5=False\narg_6=None\ntf.quantization.fake_quant_with_min_max_vars_per_channel_gradient(gradients=arg_0, \n            inputs=arg_1, min=arg_2,  max=arg_3, num_bits=arg_4, \n            narrow_range=arg_5, name=arg_6)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [f3cf67ac5705f4f04721d15e485e192bb319feed](https://github.com/tensorflow/tensorflow/commit/f3cf67ac5705f4f04721d15e485e192bb319feed).\n\nThe fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by \n - 刘力源, Information System \u0026 Security and Countermeasures Experiments Center, Beijing Institute of Technology\n - Neophytos Christou, Secure Systems Labs, Brown University\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-09-16T22:15:21.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h7ff-cfc9-wmmh","https://github.com/tensorflow/tensorflow/commit/f3cf67ac5705f4f04721d15e485e192bb319feed","https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0","https://nvd.nist.gov/vuln/detail/CVE-2022-35990","https://github.com/advisories/GHSA-h7ff-cfc9-wmmh"],"source_kind":"github","identifiers":["GHSA-h7ff-cfc9-wmmh","CVE-2022-35990"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:58.042Z","updated_at":"2023-01-28T05:03:11.000Z","epss_percentage":0.00155,"epss_percentile":0.37452},{"uuid":"GSA_kwCzR0hTQS13NjJoLTh4am0tZnY0Oc4AAu2K","url":"https://github.com/advisories/GHSA-w62h-8xjm-fv49","title":"TensorFlow vulnerable to `CHECK` fail in `DenseBincount`","description":"### Impact\n`DenseBincount` assumes its input tensor `weights` to either have the same shape as its input tensor `input` or to be length-0. A different `weights` shape will trigger a `CHECK` fail that can be used to trigger a denial of service attack.\n```python\nimport tensorflow as tf\nbinary_output = True\ninput = tf.random.uniform(shape=[0, 0], minval=-10000, maxval=10000, dtype=tf.int32, seed=-2460)\nsize = tf.random.uniform(shape=[], minval=-10000, maxval=10000, dtype=tf.int32, seed=-10000)\nweights = tf.random.uniform(shape=[], minval=-10000, maxval=10000, dtype=tf.float32, seed=-10000)\ntf.raw_ops.DenseBincount(input=input, size=size, weights=weights, binary_output=binary_output)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [bf4c14353c2328636a18bfad1e151052c81d5f43](https://github.com/tensorflow/tensorflow/commit/bf4c14353c2328636a18bfad1e151052c81d5f43).\n\nThe fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Di Jin, Secure Systems Labs, Brown University\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-09-16T21:19:15.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w62h-8xjm-fv49","https://github.com/tensorflow/tensorflow/commit/bf4c14353c2328636a18bfad1e151052c81d5f43","https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0","https://nvd.nist.gov/vuln/detail/CVE-2022-35987","https://github.com/advisories/GHSA-w62h-8xjm-fv49"],"source_kind":"github","identifiers":["GHSA-w62h-8xjm-fv49","CVE-2022-35987"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:58.360Z","updated_at":"2023-01-28T05:02:53.000Z","epss_percentage":0.00155,"epss_percentile":0.37452},{"uuid":"GSA_kwCzR0hTQS1mMnc4LWp3NDgtZnI3as4AAv-9","url":"https://github.com/advisories/GHSA-f2w8-jw48-fr7j","title":"`FractionalMaxPoolGrad` Heap out of bounds read","description":"### Impact\nIf [`FractionMaxPoolGrad`](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/fractional_max_pool_op.cc) is given outsize inputs `row_pooling_sequence` and `col_pooling_sequence`, TensorFlow will crash.\n\n```python\nimport tensorflow as tf\ntf.raw_ops.FractionMaxPoolGrad(\n\torig_input = [[[[1, 1, 1, 1, 1]]]],\n    orig_output = [[[[1, 1, 1]]]],\n    out_backprop = [[[[3], [3], [6]]]],\n    row_pooling_sequence = [-0x4000000, 1, 1], \n    col_pooling_sequence = [-0x4000000, 1, 1], \n    overlapping = False\n )\n```\n\n### Patches\nWe have patched the issue in GitHub commit [d71090c3e5ca325bdf4b02eb236cfb3ee823e927](https://github.com/tensorflow/tensorflow/commit/d71090c3e5ca325bdf4b02eb236cfb3ee823e927).\n\nThe fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Vul AI.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-11-21T21:54:04.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j","https://nvd.nist.gov/vuln/detail/CVE-2022-41897","https://github.com/tensorflow/tensorflow/commit/d71090c3e5ca325bdf4b02eb236cfb3ee823e927","https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/fractional_max_pool_op.cc","https://github.com/advisories/GHSA-f2w8-jw48-fr7j"],"source_kind":"github","identifiers":["GHSA-f2w8-jw48-fr7j","CVE-2022-41897"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:49.988Z","updated_at":"2023-02-01T05:04:00.000Z","epss_percentage":0.00133,"epss_percentile":0.34379},{"uuid":"GSA_kwCzR0hTQS14eGNqLXJocWctbTQ2Z84AAv-x","url":"https://github.com/advisories/GHSA-xxcj-rhqg-m46g","title":"Segfault via invalid attributes in `pywrap_tfe_src.cc`","description":"### Impact\nIf a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a `nullptr`, which is not caught. An example can be seen in [`tf.compat.v1.extract_volume_patches`](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/generate_box_proposals_op.cu.cc) by passing in quantized tensors as input `ksizes`.\n```python\nimport numpy as np\nimport tensorflow as tf\n\na_input = np.array([1, -1], dtype= np.int32)\na_ksizes =  a_strides = tf.constant(dtype=tf.dtypes.qint16, value=[[1, 4], [5, 2]])\n\n\ntf.compat.v1.extract_volume_patches(input=a_input,ksizes=a_ksizes,strides=a_strides,padding='VALID')\n```\n\n### Patches\nWe have patched the issue in GitHub commit [e9e95553e5411834d215e6770c81a83a3d0866ce](https://github.com/tensorflow/tensorflow/commit/e9e95553e5411834d215e6770c81a83a3d0866ce).\n\nThe fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Pattarakrit Rattankul.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-11-21T20:42:00.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xxcj-rhqg-m46g","https://nvd.nist.gov/vuln/detail/CVE-2022-41889","https://github.com/tensorflow/tensorflow/commit/e9e95553e5411834d215e6770c81a83a3d0866ce","https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/generate_box_proposals_op.cu.cc","https://github.com/advisories/GHSA-xxcj-rhqg-m46g"],"source_kind":"github","identifiers":["GHSA-xxcj-rhqg-m46g","CVE-2022-41889"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:50.055Z","updated_at":"2025-01-15T16:59:00.000Z","epss_percentage":0.0012,"epss_percentile":0.32256},{"uuid":"GSA_kwCzR0hTQS12cTM2LTI3ZzYtcDQ5Ms0orQ","url":"https://github.com/advisories/GHSA-vq36-27g6-p492","title":"Out of bounds read in Tensorflow","description":"### Impact\nTensorFlow's [type inference](https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L223-L229) can cause a heap OOB read as the bounds checking is done in a `DCHECK` (which is a no-op during production):\n\n```cc\nif (node_t.type_id() != TFT_UNSET) {\n  int ix = input_idx[i];\n  DCHECK(ix \u003c node_t.args_size())\n      \u003c\u003c \"input \" \u003c\u003c i \u003c\u003c \" should have an output \" \u003c\u003c ix\n      \u003c\u003c \" but instead only has \" \u003c\u003c node_t.args_size()\n      \u003c\u003c \" outputs: \" \u003c\u003c node_t.DebugString();\n  input_types.emplace_back(node_t.args(ix));\n  // ...\n}       \n```   \n      \nAn attacker can control `input_idx` such that `ix` would be larger than the number of values in `node_t.args`.\n        \n### Patches\nWe have patched the issue in GitHub commit [c99d98cd189839dcf51aee94e7437b54b31f8abd](https://github.com/tensorflow/tensorflow/commit/c99d98cd189839dcf51aee94e7437b54b31f8abd).\n  \nThe fix will be included in TensorFlow 2.8.0. This is the only affected version.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-02-09T23:31:48.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.2,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vq36-27g6-p492","https://github.com/tensorflow/tensorflow/commit/c99d98cd189839dcf51aee94e7437b54b31f8abd","https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L223-L229","https://nvd.nist.gov/vuln/detail/CVE-2022-23592","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-101.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-156.yaml","https://github.com/advisories/GHSA-vq36-27g6-p492"],"source_kind":"github","identifiers":["GHSA-vq36-27g6-p492","CVE-2022-23592"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":35.04809856489007,"packages":[{"versions":[{"first_patched_version":"2.8.0","vulnerable_version_range":"= 2.8.0-rc0"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.8.0","vulnerable_version_range":"= 2.8.0-rc0"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.8.0","vulnerable_version_range":"= 2.8.0-rc0"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:31.809Z","updated_at":"2024-11-13T22:16:04.000Z","epss_percentage":0.003,"epss_percentile":0.52586},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdjdjUtcXJqNi05cGZt","url":"https://github.com/advisories/GHSA-wcv5-qrj6-9pfm","title":"Heap buffer overflow in `Conv3DBackprop*`","description":"### Impact\nMissing validation between arguments to `tf.raw_ops.Conv3DBackprop*` operations can result in heap buffer overflows:\n\n```python\nimport tensorflow as tf\n\ninput_sizes = tf.constant([1, 1, 1, 1, 2], shape=[5], dtype=tf.int32)\nfilter_tensor = tf.constant([734.6274508233133, -10.0, -10.0, -10.0, -10.0, -10.0, -10.0,\n                            -10.0, -10.0, -10.0, -10.0, -10.0, -10.0, -10.0, -10.0, -10.0,\n                            -10.0, -10.0, -10.0, -10.0, -10.0, -10.0, -10.0, -10.0], shape=[4, 1, 6, 1, 1], dtype=tf.float32)\nout_backprop = tf.constant([-10.0], shape=[1, 1, 1, 1, 1], dtype=tf.float32)\n\ntf.raw_ops.Conv3DBackpropInputV2(input_sizes=input_sizes, filter=filter_tensor, out_backprop=out_backprop, strides=[1, 89, 29, 89, 1], padding='SAME', data_format='NDHWC', dilations=[1, 1, 1, 1, 1])\n```\n```python\nimport tensorflow as tf\n\ninput_values = [-10.0] * (7 * 7 * 7 * 7 * 7)\ninput_values[0] = 429.6491056791816\ninput_sizes = tf.constant(input_values, shape=[7, 7, 7, 7, 7], dtype=tf.float32)\nfilter_tensor = tf.constant([7, 7, 7, 1, 1], shape=[5], dtype=tf.int32)\nout_backprop = tf.constant([-10.0, -10.0, -10.0, -10.0, -10.0, -10.0, -10.0], shape=[7, 1, 1, 1, 1], dtype=tf.float32)\n  \ntf.raw_ops.Conv3DBackpropFilterV2(input=input_sizes, filter_sizes=filter_tensor, out_backprop=out_backprop, strides=[1, 37, 65, 93, 1], padding='VALID', data_format='NDHWC', dilations=[1, 1, 1, 1, 1])\n```\n\nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/4814fafb0ca6b5ab58a09411523b2193fed23fed/tensorflow/core/kernels/conv_grad_shape_utils.cc#L94-L153) assumes that the `input`, `filter_sizes` and `out_backprop` tensors have the same shape, as they are accessed in parallel.\n\n### Patches\nWe have patched the issue in GitHub commit [8f37b52e1320d8d72a9529b2468277791a261197](https://github.com/tensorflow/tensorflow/commit/8f37b52e1320d8d72a9529b2468277791a261197).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our securityguide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:21:12.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wcv5-qrj6-9pfm","https://nvd.nist.gov/vuln/detail/CVE-2021-29520","https://github.com/tensorflow/tensorflow/commit/8f37b52e1320d8d72a9529b2468277791a261197","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-448.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-646.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-157.yaml","https://github.com/advisories/GHSA-wcv5-qrj6-9pfm"],"source_kind":"github","identifiers":["GHSA-wcv5-qrj6-9pfm","CVE-2021-29520"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.329Z","updated_at":"2024-10-30T23:11:49.000Z","epss_percentage":0.00019,"epss_percentile":0.03467},{"uuid":"GSA_kwCzR0hTQS1xajVyLWY5bXYtcmZmaM0oiA","url":"https://github.com/advisories/GHSA-qj5r-f9mv-rffh","title":"`CHECK`-fails when building invalid tensor shapes in Tensorflow","description":"### Impact \nMultiple operations in TensorFlow can be used to trigger a denial of service via `CHECK`-fails (i.e., assertion failures). This is similar to [TFSA-2021-198](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md) (CVE-2021-41197) and has similar fixes.\n\n### Patches\nWe have patched the reported issues in multiple GitHub commits. It is possible that other similar instances exist in TensorFlow, we will issue fixes as these are discovered.\n\nThe fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.\n  \n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n  \n### Attribution\nThis vulnerability has been reported by Faysal Hossain Shezan from University of Virginia.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-02-09T23:38:56.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.1,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qj5r-f9mv-rffh","https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md","https://nvd.nist.gov/vuln/detail/CVE-2022-23569","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-78.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-133.yaml","https://github.com/advisories/GHSA-qj5r-f9mv-rffh"],"source_kind":"github","identifiers":["GHSA-qj5r-f9mv-rffh","CVE-2022-23569"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":34.56131941815548,"packages":[{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:36.842Z","updated_at":"2024-11-13T22:45:01.000Z","epss_percentage":0.00112,"epss_percentile":0.30874},{"uuid":"GSA_kwCzR0hTQS0zbXc0LTZyajYtNzRnNc0oeQ","url":"https://github.com/advisories/GHSA-3mw4-6rj6-74g5","title":"Null pointer dereference in TensorFlow","description":"### Impact \nThe [implementation of `QuantizedMaxPool`](https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/quantized_pooling_ops.cc#L114-L130) has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer.\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.QuantizedMaxPool(\n    input = tf.constant([[[[4]]]], dtype=tf.quint8),\n    min_input = [],\n    max_input = [1],\n    ksize = [1, 1, 1, 1],\n    strides = [1, 1, 1, 1],\n    padding = \"SAME\", name=None\n)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [53b0dd6dc5957652f35964af16b892ec9af4a559](https://github.com/tensorflow/tensorflow/commit/53b0dd6dc5957652f35964af16b892ec9af4a559).\n\nThe fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Faysal Hossain Shezan from University of Virginia.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-02-09T23:46:46.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.1,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3mw4-6rj6-74g5","https://github.com/tensorflow/tensorflow/commit/53b0dd6dc5957652f35964af16b892ec9af4a559","https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/quantized_pooling_ops.cc#L114-L130","https://nvd.nist.gov/vuln/detail/CVE-2022-21739","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-63.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-118.yaml","https://github.com/advisories/GHSA-3mw4-6rj6-74g5"],"source_kind":"github","identifiers":["GHSA-3mw4-6rj6-74g5","CVE-2022-21739"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":34.56131941815548,"packages":[{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:37.040Z","updated_at":"2024-11-13T22:33:27.000Z","epss_percentage":0.00209,"epss_percentile":0.43599},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTR2ZjItNHhjZy02NWN4","url":"https://github.com/advisories/GHSA-4vf2-4xcg-65cx","title":"Division by 0 in `Conv2D`","description":"### Impact\nAn attacker can trigger a division by 0 in `tf.raw_ops.Conv2D`:\n\n```python\nimport tensorflow as tf\n\ninput = tf.constant([], shape=[0, 0, 0, 0], dtype=tf.float32)\nfilter = tf.constant([], shape=[0, 0, 0, 0], dtype=tf.float32)\n\nstrides = [1, 1, 1, 1]\npadding = \"SAME\"\n                               \ntf.raw_ops.Conv2D(input=input, filter=filter, strides=strides, padding=padding)\n```                            \n                               \nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/988087bd83f144af14087fe4fecee2d250d93737/tensorflow/core/kernels/conv_ops.cc#L261-L263) does a division by a quantity that is controlled by the caller:\n```cc\n  const int64 patch_depth = filter.dim_size(2);\n  if (in_depth % patch_depth != 0) { ... }\n```\n  \n### Patches\nWe have patched the issue in GitHub commit [b12aa1d44352de21d1a6faaf04172d8c2508b42b](https://github.com/tensorflow/tensorflow/commit/b12aa1d44352de21d1a6faaf04172d8c2508b42b).\n  \nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution \nThis vulnerability has been reported by Ying Wang and Yakun Zhang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:21:55.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4vf2-4xcg-65cx","https://nvd.nist.gov/vuln/detail/CVE-2021-29526","https://github.com/tensorflow/tensorflow/commit/b12aa1d44352de21d1a6faaf04172d8c2508b42b","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-454.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-652.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-163.yaml","https://github.com/advisories/GHSA-4vf2-4xcg-65cx"],"source_kind":"github","identifiers":["GHSA-4vf2-4xcg-65cx","CVE-2021-29526"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.386Z","updated_at":"2024-10-30T22:08:54.000Z","epss_percentage":0.00015,"epss_percentile":0.01633},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhjd2otd2ZjbS1tMjNj","url":"https://github.com/advisories/GHSA-xcwj-wfcm-m23c","title":"Invalid validation in `SparseMatrixSparseCholesky`","description":"### Impact\nAn attacker can trigger a null pointer dereference by providing an invalid `permutation` to `tf.raw_ops.SparseMatrixSparseCholesky`:\n\n```python\nimport tensorflow as tf\nimport numpy as np\nfrom tensorflow.python.ops.linalg.sparse import sparse_csr_matrix_ops\n\nindices_array = np.array([[0, 0]])\nvalue_array = np.array([-10.0], dtype=np.float32)\ndense_shape = [1, 1]\nst = tf.SparseTensor(indices_array, value_array, dense_shape)\n\ninput = sparse_csr_matrix_ops.sparse_tensor_to_csr_sparse_matrix(\n       st.indices, st.values, st.dense_shape)\n\npermutation = tf.constant([], shape=[1, 0], dtype=tf.int32)\n \ntf.raw_ops.SparseMatrixSparseCholesky(input=input, permutation=permutation, type=tf.float32)\n```\n\nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/080f1d9e257589f78b3ffb75debf584168aa6062/tensorflow/core/kernels/sparse/sparse_cholesky_op.cc#L85-L86) fails to properly validate the input arguments: \n                          \n```cc \nvoid Compute(OpKernelContext* ctx) final {\n  ...\n  const Tensor\u0026 input_permutation_indices = ctx-\u003einput(1);\n  ...\n  ValidateInputs(ctx, *input_matrix, input_permutation_indices, \u0026batch_size, \u0026num_rows);\n  ...\n}\n\nvoid ValidateInputs(OpKernelContext* ctx,\n    const CSRSparseMatrix\u0026 sparse_matrix,\n    const Tensor\u0026 permutation_indices, int* batch_size,\n    int64* num_rows) {\n  OP_REQUIRES(ctx, sparse_matrix.dtype() == DataTypeToEnum\u003cT\u003e::value, ...)\n  ...\n}\n```\nAlthough `ValidateInputs` is called and there are checks in the body of this function, the code proceeds to the next line in `ValidateInputs` since [`OP_REQUIRES`](https://github.com/tensorflow/tensorflow/blob/080f1d9e257589f78b3ffb75debf584168aa6062/tensorflow/core/framework/op_requires.h#L41-L48) is a macro that only exits the current function.\n\n```cc\n#define OP_REQUIRES(CTX, EXP, STATUS)                     \\\n  do {                                                    \\\n    if (!TF_PREDICT_TRUE(EXP)) {                          \\\n      CheckNotInComputeAsync((CTX), \"OP_REQUIRES_ASYNC\"); \\\n      (CTX)-\u003eCtxFailure(__FILE__, __LINE__, (STATUS));    \\\n      return;                                             \\\n    }                                                     \\\n  } while (0)\n```\n\nThus, the first validation condition that fails in `ValidateInputs` will cause an early return from that function. However, the caller will continue execution from the next line. The fix is to either explicitly check `context-\u003estatus()` or to convert `ValidateInputs` to return a `Status`.\n\n### Patches\nWe have patched the issue in GitHub commit [e6a7c7cc18c3aaad1ae0872cb0a959f5c923d2bd](https://github.com/tensorflow/tensorflow/commit/e6a7c7cc18c3aaad1ae0872cb0a959f5c923d2bd).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Ying Wang and Yakun Zhang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:22:09.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xcwj-wfcm-m23c","https://nvd.nist.gov/vuln/detail/CVE-2021-29530","https://github.com/tensorflow/tensorflow/commit/e6a7c7cc18c3aaad1ae0872cb0a959f5c923d2bd","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-458.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-656.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-167.yaml","https://github.com/advisories/GHSA-xcwj-wfcm-m23c"],"source_kind":"github","identifiers":["GHSA-xcwj-wfcm-m23c","CVE-2021-29530"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.433Z","updated_at":"2024-10-30T23:19:46.000Z","epss_percentage":0.00021,"epss_percentile":0.03835},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZwaHEtZ3c5bS1naHJ2","url":"https://github.com/advisories/GHSA-fphq-gw9m-ghrv","title":"CHECK-fail in `CTCGreedyDecoder`","description":"### Impact\nAn attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.CTCGreedyDecoder`:\n\n```python\nimport tensorflow as tf\n\ninputs = tf.constant([], shape=[18, 2, 0], dtype=tf.float32)\nsequence_length = tf.constant([-100, 17], shape=[2], dtype=tf.int32)\nmerge_repeated = False\n\ntf.raw_ops.CTCGreedyDecoder(inputs=inputs, sequence_length=sequence_length, merge_repeated=merge_repeated)\n```\n  \nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/1615440b17b364b875eb06f43d087381f1460a65/tensorflow/core/kernels/ctc_decoder_ops.cc#L37-L50) has a `CHECK_LT` inserted to validate some invariants. When this condition is false, the program aborts, instead of returning a valid error to the user. This abnormal termination can be weaponized in denial of service attacks.\n\n### Patches \nWe have patched the issue in GitHub commit [ea3b43e98c32c97b35d52b4c66f9107452ca8fb2](https://github.com/tensorflow/tensorflow/commit/ea3b43e98c32c97b35d52b4c66f9107452ca8fb2).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n                      \n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.        \n                      \n### Attribution\nThis vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:23:18.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fphq-gw9m-ghrv","https://nvd.nist.gov/vuln/detail/CVE-2021-29543","https://github.com/tensorflow/tensorflow/commit/ea3b43e98c32c97b35d52b4c66f9107452ca8fb2","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-471.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-669.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-180.yaml","https://github.com/advisories/GHSA-fphq-gw9m-ghrv"],"source_kind":"github","identifiers":["GHSA-fphq-gw9m-ghrv","CVE-2021-29543"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.566Z","updated_at":"2024-10-31T20:38:50.000Z","epss_percentage":0.00015,"epss_percentile":0.018},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg4M20tcDdwdi1jaDh2","url":"https://github.com/advisories/GHSA-x83m-p7pv-ch8v","title":"Division by 0 in `QuantizedAdd`","description":"### Impact\nAn attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedAdd`:\n\n```python\nimport tensorflow as tf\n\nx = tf.constant([68, 228], shape=[2, 1], dtype=tf.quint8)\ny = tf.constant([], shape=[2, 0], dtype=tf.quint8)\n\nmin_x = tf.constant(10.723421015884028)\nmax_x = tf.constant(15.19578006631113)\nmin_y = tf.constant(-5.539003866682977)\nmax_y = tf.constant(42.18819949559947)\n\ntf.raw_ops.QuantizedAdd(x=x, y=y, min_x=min_x, max_x=max_x, min_y=min_y, max_y=max_y)\n```\n\nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/6f26b3f3418201479c264f2a02000880d8df151c/tensorflow/core/kernels/quantized_add_op.cc#L289-L295) computes a modulo operation without validating that the divisor is not zero.\n\n```cc\nvoid VectorTensorAddition(const T* vector_data, float min_vector,\n                          float max_vector, int64 vector_num_elements,\n                          const T* tensor_data, float min_tensor,\n                          float max_tensor, int64 tensor_num_elements,\n                          float output_min, float output_max, Toutput* output) {\n  for (int i = 0; i \u003c tensor_num_elements; ++i) {\n    const int64 vector_i = i % vector_num_elements;\n    ...\n  }\n}\n```\n\nSince `vector_num_elements` is [determined based on input shapes](https://github.com/tensorflow/tensorflow/blob/6f26b3f3418201479c264f2a02000880d8df151c/tensorflow/core/kernels/quantized_add_op.cc#L522-L544), a user can trigger scenarios where this quantity is 0.\n\n### Patches\nWe have patched the issue in GitHub commit [744009c9e5cc5d0447f0dc39d055f917e1fd9e16](https://github.com/tensorflow/tensorflow/commit/744009c9e5cc5d0447f0dc39d055f917e1fd9e16).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:23:38.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x83m-p7pv-ch8v","https://nvd.nist.gov/vuln/detail/CVE-2021-29549","https://github.com/tensorflow/tensorflow/commit/744009c9e5cc5d0447f0dc39d055f917e1fd9e16","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-477.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-675.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-186.yaml","https://github.com/advisories/GHSA-x83m-p7pv-ch8v"],"source_kind":"github","identifiers":["GHSA-x83m-p7pv-ch8v","CVE-2021-29549"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.644Z","updated_at":"2024-10-31T20:47:00.000Z","epss_percentage":0.00015,"epss_percentile":0.018},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWZ4cWgtY2ZqbS1mcDkz","url":"https://github.com/advisories/GHSA-fxqh-cfjm-fp93","title":"Division by 0 in `Reverse`","description":"### Impact\nAn attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.Reverse`:\n\n```python\nimport tensorflow as tf\n\ntensor_input = tf.constant([], shape=[0, 1, 1], dtype=tf.int32)\ndims = tf.constant([False, True, False], shape=[3], dtype=tf.bool)\n\ntf.raw_ops.Reverse(tensor=tensor_input, dims=dims)\n``` \n    \nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/36229ea9e9451dac14a8b1f4711c435a1d84a594/tensorflow/core/kernels/reverse_op.cc#L75-L76) performs a division based on the first dimension of the tensor argument:\n    \n```cc\nconst int64 N = input.dim_size(0);\nconst int64 cost_per_unit = input.NumElements() / N;\n```\n\nSince this is controlled by the user, an attacker can trigger a denial of service.\n\n### Patches\nWe have patched the issue in GitHub commit [4071d8e2f6c45c1955a811fee757ca2adbe462c1](https://github.com/tensorflow/tensorflow/commit/4071d8e2f6c45c1955a811fee757ca2adbe462c1).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Ying Wang and Yakun Zhang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:24:39.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fxqh-cfjm-fp93","https://nvd.nist.gov/vuln/detail/CVE-2021-29556","https://github.com/tensorflow/tensorflow/commit/4071d8e2f6c45c1955a811fee757ca2adbe462c1","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-484.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-682.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-193.yaml","https://github.com/advisories/GHSA-fxqh-cfjm-fp93"],"source_kind":"github","identifiers":["GHSA-fxqh-cfjm-fp93","CVE-2021-29556"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.777Z","updated_at":"2024-10-31T20:54:11.000Z","epss_percentage":0.00015,"epss_percentile":0.018},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXIzNWctNDUyNS0yOWZx","url":"https://github.com/advisories/GHSA-r35g-4525-29fq","title":"Division by 0 in `FusedBatchNorm`","description":"### Impact\nAn attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.FusedBatchNorm`:\n\n```python\nimport tensorflow as tf\n\nx = tf.constant([], shape=[1, 1, 1, 0], dtype=tf.float32)\nscale = tf.constant([], shape=[0], dtype=tf.float32)\noffset = tf.constant([], shape=[0], dtype=tf.float32)\nmean = tf.constant([], shape=[0], dtype=tf.float32)\nvariance = tf.constant([], shape=[0], dtype=tf.float32)\nepsilon = 0.0\nexponential_avg_factor = 0.0\ndata_format = \"NHWC\"\nis_training = False\n\ntf.raw_ops.FusedBatchNorm(\n    x=x, scale=scale, offset=offset, mean=mean,\n    variance=variance, epsilon=epsilon,\n    exponential_avg_factor=exponential_avg_factor,\n    data_format=data_format, is_training=is_training)\n``` \n  \nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/828f346274841fa7505f7020e88ca36c22e557ab/tensorflow/core/kernels/fused_batch_norm_op.cc#L295-L297) performs a division based on the last dimension of the `x` tensor:\n\n```cc \nconst int depth = x.dimension(3);\nconst int rest_size = size / depth;\n```\n\nSince this is controlled by the user, an attacker can trigger a denial of service.\n\n### Patches\nWe have patched the issue in GitHub commit [1a2a87229d1d61e23a39373777c056161eb4084d](https://github.com/tensorflow/tensorflow/commit/1a2a87229d1d61e23a39373777c056161eb4084d).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Ying Wang and Yakun Zhang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:23:58.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r35g-4525-29fq","https://nvd.nist.gov/vuln/detail/CVE-2021-29555","https://github.com/tensorflow/tensorflow/commit/1a2a87229d1d61e23a39373777c056161eb4084d","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-483.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-681.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-192.yaml","https://github.com/advisories/GHSA-r35g-4525-29fq"],"source_kind":"github","identifiers":["GHSA-r35g-4525-29fq","CVE-2021-29555"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.758Z","updated_at":"2024-10-31T20:53:46.000Z","epss_percentage":0.00015,"epss_percentile":0.018},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTdjcXgtOTJocC14Nndo","url":"https://github.com/advisories/GHSA-7cqx-92hp-x6wh","title":"Heap buffer overflow in `MaxPool3DGradGrad`","description":"### Impact\nThe implementation of `tf.raw_ops.MaxPool3DGradGrad` is vulnerable to a heap buffer overflow: \n\n```python\nimport tensorflow as tf\n\nvalues = [0.01] * 11\norig_input = tf.constant(values, shape=[11, 1, 1, 1, 1], dtype=tf.float32)\norig_output = tf.constant([0.01], shape=[1, 1, 1, 1, 1], dtype=tf.float32)\ngrad = tf.constant([0.01], shape=[1, 1, 1, 1, 1], dtype=tf.float32)\nksize = [1, 1, 1, 1, 1]\nstrides = [1, 1, 1, 1, 1]\npadding = \"SAME\"\n\ntf.raw_ops.MaxPool3DGradGrad(\n    orig_input=orig_input, orig_output=orig_output, grad=grad, ksize=ksize,\n    strides=strides, padding=padding)\n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/596c05a159b6fbb9e39ca10b3f7753b7244fa1e9/tensorflow/core/kernels/pooling_ops_3d.cc#L694-L696) does not check that the initialization of `Pool3dParameters` completes successfully:\n\n```cc\nPool3dParameters params{context,  ksize_,       stride_,\n                        padding_, data_format_, tensor_in.shape()};\n```\n\nSince [the constructor](https://github.com/tensorflow/tensorflow/blob/596c05a159b6fbb9e39ca10b3f7753b7244fa1e9/tensorflow/core/kernels/pooling_ops_3d.cc#L48-L88) uses `OP_REQUIRES` to validate conditions, the first assertion that fails interrupts the initialization of `params`, making it contain invalid data. In turn, this might cause a heap buffer overflow, depending on default initialized values.\n\n### Patches\nWe have patched the issue in GitHub commit [63c6a29d0f2d692b247f7bf81f8732d6442fad09](https://github.com/tensorflow/tensorflow/commit/63c6a29d0f2d692b247f7bf81f8732d6442fad09).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Ying Wang and Yakun Zhang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:26:16.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7cqx-92hp-x6wh","https://nvd.nist.gov/vuln/detail/CVE-2021-29576","https://github.com/tensorflow/tensorflow/commit/63c6a29d0f2d692b247f7bf81f8732d6442fad09","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-504.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-702.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-213.yaml","https://github.com/advisories/GHSA-7cqx-92hp-x6wh"],"source_kind":"github","identifiers":["GHSA-7cqx-92hp-x6wh","CVE-2021-29576"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:03.000Z","updated_at":"2024-11-01T17:11:05.000Z","epss_percentage":0.00018,"epss_percentile":0.03014},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdocjktdmZoMi03aG02","url":"https://github.com/advisories/GHSA-whr9-vfh2-7hm6","title":"Memory corruption in `DrawBoundingBoxesV2`","description":"### Impact\nThe implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs:\n\n```python\nimport tensorflow as tf\n\nimages = tf.fill([10, 96, 0, 1], 0.)\nboxes = tf.fill([10, 53, 0], 0.)\ncolors = tf.fill([0, 1], 0.)\n\ntf.raw_ops.DrawBoundingBoxesV2(images=images, boxes=boxes, colors=colors)\n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/31bd5026304677faa8a0b77602c6154171b9aec1/tensorflow/core/kernels/image/draw_bounding_box_op.cc#L116-L130) assumes that the last element of `boxes` input is 4, as required by [the op](https://www.tensorflow.org/api_docs/python/tf/raw_ops/DrawBoundingBoxesV2). Since this is not checked attackers passing values less than 4 can write outside of bounds of heap allocated objects and cause memory corruption:\n\n```cc \nconst auto tboxes = boxes.tensor\u003cT, 3\u003e();\nfor (int64 bb = 0; bb \u003c num_boxes; ++bb) {\n  ...\n  const int64 min_box_row = static_cast\u003cfloat\u003e(tboxes(b, bb, 0)) * (height - 1);\n  const int64 max_box_row = static_cast\u003cfloat\u003e(tboxes(b, bb, 2)) * (height - 1);\n  const int64 min_box_col = static_cast\u003cfloat\u003e(tboxes(b, bb, 1)) * (width - 1);\n  const int64 max_box_col = static_cast\u003cfloat\u003e(tboxes(b, bb, 3)) * (width - 1);\n  ...\n}\n``` \n\nIf the last dimension in `boxes` is less than 4, accesses similar to `tboxes(b, bb, 3)` will access data outside of bounds. Further during code execution there are also writes to these indices.\n\n### Patches\nWe have patched the issue in GitHub commit [79865b542f9ffdc9caeb255631f7c56f1d4b6517](https://github.com/tensorflow/tensorflow/commit/79865b542f9ffdc9caeb255631f7c56f1d4b6517).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:25:28.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-whr9-vfh2-7hm6","https://nvd.nist.gov/vuln/detail/CVE-2021-29571","https://github.com/tensorflow/tensorflow/commit/79865b542f9ffdc9caeb255631f7c56f1d4b6517","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-499.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-697.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-208.yaml","https://github.com/advisories/GHSA-whr9-vfh2-7hm6"],"source_kind":"github","identifiers":["GHSA-whr9-vfh2-7hm6","CVE-2021-29571"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.944Z","updated_at":"2025-06-07T01:13:07.051Z","epss_percentage":0.00026,"epss_percentile":0.05497},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXZxMnItNXh2bS0zaGMz","url":"https://github.com/advisories/GHSA-vq2r-5xvm-3hc3","title":"Segfault in `CTCBeamSearchDecoder`","description":"### Impact\nDue to lack of validation in `tf.raw_ops.CTCBeamSearchDecoder`, an attacker can trigger denial of service via segmentation faults:\n\n```python\nimport tensorflow as tf\n\ninputs = tf.constant([], shape=[18, 8, 0], dtype=tf.float32)\nsequence_length = tf.constant([11, -43, -92, 11, -89, -83, -35, -100],\nshape=[8], dtype=tf.int32)\nbeam_width = 10\ntop_paths = 3\nmerge_repeated = True\n\ntf.raw_ops.CTCBeamSearchDecoder(\n  inputs=inputs, sequence_length=sequence_length, beam_width=beam_width,\n  top_paths=top_paths, merge_repeated=merge_repeated)\n``` \n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/a74768f8e4efbda4def9f16ee7e13cf3922ac5f7/tensorflow/core/kernels/ctc_decoder_ops.cc#L68-L79) fails to detect cases when the input tensor is empty and proceeds to read data from a null buffer.\n  \n### Patches\nWe have patched the issue in GitHub commit [b1b323042264740c398140da32e93fb9c2c9f33e](https://github.com/tensorflow/tensorflow/commit/b1b323042264740c398140da32e93fb9c2c9f33e).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:26:30.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vq2r-5xvm-3hc3","https://nvd.nist.gov/vuln/detail/CVE-2021-29581","https://github.com/tensorflow/tensorflow/commit/b1b323042264740c398140da32e93fb9c2c9f33e","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-509.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-707.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-218.yaml","https://github.com/advisories/GHSA-vq2r-5xvm-3hc3"],"source_kind":"github","identifiers":["GHSA-vq2r-5xvm-3hc3","CVE-2021-29581"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:03.055Z","updated_at":"2024-11-01T17:13:55.000Z","epss_percentage":0.00015,"epss_percentile":0.018},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTJ4Z2oteGhnZi1nZ2p2","url":"https://github.com/advisories/GHSA-2xgj-xhgf-ggjv","title":"Heap buffer overflow in `BandedTriangularSolve`","description":"### Impact\nAn attacker can trigger a heap buffer overflow in Eigen implementation of `tf.raw_ops.BandedTriangularSolve`:\n\n```python\nimport tensorflow as tf\nimport numpy as np\n  \nmatrix_array = np.array([])\nmatrix_tensor = tf.convert_to_tensor(np.reshape(matrix_array,(0,1)),dtype=tf.float32)\nrhs_array = np.array([1,1])\nrhs_tensor = tf.convert_to_tensor(np.reshape(rhs_array,(1,2)),dtype=tf.float32)\ntf.raw_ops.BandedTriangularSolve(matrix=matrix_tensor,rhs=rhs_tensor)\n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorflow/core/kernels/linalg/banded_triangular_solve_op.cc#L269-L278) calls `ValidateInputTensors` for input validation but fails to validate that the two tensors are not empty:\n  \n```cc\nvoid ValidateInputTensors(OpKernelContext* ctx, const Tensor\u0026 in0, const Tensor\u0026 in1) {\n  OP_REQUIRES(\n      ctx, in0.dims() \u003e= 2, \n      errors::InvalidArgument(\"In[0] ndims must be \u003e= 2: \", in0.dims()));\n\n  OP_REQUIRES(\n      ctx, in1.dims() \u003e= 2,\n      errors::InvalidArgument(\"In[1] ndims must be \u003e= 2: \", in1.dims()));\n}\n``` \n\nFurthermore, since `OP_REQUIRES` macro only stops execution of current function after setting `ctx-\u003estatus()` to a non-OK value, callers of helper functions that use `OP_REQUIRES` must check value of `ctx-\u003estatus()` before continuing. This doesn't happen [in this op's implementation](https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorflow/core/kernels/linalg/banded_triangular_solve_op.cc#L219), hence the validation that is present is also not effective.\n\n### Patches\nWe have patched the issue in GitHub commit [ba6822bd7b7324ba201a28b2f278c29a98edbef2](https://github.com/tensorflow/tensorflow/commit/ba6822bd7b7324ba201a28b2f278c29a98edbef2) followed by GitHub commit [0ab290774f91a23bebe30a358fde4e53ab4876a0](https://github.com/tensorflow/tensorflow/commit/0ab290774f91a23bebe30a358fde4e53ab4876a0).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Ye Zhang and Yakun Zhang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:28:37.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2xgj-xhgf-ggjv","https://nvd.nist.gov/vuln/detail/CVE-2021-29612","https://github.com/tensorflow/tensorflow/commit/0ab290774f91a23bebe30a358fde4e53ab4876a0","https://github.com/tensorflow/tensorflow/commit/ba6822bd7b7324ba201a28b2f278c29a98edbef2","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-540.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-738.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-249.yaml","https://github.com/advisories/GHSA-2xgj-xhgf-ggjv"],"source_kind":"github","identifiers":["GHSA-2xgj-xhgf-ggjv","CVE-2021-29612"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:03.468Z","updated_at":"2024-11-13T16:02:22.000Z","epss_percentage":0.00125,"epss_percentile":0.33124},{"uuid":"GSA_kwCzR0hTQS1ocTdnLXd3d3AtcTQ2aM4AAv--","url":"https://github.com/advisories/GHSA-hq7g-wwwp-q46h","title":"`CHECK` fail via inputs in `SparseFillEmptyRowsGrad`","description":"### Impact\nIf [`SparseFillEmptyRowsGrad`](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sparse_fill_empty_rows_op_gpu.cu.cc) is given empty inputs, TensorFlow will crash.\n\n```python\nimport tensorflow as tf\ntf.raw_ops.SparseFillEmptyRowsGrad(\n    reverse_index_map=[], grad_values=[], name=None\n)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [af4a6a3c8b95022c351edae94560acc61253a1b8](https://github.com/tensorflow/tensorflow/commit/af4a6a3c8b95022c351edae94560acc61253a1b8).\n\nThe fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Jiawei Liu, PhD student at University of Illinois, Urbana-Champaign.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-11-21T21:54:18.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hq7g-wwwp-q46h","https://nvd.nist.gov/vuln/detail/CVE-2022-41898","https://github.com/tensorflow/tensorflow/commit/af4a6a3c8b95022c351edae94560acc61253a1b8","https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/sparse_fill_empty_rows_op_gpu.cu.cc","https://github.com/advisories/GHSA-hq7g-wwwp-q46h"],"source_kind":"github","identifiers":["GHSA-hq7g-wwwp-q46h","CVE-2022-41898"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:49.979Z","updated_at":"2023-02-01T05:04:05.000Z","epss_percentage":0.00166,"epss_percentile":0.3875},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2cjYtODRnci05MnJt","url":"https://github.com/advisories/GHSA-v6r6-84gr-92rm","title":"Heap buffer overflow in `AvgPool3DGrad`","description":"### Impact\nThe implementation of `tf.raw_ops.AvgPool3DGrad` is vulnerable to a heap buffer overflow:\n\n```python\nimport tensorflow as tf\n\norig_input_shape = tf.constant([10, 6, 3, 7, 7], shape=[5], dtype=tf.int32)\ngrad = tf.constant([0.01, 0, 0], shape=[3, 1, 1, 1, 1], dtype=tf.float32)\nksize = [1, 1, 1, 1, 1]\nstrides = [1, 1, 1, 1, 1]\npadding = \"SAME\"\n\ntf.raw_ops.AvgPool3DGrad(\n  orig_input_shape=orig_input_shape, grad=grad, ksize=ksize, strides=strides,\n  padding=padding)\n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/d80ffba9702dc19d1fac74fc4b766b3fa1ee976b/tensorflow/core/kernels/pooling_ops_3d.cc#L376-L450) assumes that the `orig_input_shape` and `grad` tensors have similar first and last dimensions but does not check that this assumption is validated.\n\n### Patches\nWe have patched the issue in GitHub commit [6fc9141f42f6a72180ecd24021c3e6b36165fe0d](https://github.com/tensorflow/tensorflow/commit/6fc9141f42f6a72180ecd24021c3e6b36165fe0d).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Ying Wang and Yakun Zhang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:26:18.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v6r6-84gr-92rm","https://nvd.nist.gov/vuln/detail/CVE-2021-29577","https://github.com/tensorflow/tensorflow/commit/6fc9141f42f6a72180ecd24021c3e6b36165fe0d","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-505.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-703.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-214.yaml","https://github.com/advisories/GHSA-v6r6-84gr-92rm"],"source_kind":"github","identifiers":["GHSA-v6r6-84gr-92rm","CVE-2021-29577"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:03.010Z","updated_at":"2024-11-01T17:11:44.000Z","epss_percentage":0.00018,"epss_percentile":0.03034},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTg0NHctajg2ci00eDJq","url":"https://github.com/advisories/GHSA-844w-j86r-4x2j","title":"Heap buffer overflow in `UnsortedSegmentSum` in TensorFlow","description":"### Impact\n\nA heap buffer overflow in `UnsortedSegmentSum` can be produced when the `Index` template argument is `int32`. In this case `data_size` and `num_segments` fields are truncated from `int64` to `int32` and can produce negative numbers, resulting in accessing out of bounds heap memory.\n\nThis is unlikely to be exploitable and was detected and fixed internally. We are making the security advisory only to notify users that it is better to update to TensorFlow 1.15 or 2.0 or later as these versions already have this fixed.\n\n### Patches\n\nPatched by db4f9717c41bccc3ce10099ab61996b246099892 and released in all official releases after 1.15 and 2.0.\n\n### For more information\nPlease consult [`SECURITY.md`](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2019-12-16T20:17:10.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.1,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-844w-j86r-4x2j","https://github.com/tensorflow/tensorflow/commit/db4f9717c41bccc3ce10099ab61996b246099892","https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2019-002.md","https://nvd.nist.gov/vuln/detail/CVE-2019-16778","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2019-227.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2019-234.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2019-209.yaml","https://github.com/advisories/GHSA-844w-j86r-4x2j"],"source_kind":"github","identifiers":["GHSA-844w-j86r-4x2j","CVE-2019-16778"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":10.222362081426269,"packages":[{"versions":[{"first_patched_version":"1.15.0","vulnerable_version_range":"\u003c 1.15.0"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"1.15.0","vulnerable_version_range":"\u003c 1.15.0"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"1.15.0","vulnerable_version_range":"\u003c 1.15.0"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:26.838Z","updated_at":"2024-10-28T14:44:39.000Z","epss_percentage":0.00336,"epss_percentile":0.55555},{"uuid":"GSA_kwCzR0hTQS12amc0LXYzM2MtZ2djNM0ocA","url":"https://github.com/advisories/GHSA-vjg4-v33c-ggc4","title":"Out of bounds read in Tensorflow","description":"### Impact \nThe [implementation of `FractionalAvgPoolGrad`](https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/fractional_avg_pool_op.cc#L209-L360) does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap:\n\n```python\nimport tensorflow as tf\n\n@tf.function\ndef test():\n  y = tf.raw_ops.FractionalAvgPoolGrad(\n    orig_input_tensor_shape=[2,2,2,2],\n    out_backprop=[[[[1,2], [3, 4], [5, 6]], [[7, 8], [9,10], [11,12]]]],\n    row_pooling_sequence=[-10,1,2,3],\n    col_pooling_sequence=[1,2,3,4],\n    overlapping=True)\n  return y\n    \ntest()\n```\n\n### Patches\nWe have patched the issue in GitHub commit [002408c3696b173863228223d535f9de72a101a9](https://github.com/tensorflow/tensorflow/commit/002408c3696b173863228223d535f9de72a101a9).\n\nThe fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n  \n### Attribution\nThis vulnerability has been reported by Yu Tian of Qihoo 360 AIVul Team.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-02-09T18:29:45.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.2,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vjg4-v33c-ggc4","https://github.com/tensorflow/tensorflow/commit/002408c3696b173863228223d535f9de72a101a9","https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/fractional_avg_pool_op.cc#L209-L360","https://nvd.nist.gov/vuln/detail/CVE-2022-21730","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-54.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-109.yaml","https://github.com/advisories/GHSA-vjg4-v33c-ggc4"],"source_kind":"github","identifiers":["GHSA-vjg4-v33c-ggc4","CVE-2022-21730"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":35.04809856489007,"packages":[{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:37.150Z","updated_at":"2024-11-13T22:11:43.000Z","epss_percentage":0.00281,"epss_percentile":0.5094},{"uuid":"GSA_kwCzR0hTQS13YzRnLXI3M3cteDhtbc0ogw","url":"https://github.com/advisories/GHSA-wc4g-r73w-x8mm","title":"Insecure temporary file in Tensorflow","description":"### Impact\nIn multiple places, TensorFlow uses `tempfile.mktemp` to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in `mktemp` and the actual creation of the file by a subsequent operation (a TOC/TOU type of weakness).\n\nIn several instances, TensorFlow was supposed to actually create a temporary directory instead of a file. This logic bug is hidden away by the `mktemp` function usage.\n\n### Patches\nWe have patched the issue in several commits, replacing `mktemp` with the safer `mkstemp`/`mkdtemp` functions, according to the usage pattern.\nThe fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported on huntr.dev for one scenario and discovered via variant analysis on other instances.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-02-09T23:54:51.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.4,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wc4g-r73w-x8mm","https://nvd.nist.gov/vuln/detail/CVE-2022-23563","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-72.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-127.yaml","https://github.com/advisories/GHSA-wc4g-r73w-x8mm"],"source_kind":"github","identifiers":["GHSA-wc4g-r73w-x8mm","CVE-2022-23563"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":40.889448325705075,"packages":[{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:36.911Z","updated_at":"2024-11-13T22:39:28.000Z","epss_percentage":0.00014,"epss_percentile":0.01671},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFoeHgtajczci1xcG0y","url":"https://github.com/advisories/GHSA-qhxx-j73r-qpm2","title":"Uninitialized memory access in TensorFlow","description":"### Impact\nUnder certain cases, a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to [default initialize the quantized floating point types in Eigen](https://github.com/tensorflow/tensorflow/blob/f70160322a579144950dff1537dcbe3c7c09d6f5/third_party/eigen3/unsupported/Eigen/CXX11/src/FixedPoint/FixedPointTypes.h#L61-L104):\n\n```cc\nstruct QUInt8 {\n  QUInt8() {}\n  // ...\n  uint8_t value;\n};\n\nstruct QInt16 {\n  QInt16() {}\n  // ...\n  int16_t value;\n};\n\nstruct QUInt16 {\n  QUInt16() {}\n  // ...\n  uint16_t value;\n};\n\nstruct QInt32 {\n  QInt32() {}\n  // ...\n  int32_t value;\n};\n```\n\n### Patches\nWe have patched the issue in GitHub commit [ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2](https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2) and will release TensorFlow 2.4.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.\n\nSince this issue also impacts TF versions before 2.4, we will patch all releases between 1.15 and 2.3 inclusive.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2020-12-10T19:07:24.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":4.8,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhxx-j73r-qpm2","https://github.com/tensorflow/tensorflow/commit/ace0c15a22f7f054abcc1f53eabbcb0a1239a9e2","https://nvd.nist.gov/vuln/detail/CVE-2020-26266","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-297.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-332.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-254.yaml","https://github.com/advisories/GHSA-qhxx-j73r-qpm2"],"source_kind":"github","identifiers":["GHSA-qhxx-j73r-qpm2","CVE-2020-26266"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":23.365399043260044,"packages":[{"versions":[{"first_patched_version":"2.3.2","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.2"},{"first_patched_version":"2.2.2","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.2"},{"first_patched_version":"2.1.3","vulnerable_version_range":"\u003e= 2.1.0, \u003c 2.1.3"},{"first_patched_version":"2.0.4","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.0.4"},{"first_patched_version":"1.15.5","vulnerable_version_range":"\u003c 1.15.5"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.3.2","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.2"},{"first_patched_version":"2.2.2","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.2"},{"first_patched_version":"2.1.3","vulnerable_version_range":"\u003e= 2.1.0, \u003c 2.1.3"},{"first_patched_version":"2.0.4","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.0.4"},{"first_patched_version":"1.15.5","vulnerable_version_range":"\u003c 1.15.5"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.3.2","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.2"},{"first_patched_version":"2.2.2","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.2"},{"first_patched_version":"2.1.3","vulnerable_version_range":"\u003e= 2.1.0, \u003c 2.1.3"},{"first_patched_version":"2.0.4","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.0.4"},{"first_patched_version":"1.15.5","vulnerable_version_range":"\u003c 1.15.5"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:12.628Z","updated_at":"2024-10-28T19:57:08.000Z","epss_percentage":0.00052,"epss_percentile":0.16423},{"uuid":"GSA_kwCzR0hTQS1xanFjLXZxY2YtNXF2as4AAyUD","url":"https://github.com/advisories/GHSA-qjqc-vqcf-5qvj","title":"TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`","description":"### Impact\nWhen the parameter `summarize` of `tf.raw_ops.Print` is zero, the new method `SummarizeArray\u003cbool\u003e` will reference to a nullptr, leading to a seg fault.\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.Print(input =  tf.constant([1, 1, 1, 1],dtype=tf.int32),\n                            data =  [[False, False, False, False], [False], [False, False, False]],\n                            message =  'tmp/I',\n                            first_n = 100,\n                            summarize = 0)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [6d423b8bcc9aa9f5554dc988c1c16d038b508df1](https://github.com/tensorflow/tensorflow/commit/6d423b8bcc9aa9f5554dc988c1c16d038b508df1).\n\nThe fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Yu Tian of Qihoo 360 AIVul Team\n","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-03-24T21:58:44.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj","https://github.com/tensorflow/tensorflow/commit/6d423b8bcc9aa9f5554dc988c1c16d038b508df1","https://nvd.nist.gov/vuln/detail/CVE-2023-25660","https://github.com/advisories/GHSA-qjqc-vqcf-5qvj"],"source_kind":"github","identifiers":["GHSA-qjqc-vqcf-5qvj","CVE-2023-25660"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2023-03-24T22:03:48.164Z","updated_at":"2023-03-27T21:27:24.000Z","epss_percentage":0.00212,"epss_percentile":0.43952},{"uuid":"GSA_kwCzR0hTQS01NThoLW1xOHgtN3E5Z84AAyT_","url":"https://github.com/advisories/GHSA-558h-mq8x-7q9g","title":"TensorFlow has Null Pointer Error in SparseSparseMaximum","description":"### Impact\nWhen `SparseSparseMaximum` is given invalid sparse tensors as inputs, it can give an NPE. \n\n```python\nimport tensorflow as tf\ntf.raw_ops.SparseSparseMaximum(\n a_indices=[[1]],\n a_values =[ 0.1 ],\n a_shape = [2],\n b_indices=[[]],\n b_values =[2 ],\n b_shape = [2],\n)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [5e0ecfb42f5f65629fd7a4edd6c4afe7ff0feb04](https://github.com/tensorflow/tensorflow/commit/5e0ecfb42f5f65629fd7a4edd6c4afe7ff0feb04).\n\nThe fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Yu Tian of Qihoo 360 AIVul Team","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-03-24T21:57:25.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g","https://github.com/tensorflow/tensorflow/commit/5e0ecfb42f5f65629fd7a4edd6c4afe7ff0feb04","https://nvd.nist.gov/vuln/detail/CVE-2023-25665","https://github.com/advisories/GHSA-558h-mq8x-7q9g"],"source_kind":"github","identifiers":["GHSA-558h-mq8x-7q9g","CVE-2023-25665"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2023-03-24T22:03:48.203Z","updated_at":"2023-03-27T22:00:49.000Z","epss_percentage":0.00081,"epss_percentile":0.2489},{"uuid":"GSA_kwCzR0hTQS00OXJxLWh3YzMteDc3d84AAyT6","url":"https://github.com/advisories/GHSA-49rq-hwc3-x77w","title":"TensorFlow has Null Pointer Error in QuantizedMatMulWithBiasAndDequantize","description":"### Impact\nNPE in QuantizedMatMulWithBiasAndDequantize with MKL enable \n```python\nimport tensorflow as tf\n\nfunc = tf.raw_ops.QuantizedMatMulWithBiasAndDequantize\npara={'a': tf.constant(138, dtype=tf.quint8), 'b': tf.constant(4, dtype=tf.qint8), 'bias': [[31.81644630432129, 47.21876525878906], [109.95201110839844, 152.07968139648438]], 'min_a': 141.5337138686371, 'max_a': [73.84139251708984, 173.15280151367188], 'min_b': [], 'max_b': [[16.128345489501953, 193.26820373535156]], 'min_freezed_output': [], 'max_freezed_output': [115.50032806396484, 156.974853515625], 'Toutput': 1.0, 'transpose_a': True, 'transpose_b': False, 'input_quant_mode': 'MIN_FIRST'}\n\nfunc(**para)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [8a47a39d9697969206d23a523c977238717e8727](https://github.com/tensorflow/tensorflow/commit/8a47a39d9697969206d23a523c977238717e8727).\n\nThe fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by r3pwnx\n","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-03-24T21:55:32.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rq-hwc3-x77w","https://github.com/tensorflow/tensorflow/commit/8a47a39d9697969206d23a523c977238717e8727","https://nvd.nist.gov/vuln/detail/CVE-2023-25670","https://github.com/advisories/GHSA-49rq-hwc3-x77w"],"source_kind":"github","identifiers":["GHSA-49rq-hwc3-x77w","CVE-2023-25670"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2023-03-24T22:03:48.252Z","updated_at":"2023-03-30T22:17:28.000Z","epss_percentage":0.00212,"epss_percentile":0.43952},{"uuid":"GSA_kwCzR0hTQS03eDR2LTlneGctOWh3as4AAyT1","url":"https://github.com/advisories/GHSA-7x4v-9gxg-9hwj","title":"TensorFlow has Segfault in Bincount with XLA","description":"### Impact\nWhen running with XLA, `tf.raw_ops.Bincount` segfaults when given a parameter `weights` that is neither the same shape as parameter `arr` nor a length-0 tensor.\n\n```python\nimport tensorflow as tf\n\nfunc = tf.raw_ops.Bincount\npara={'arr': 6, 'size': 804, 'weights': [52, 351]}\n\n@tf.function(jit_compile=True)\ndef fuzz_jit():\n y = func(**para)\n return y\n\nprint(fuzz_jit())\n```\n\n### Patches\nWe have patched the issue in GitHub commit [8ae76cf085f4be26295d2ecf2081e759e04b8acf](https://github.com/tensorflow/tensorflow/commit/8ae76cf085f4be26295d2ecf2081e759e04b8acf).\n\nThe fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by r3pwnx of 360 AIVul Team\n","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-03-24T21:54:18.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7x4v-9gxg-9hwj","https://github.com/tensorflow/tensorflow/commit/8ae76cf085f4be26295d2ecf2081e759e04b8acf","https://nvd.nist.gov/vuln/detail/CVE-2023-25675","https://github.com/advisories/GHSA-7x4v-9gxg-9hwj"],"source_kind":"github","identifiers":["GHSA-7x4v-9gxg-9hwj","CVE-2023-25675"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2023-03-24T22:03:48.303Z","updated_at":"2023-04-03T20:56:27.000Z","epss_percentage":0.00182,"epss_percentile":0.40533},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXJyZnAtajJtcC1ocTlj","url":"https://github.com/advisories/GHSA-rrfp-j2mp-hq9c","title":"Segfault in `tf.quantization.quantize_and_dequantize`","description":"### Impact\nAn attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`:\n\n```python\ntf.quantization.quantize_and_dequantize(\n    input=[2.5, 2.5], input_min=[0,0], input_max=[1,1], axis=10)\n```\n\nThis results in accessing [a dimension outside the rank of the input tensor](https://github.com/tensorflow/tensorflow/blob/0225022b725993bfc19b87a02a2faaad9a53bc17/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L74) in the C++ kernel implementation:\n```\nconst int depth = (axis_ == -1) ? 1 : input.dim_size(axis_);\n```\n\nHowever, [`dim_size` only does a `DCHECK`](https://github.com/tensorflow/tensorflow/blob/0225022b725993bfc19b87a02a2faaad9a53bc17/tensorflow/core/framework/tensor_shape.cc#L292-L307) to validate the argument and then uses it to access the corresponding element of an array:\n```\nint64 TensorShapeBase\u003cShape\u003e::dim_size(int d) const {\n  DCHECK_GE(d, 0);\n  DCHECK_LT(d, dims());\n  DoStuffWith(dims_[d]);\n}\n```\n\nSince in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array.\n\n### Patches\n\nWe have patched the issue in eccb7ec454e6617738554a255d77f08e60ee0808 and will release TensorFlow 2.4.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported in #42105","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2020-11-13T17:13:04.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.1,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrfp-j2mp-hq9c","https://nvd.nist.gov/vuln/detail/CVE-2020-15265","https://github.com/tensorflow/tensorflow/issues/42105","https://github.com/tensorflow/tensorflow/commit/eccb7ec454e6617738554a255d77f08e60ee0808","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-295.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-330.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-138.yaml","https://github.com/advisories/GHSA-rrfp-j2mp-hq9c"],"source_kind":"github","identifiers":["GHSA-rrfp-j2mp-hq9c","CVE-2020-15265"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":34.56131941815548,"packages":[{"versions":[{"first_patched_version":"2.4.0","vulnerable_version_range":"\u003c 2.4.0"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.0","vulnerable_version_range":"\u003c 2.4.0"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.0","vulnerable_version_range":"\u003c 2.4.0"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:13.045Z","updated_at":"2024-10-30T21:22:55.000Z","epss_percentage":0.00239,"epss_percentile":0.46963},{"uuid":"GSA_kwCzR0hTQS00OXJ4LXgycnctcGM2Zs0XDg","url":"https://github.com/advisories/GHSA-49rx-x2rw-pc6f","title":"Heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops","description":"### Impact\nThe [shape inference functions for the `QuantizeAndDequantizeV*` operations](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/ops/array_ops.cc) can trigger a read outside of bounds of heap allocated array as illustrated in the following sets of PoCs:\n\n```python\nimport tensorflow as tf\n\n@tf.function\ndef test():\n  data=tf.raw_ops.QuantizeAndDequantizeV4Grad(\n    gradients=[1.0,1.0],\n    input=[1.0,1.0],\n    input_min=[1.0,10.0],\n    input_max=[1.0,10.0],\n    axis=-100)\n  return data\n\ntest()\n```\n\n```python\nimport tensorflow as tf\n\n@tf.function\ndef test():\n  data=tf.raw_ops.QuantizeAndDequantizeV4(\n    input=[1.0,1.0],\n    input_min=[1.0,10.0],\n    input_max=[1.0,10.0],\n    signed_input=False,\n    num_bits=10,\n    range_given=False,\n    round_mode='HALF_TO_EVEN',\n    narrow_range=False,\n    axis=-100)\n  return data\n\ntest()\n```\n\n```python\nimport tensorflow as tf\n\n@tf.function\ndef test():\n  data=tf.raw_ops.QuantizeAndDequantizeV3(\n    input=[1.0,1.0],\n    input_min=[1.0,10.0],\n    input_max=[1.0,10.0],\n    signed_input=False,\n    num_bits=10,\n    range_given=False,\n    narrow_range=False,\n    axis=-100)\n  return data\n\ntest()\n```\n\n```python\nimport tensorflow as tf\n\n@tf.function\ndef test():\n  data=tf.raw_ops.QuantizeAndDequantizeV2(\n    input=[1.0,1.0],\n    input_min=[1.0,10.0],\n    input_max=[1.0,10.0],\n    signed_input=False,\n    num_bits=10,\n    range_given=False,\n    round_mode='HALF_TO_EVEN',\n    narrow_range=False,\n    axis=-100)\n  return data\n\ntest()\n```\n\nIn all of these cases, `axis` is a negative value different than the special value used for optional/unknown dimensions (i.e., -1). However, the code ignores the occurences of these values:\n\n```cc\n...\nif (axis != -1) {\n  ...\n  c-\u003eDim(input, axis);\n  ...\n}\n```\n\n### Patches\nWe have patched the issue in GitHub commit [7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d](https://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d).\n\nThe fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2021-11-10T19:04:25.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":6.9,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rx-x2rw-pc6f","https://nvd.nist.gov/vuln/detail/CVE-2021-41205","https://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-615.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-813.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-398.yaml","https://github.com/advisories/GHSA-49rx-x2rw-pc6f"],"source_kind":"github","identifiers":["GHSA-49rx-x2rw-pc6f","CVE-2021-41205"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":33.58776112468632,"packages":[{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:43.342Z","updated_at":"2024-11-13T21:54:10.000Z","epss_percentage":0.00019,"epss_percentile":0.02667},{"uuid":"GSA_kwCzR0hTQS05OHA1LXg4eDQtYzltNc0ofw","url":"https://github.com/advisories/GHSA-98p5-x8x4-c9m5","title":"Integer overflow in TFLite","description":"### Impact \nAn attacker can craft a TFLite model that would cause an integer overflow [in embedding lookup operations](https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/kernels/embedding_lookup_sparse.cc#L179-L189):\n\n```cc\n  int embedding_size = 1;\n  int lookup_size = 1;\n  for (int i = 0; i \u003c lookup_rank - 1; i++, k++) {\n    const int dim = dense_shape-\u003edata.i32[i];\n    lookup_size *= dim;\n    output_shape-\u003edata[k] = dim;\n  }\n  for (int i = 1; i \u003c embedding_rank; i++, k++) {\n    const int dim = SizeOfDimension(value, i);\n    embedding_size *= dim;\n    output_shape-\u003edata[k] = dim;\n  } \n```\n\nBoth `embedding_size` and `lookup_size` are products of values provided by the user. Hence, a malicious user could trigger overflows in the multiplication.\n\nIn certain scenarios, this can then result in heap OOB read/write.\n  \n### Patches\nWe have patched the issue in GitHub commits [f19be71717c497723ba0cea0379e84f061a75e01](https://github.com/tensorflow/tensorflow/commit/f19be71717c497723ba0cea0379e84f061a75e01), [1de49725a5fc4e48f1a3b902ec3599ee99283043](https://github.com/tensorflow/tensorflow/commit/1de49725a5fc4e48f1a3b902ec3599ee99283043) and [a4e401da71458d253b05e41f28637b65baf64be4](https://github.com/tensorflow/tensorflow/commit/a4e401da71458d253b05e41f28637b65baf64be4).\n\nThe fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Wang Xuan of Qihoo 360 AIVul Team. ","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-02-09T23:52:51.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.7,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-98p5-x8x4-c9m5","https://github.com/tensorflow/tensorflow/commit/1de49725a5fc4e48f1a3b902ec3599ee99283043","https://github.com/tensorflow/tensorflow/commit/a4e401da71458d253b05e41f28637b65baf64be4","https://github.com/tensorflow/tensorflow/commit/f19be71717c497723ba0cea0379e84f061a75e01","https://github.com/tensorflow/tensorflow/blob/ca6f96b62ad84207fbec580404eaa7dd7403a550/tensorflow/lite/kernels/embedding_lookup_sparse.cc#L179-L189","https://nvd.nist.gov/vuln/detail/CVE-2022-23559","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-68.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-123.yaml","https://github.com/advisories/GHSA-98p5-x8x4-c9m5"],"source_kind":"github","identifiers":["GHSA-98p5-x8x4-c9m5","CVE-2022-23559"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":42.34978576590883,"packages":[{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:36.970Z","updated_at":"2024-11-13T22:37:29.000Z","epss_percentage":0.0049,"epss_percentile":0.64492},{"uuid":"GSA_kwCzR0hTQS1wcXJ2LThyMmYtNzI3OM0orw","url":"https://github.com/advisories/GHSA-pqrv-8r2f-7278","title":"Crash due to erroneous `StatusOr` in TensorFlow","description":"### Impact\nA `GraphDef` from a TensorFlow `SavedModel` can be maliciously altered to cause a TensorFlow process to crash due to encountering [a `StatusOr` value that is an error and forcibly extracting the value from it](https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L560-L567):\n\n```cc\n  if (op_reg_data-\u003etype_ctor != nullptr) {\n    VLOG(3) \u003c\u003c \"AddNode: found type constructor for \" \u003c\u003c node_def.name();\n    const auto ctor_type =\n        full_type::SpecializeType(AttrSlice(node_def), op_reg_data-\u003eop_def);\n    const FullTypeDef ctor_typedef = ctor_type.ValueOrDie();\n    if (ctor_typedef.type_id() != TFT_UNSET) {\n      *(node_def.mutable_experimental_type()) = ctor_typedef;\n    }\n  }\n```   \n      \nIf `ctor_type` is an error status, `ValueOrDie` results in a crash.\n        \n### Patches\nWe have patched the issue in GitHub commit [955059813cc325dc1db5e2daa6221271406d4439](https://github.com/tensorflow/tensorflow/commit/955059813cc325dc1db5e2daa6221271406d4439).\n  \nWe have patched the issue in multiple GitHub commits and these will be included in TensorFlow 2.8.0 and TensorFlow 2.7.1, as both are affected.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-02-09T23:29:38.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pqrv-8r2f-7278","https://github.com/tensorflow/tensorflow/commit/955059813cc325dc1db5e2daa6221271406d4439","https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L560-L567","https://nvd.nist.gov/vuln/detail/CVE-2022-23590","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-99.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-154.yaml","https://github.com/advisories/GHSA-pqrv-8r2f-7278"],"source_kind":"github","identifiers":["GHSA-pqrv-8r2f-7278","CVE-2022-23590"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"\u003c 2.7.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"\u003c 2.7.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"\u003c 2.7.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:22.255Z","updated_at":"2023-02-03T05:05:38.000Z","epss_percentage":0.00226,"epss_percentile":0.45548},{"uuid":"GSA_kwCzR0hTQS1jdmd4LTN2M3EtbTM2Y80XCA","url":"https://github.com/advisories/GHSA-cvgx-3v3q-m36c","title":"Heap OOB in shape inference for `QuantizeV2`","description":"### Impact\nThe [shape inference code for `QuantizeV2`](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/framework/common_shape_fns.cc#L2509-L2530) can trigger a read outside of bounds of heap allocated array:\n\n```python\nimport tensorflow as tf\n\n@tf.function\ndef test():\n  data=tf.raw_ops.QuantizeV2(\n    input=[1.0,1.0],\n    min_range=[1.0,10.0],\n    max_range=[1.0,10.0],\n    T=tf.qint32,\n    mode='MIN_COMBINED',\n    round_mode='HALF_TO_EVEN',\n    narrow_range=False,\n    axis=-100,\n    ensure_minimum_range=10)\n  return data\n\ntest()\n```\n\nThis occurs whenever `axis` is a negative value less than `-1`. In this case, we are accessing data before the start of a heap buffer:\n    \n```cc\nint axis = -1;\nStatus s = c-\u003eGetAttr(\"axis\", \u0026axis);\nif (!s.ok() \u0026\u0026 s.code() != error::NOT_FOUND) {\n  return s;\n}   \n... \nif (axis != -1) {\n  ...\n  TF_RETURN_IF_ERROR(\n      c-\u003eMerge(c-\u003eDim(minmax, 0), c-\u003eDim(input, axis), \u0026depth));\n}\n```\n\nThe code allows `axis` to be an optional argument (`s` would contain an `error::NOT_FOUND` error code). Otherwise, it assumes that `axis` is a valid index into the dimensions of the `input` tensor. If `axis` is less than `-1` then this results in a heap OOB read.\n    \n### Patches\nWe have patched the issue in GitHub commit [a0d64445116c43cf46a5666bd4eee28e7a82f244](https://github.com/tensorflow/tensorflow/commit/a0d64445116c43cf46a5666bd4eee28e7a82f244).\n    \nThe fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, as this version is the only one that is also affected.\n  \n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-11-10T19:01:03.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cvgx-3v3q-m36c","https://nvd.nist.gov/vuln/detail/CVE-2021-41211","https://github.com/tensorflow/tensorflow/commit/a0d64445116c43cf46a5666bd4eee28e7a82f244","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-620.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-818.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-403.yaml","https://github.com/advisories/GHSA-cvgx-3v3q-m36c"],"source_kind":"github","identifiers":["GHSA-cvgx-3v3q-m36c","CVE-2021-41211"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.6.1","vulnerable_version_range":"= 2.6.0"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.6.1","vulnerable_version_range":"= 2.6.0"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.6.1","vulnerable_version_range":"= 2.6.0"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:43.409Z","updated_at":"2024-11-07T22:19:03.000Z","epss_percentage":0.00019,"epss_percentile":0.03406},{"uuid":"GSA_kwCzR0hTQS00Zjk5LXA5YzItM2o4eM0XAA","url":"https://github.com/advisories/GHSA-4f99-p9c2-3j8x","title":"Undefined behavior via `nullptr` reference binding in sparse matrix multiplication","description":"### Impact\nThe [code for sparse matrix multiplication](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/sparse_matmul_op.cc#L954-L1086) is vulnerable to undefined behavior via binding a reference to `nullptr`:\n\n```python\nimport tensorflow as tf\n  \ntf.raw_ops.SparseMatMul(\n  a=[[1.0,1.0,1.0]],\n  b=[[],[],[]],\n  transpose_a=False,\n  transpose_b=False,\n  a_is_sparse=False, \n  b_is_sparse=True)\n```\n\nThis occurs whenever the dimensions of `a` or `b` are 0 or less. In the case on one of these is 0, an empty output tensor should be allocated (to conserve the invariant that output tensors are always allocated when the operation is successful) but nothing should be written to it (that is, we should return early from the kernel implementation). Otherwise, attempts to write to this empty tensor would result in heap OOB access.\n\n### Patches\nWe have patched the issue in GitHub commit [e6cf28c72ba2eb949ca950d834dd6d66bb01cfae](https://github.com/tensorflow/tensorflow/commit/e6cf28c72ba2eb949ca950d834dd6d66bb01cfae).\n\nThe fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.\n","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-11-10T18:51:51.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4f99-p9c2-3j8x","https://nvd.nist.gov/vuln/detail/CVE-2021-41219","https://github.com/tensorflow/tensorflow/commit/e6cf28c72ba2eb949ca950d834dd6d66bb01cfae","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-628.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-826.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-411.yaml","https://github.com/advisories/GHSA-4f99-p9c2-3j8x"],"source_kind":"github","identifiers":["GHSA-4f99-p9c2-3j8x","CVE-2021-41219"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:43.498Z","updated_at":"2024-11-07T22:14:20.000Z","epss_percentage":0.00019,"epss_percentile":0.03406},{"uuid":"GSA_kwCzR0hTQS1namg3LXh4NHIteDM0Nc4AA-RO","url":"https://github.com/advisories/GHSA-gjh7-xx4r-x345","title":"TensorFlow has segfault in array_ops.upper_bound","description":"### Impact\n`array_ops.upper_bound` causes a segfault when not given a rank 2 tensor.\n\n### Patches\nWe have patched the issue in GitHub commit [915884fdf5df34aaedd00fc6ace33a2cfdefa586](https://github.com/tensorflow/tensorflow/commit/915884fdf5df34aaedd00fc6ace33a2cfdefa586).\n\nThe fix will be included in TensorFlow 2.13. We will also cherrypick this commit in TensorFlow 2.12.1.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by dmc1778","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2024-07-30T20:47:04.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.7,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gjh7-xx4r-x345","https://github.com/tensorflow/tensorflow/commit/6fa05df43b00038b048f4f0e51ef522da6532fec","https://github.com/tensorflow/tensorflow/commit/915884fdf5df34aaedd00fc6ace33a2cfdefa586","https://nvd.nist.gov/vuln/detail/CVE-2023-33976","https://github.com/advisories/GHSA-gjh7-xx4r-x345"],"source_kind":"github","identifiers":["GHSA-gjh7-xx4r-x345","CVE-2023-33976"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":42.34978576590883,"packages":[{"versions":[{"first_patched_version":"2.12.1","vulnerable_version_range":"\u003c 2.12.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.12.1","vulnerable_version_range":"\u003c 2.12.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.12.1","vulnerable_version_range":"\u003c 2.12.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2024-07-30T21:05:30.718Z","updated_at":"2024-08-22T17:42:18.000Z","epss_percentage":0.00097,"epss_percentile":0.28307},{"uuid":"GSA_kwCzR0hTQS1jcTc2LW14cmMtdmNoaM0XGA","url":"https://github.com/advisories/GHSA-cq76-mxrc-vchh","title":"Crash in `tf.math.segment_*` operations","description":"### Impact\nThe implementation of `tf.math.segment_*` operations results in a `CHECK`-fail related abort (and denial of service) if a segment id in `segment_ids` is large.\n\n```python\nimport tensorflow as tf\n\ntf.math.segment_max(data=np.ones((1,10,1)), segment_ids=[1676240524292489355])\ntf.math.segment_min(data=np.ones((1,10,1)), segment_ids=[1676240524292489355])\ntf.math.segment_mean(data=np.ones((1,10,1)), segment_ids=[1676240524292489355])    \ntf.math.segment_sum(data=np.ones((1,10,1)), segment_ids=[1676240524292489355])\ntf.math.segment_prod(data=np.ones((1,10,1)), segment_ids=[1676240524292489355])\n```\n\nThis is similar to [CVE-2021-29584](https://github.com/tensorflow/tensorflow/blob/3a74f0307236fe206b046689c4d76f57c9b74eee/tensorflow/security/advisory/tfsa-2021-071.md) (and similar other reported vulnerabilities in TensorFlow, localized to specific APIs): the [implementation](https://github.com/tensorflow/tensorflow/blob/dae66e518c88de9c11718cd0f8f40a0b666a90a0/tensorflow/core/kernels/segment_reduction_ops_impl.h) (both on CPU and GPU) computes the output shape using [`AddDim`](https://github.com/tensorflow/tensorflow/blob/0b6b491d21d6a4eb5fbab1cca565bc1e94ca9543/tensorflow/core/framework/tensor_shape.cc#L395-L408). However, if the number of elements in the tensor overflows an `int64_t` value, `AddDim` results in a `CHECK` failure which provokes a `std::abort`. Instead, code should use [`AddDimWithStatus`](https://github.com/tensorflow/tensorflow/blob/0b6b491d21d6a4eb5fbab1cca565bc1e94ca9543/tensorflow/core/framework/tensor_shape.cc#L410-L440).\n\n\n### Patches\nWe have patched the issue in GitHub commit [e9c81c1e1a9cd8dd31f4e83676cab61b60658429](https://github.com/tensorflow/tensorflow/commit/e9c81c1e1a9cd8dd31f4e83676cab61b60658429) (merging [#51733](https://github.com/tensorflow/tensorflow/pull/51733)).\n\nThe fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.      \n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.     \n\n### Attribution\nThis vulnerability has been reported externally via a [GitHub issue](https://github.com/tensorflow/tensorflow/issues/46888).","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2021-11-10T19:36:50.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":6.8,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh","https://nvd.nist.gov/vuln/detail/CVE-2021-41195","https://github.com/tensorflow/tensorflow/issues/46888","https://github.com/tensorflow/tensorflow/pull/51733","https://github.com/tensorflow/tensorflow/commit/e9c81c1e1a9cd8dd31f4e83676cab61b60658429","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-844.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-846.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-842.yaml","https://github.com/advisories/GHSA-cq76-mxrc-vchh"],"source_kind":"github","identifiers":["GHSA-cq76-mxrc-vchh","CVE-2021-41195"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":33.100981977951726,"packages":[{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:43.239Z","updated_at":"2024-11-13T21:42:16.000Z","epss_percentage":0.00038,"epss_percentile":0.10588},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTU0NXYtNDJwNy05OGZx","url":"https://github.com/advisories/GHSA-545v-42p7-98fq","title":"Heap out of bounds read in `MaxPoolGradWithArgmax`","description":"### Impact\nThe implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs:\n\n```python\nimport tensorflow as tf\n\ninput = tf.constant([10.0, 10.0, 10.0], shape=[1, 1, 3, 1], dtype=tf.float32)\ngrad = tf.constant([10.0, 10.0, 10.0, 10.0], shape=[1, 1, 1, 4], dtype=tf.float32)\nargmax = tf.constant([1], shape=[1], dtype=tf.int64)\nksize = [1, 1, 1, 1]\nstrides = [1, 1, 1, 1]\n  \ntf.raw_ops.MaxPoolGradWithArgmax(\n  input=input, grad=grad, argmax=argmax, ksize=ksize, strides=strides,\n  padding='SAME', include_batch_in_index=False)\n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/ef0c008ee84bad91ec6725ddc42091e19a30cf0e/tensorflow/core/kernels/maxpooling_op.cc#L1016-L1017) uses the same value to index in two different arrays but there is no guarantee that the sizes are identical. \n\n### Patches\nWe have patched the issue in GitHub commit [dcd7867de0fea4b72a2b34bd41eb74548dc23886](https://github.com/tensorflow/tensorflow/commit/dcd7867de0fea4b72a2b34bd41eb74548dc23886).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions. \n\n### Attribution\nThis vulnerability has been reported by Ying Wang and Yakun Zhang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:25:25.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-545v-42p7-98fq","https://nvd.nist.gov/vuln/detail/CVE-2021-29570","https://github.com/tensorflow/tensorflow/commit/dcd7867de0fea4b72a2b34bd41eb74548dc23886","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-498.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-696.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-207.yaml","https://github.com/advisories/GHSA-545v-42p7-98fq"],"source_kind":"github","identifiers":["GHSA-545v-42p7-98fq","CVE-2021-29570"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.935Z","updated_at":"2024-11-01T17:06:25.000Z","epss_percentage":0.00014,"epss_percentile":0.01493},{"uuid":"GSA_kwCzR0hTQS1tMzQyLWZmNTctNGpjY80XCQ","url":"https://github.com/advisories/GHSA-m342-ff57-4jcc","title":"Heap OOB read in `tf.raw_ops.SparseCountSparseOutput`","description":"### Impact\nThe [shape inference functions for `SparseCountSparseOutput`](https://github.com/tensorflow/tensorflow/blob/e0b6e58c328059829c3eb968136f17aa72b6c876/tensorflow/core/ops/count_ops.cc#L43-L50) can trigger a read outside of bounds of heap allocated array:\n\n```python\nimport tensorflow as tf\n\n@tf.function\ndef func():\n  return tf.raw_ops.SparseCountSparseOutput(\n    indices=[1],\n    values=[[1]],\n    dense_shape=[10],\n    weights=[],\n    binary_output= True)\n\nfunc()\n```\n\nThe function fails to check that the first input (i.e., `indices`) has rank 2:\n\n```cc\n  auto rank = c-\u003eDim(c-\u003einput(0), 1);\n```\n\n### Patches\nWe have patched the issue in GitHub commit [701cfaca222a82afbeeb17496bd718baa65a67d2](https://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2).\n\nThe fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-11-10T19:01:44.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc","https://nvd.nist.gov/vuln/detail/CVE-2021-41210","https://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-619.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-817.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-402.yaml","https://github.com/advisories/GHSA-m342-ff57-4jcc"],"source_kind":"github","identifiers":["GHSA-m342-ff57-4jcc","CVE-2021-41210"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.4","vulnerable_version_range":"\u003c 2.4.4"},{"first_patched_version":"2.5.2","vulnerable_version_range":"\u003e= 2.5.0, \u003c 2.5.2"},{"first_patched_version":"2.6.1","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:43.399Z","updated_at":"2024-11-07T22:19:34.000Z","epss_percentage":0.00019,"epss_percentile":0.02667},{"uuid":"GSA_kwCzR0hTQS1nd2N4LWpyeDQtOTJ3Ms0orA","url":"https://github.com/advisories/GHSA-gwcx-jrx4-92w2","title":"Segfault in `simplifyBroadcast` in Tensorflow","description":"### Impact\nThe [`simplifyBroadcast` function in the MLIR-TFRT infrastructure in TensorFlow](https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205) is vulnerable to a segfault (hence, denial of service), if called with scalar shapes.\n\n```cc \n  size_t maxRank = 0;\n  for (auto shape : llvm::enumerate(shapes)) {\n    auto found_shape = analysis.dimensionsForShapeTensor(shape.value());\n    if (!found_shape) return {};\n    shapes_found.push_back(*found_shape);\n    maxRank = std::max(maxRank, found_shape-\u003esize());\n  }   \n\n  SmallVector\u003cconst ShapeComponentAnalysis::SymbolicDimension*\u003e\n      joined_dimensions(maxRank);\n```\n\nIf all shapes are scalar, then `maxRank` is 0, so we build an empty `SmallVector`.\n\n### Patches\nWe have patched the issue in GitHub commit [35f0fabb4c178253a964d7aabdbb15c6a398b69a](https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a).\n\nThe fix will be included in TensorFlow 2.8.0. This is the only affected version.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-02-09T23:32:08.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.2,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gwcx-jrx4-92w2","https://github.com/tensorflow/tensorflow/commit/35f0fabb4c178253a964d7aabdbb15c6a398b69a","https://github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/compiler/mlir/tfrt/jit/transforms/tf_cpurt_symbolic_shape_optimization.cc#L149-L205","https://nvd.nist.gov/vuln/detail/CVE-2022-23593","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-102.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-157.yaml","https://github.com/advisories/GHSA-gwcx-jrx4-92w2"],"source_kind":"github","identifiers":["GHSA-gwcx-jrx4-92w2","CVE-2022-23593"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":39.91589003223591,"packages":[{"versions":[{"first_patched_version":"2.8.0","vulnerable_version_range":"= 2.8.0-rc0"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.8.0","vulnerable_version_range":"= 2.8.0-rc0"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.8.0","vulnerable_version_range":"= 2.8.0-rc0"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:31.799Z","updated_at":"2024-11-13T22:16:36.000Z","epss_percentage":0.00293,"epss_percentile":0.52071},{"uuid":"GSA_kwCzR0hTQS1mcTg2LTNmMjktcHgyY80ovA","url":"https://github.com/advisories/GHSA-fq86-3f29-px2c","title":"`CHECK`-failures during Grappler's `IsSimplifiableReshape` in Tensorflow","description":"### Impact\nThe Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that [`IsSimplifiableReshape`](https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1687-L1742) would trigger `CHECK` failures.\n\n### Patches\nWe have patched the issue in GitHub commits [ebc1a2ffe5a7573d905e99bd0ee3568ee07c12c1](https://github.com/tensorflow/tensorflow/commit/ebc1a2ffe5a7573d905e99bd0ee3568ee07c12c1), [1fb27733f943295d874417630edd3b38b34ce082](https://github.com/tensorflow/tensorflow/commit/1fb27733f943295d874417630edd3b38b34ce082), and [240655511cd3e701155f944a972db71b6c0b1bb6](https://github.com/tensorflow/tensorflow/commit/240655511cd3e701155f944a972db71b6c0b1bb6).\n\nThe fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-02-07T22:01:14.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c","https://github.com/tensorflow/tensorflow/commit/1fb27733f943295d874417630edd3b38b34ce082","https://github.com/tensorflow/tensorflow/commit/240655511cd3e701155f944a972db71b6c0b1bb6","https://github.com/tensorflow/tensorflow/commit/ebc1a2ffe5a7573d905e99bd0ee3568ee07c12c1","https://github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L1687-L1742","https://nvd.nist.gov/vuln/detail/CVE-2022-23581","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-90.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-145.yaml","https://github.com/advisories/GHSA-fq86-3f29-px2c"],"source_kind":"github","identifiers":["GHSA-fq86-3f29-px2c","CVE-2022-23581"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:36.130Z","updated_at":"2024-11-07T22:28:14.000Z","epss_percentage":0.00451,"epss_percentile":0.62626},{"uuid":"GSA_kwCzR0hTQS0yNDd4LTJmOWYtNXdwN80org","url":"https://github.com/advisories/GHSA-247x-2f9f-5wp7","title":"Stack overflow in TensorFlow","description":"### Impact\nThe `GraphDef` format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a `GraphDef` containing a fragment such as the following can be consumed when loading a `SavedModel`:\n\n```\n  library {\n    function {\n      signature {\n        name: \"SomeOp\"\n        description: \"Self recursive op\"\n      }\n      node_def {\n        name: \"1\"\n        op: \"SomeOp\"\n      }\n      node_def {\n        name: \"2\"\n        op: \"SomeOp\"\n      }\n    }\n  } \n```\n\nThis would result in a stack overflow during execution as resolving each `NodeDef` means resolving the function itself and its nodes.\n\n### Patches\nWe have patched the issue in GitHub commit [448a16182065bd08a202d9057dd8ca541e67996c](https://github.com/tensorflow/tensorflow/commit/448a16182065bd08a202d9057dd8ca541e67996c).\n\nThe fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-02-09T23:30:01.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.1,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-247x-2f9f-5wp7","https://github.com/tensorflow/tensorflow/commit/448a16182065bd08a202d9057dd8ca541e67996c","https://nvd.nist.gov/vuln/detail/CVE-2022-23591","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-100.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-155.yaml","https://github.com/advisories/GHSA-247x-2f9f-5wp7"],"source_kind":"github","identifiers":["GHSA-247x-2f9f-5wp7","CVE-2022-23591"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":34.56131941815548,"packages":[{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:36.705Z","updated_at":"2024-11-13T22:14:33.000Z","epss_percentage":0.00318,"epss_percentile":0.53933},{"uuid":"GSA_kwCzR0hTQS1xeDNmLXA3NDUtdzRocs0ogg","url":"https://github.com/advisories/GHSA-qx3f-p745-w4hr","title":"Integer overflow in Tensorflow","description":"### Impact\nThe implementation of `Range` suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations.\n\n### Patches\nWe have patched the issue in GitHub commit [f0147751fd5d2ff23251149ebad9af9f03010732](https://github.com/tensorflow/tensorflow/commit/f0147751fd5d2ff23251149ebad9af9f03010732) (merging [#51733](https://github.com/tensorflow/tensorflow/pull/51733)).\n\nThe fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n### Attribution\nThis vulnerability has been reported externally via a [GitHub issue](https://github.com/tensorflow/tensorflow/issues/52676).","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-02-09T23:54:07.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.2,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qx3f-p745-w4hr","https://github.com/tensorflow/tensorflow/issues/52676","https://github.com/tensorflow/tensorflow/pull/51733","https://github.com/tensorflow/tensorflow/commit/f0147751fd5d2ff23251149ebad9af9f03010732","https://nvd.nist.gov/vuln/detail/CVE-2022-23562","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-71.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-126.yaml","https://github.com/advisories/GHSA-qx3f-p745-w4hr"],"source_kind":"github","identifiers":["GHSA-qx3f-p745-w4hr","CVE-2022-23562"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":35.04809856489007,"packages":[{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:36.921Z","updated_at":"2024-11-13T22:38:51.000Z","epss_percentage":0.00342,"epss_percentile":0.55856},{"uuid":"GSA_kwCzR0hTQS12NXhnLTNxMmMtYzJyNM4AAu2f","url":"https://github.com/advisories/GHSA-v5xg-3q2c-c2r4","title":"TensorFlow vulnerable to `CHECK` failure in `TensorListReserve` via missing validation","description":"### Impact\nIn [`core/kernels/list_kernels.cc's TensorListReserve`](https://github.com/tensorflow/tensorflow/blob/c8ba76d48567aed347508e0552a257641931024d/tensorflow/core/kernels/list_kernels.cc#L322-L325), `num_elements` is assumed to be a tensor of size 1. When a `num_elements` of more than 1 element is provided, then `tf.raw_ops.TensorListReserve` fails the `CHECK_EQ` in `CheckIsAlignedAndSingleElement`.\n```python\nimport tensorflow as tf\n\ntf.raw_ops.TensorListReserve(element_shape=(1,1), num_elements=tf.constant([1,1], dtype=tf.int32), element_dtype=tf.int8)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [b5f6fbfba76576202b72119897561e3bd4f179c7](https://github.com/tensorflow/tensorflow/commit/b5f6fbfba76576202b72119897561e3bd4f179c7).\n\n\nThe fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Kang Hong Jin from Singapore Management University.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-09-16T22:11:18.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v5xg-3q2c-c2r4","https://github.com/tensorflow/tensorflow/commit/b5f6fbfba76576202b72119897561e3bd4f179c7","https://github.com/tensorflow/tensorflow/blob/c8ba76d48567aed347508e0552a257641931024d/tensorflow/core/kernels/list_kernels.cc#L322-L325","https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0","https://nvd.nist.gov/vuln/detail/CVE-2022-35960","https://github.com/advisories/GHSA-v5xg-3q2c-c2r4"],"source_kind":"github","identifiers":["GHSA-v5xg-3q2c-c2r4","CVE-2022-35960"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:58.132Z","updated_at":"2023-01-28T05:03:03.000Z","epss_percentage":0.00208,"epss_percentile":0.43501},{"uuid":"GSA_kwCzR0hTQS1ocmc1LTczN2MtMnA1Ns4AArBJ","url":"https://github.com/advisories/GHSA-hrg5-737c-2p56","title":"Missing validation causes denial of service via `UnsortedSegmentJoin`","description":"### Impact\nThe implementation of [`tf.raw_ops.UnsortedSegmentJoin`](https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L92-L95) does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.UnsortedSegmentJoin(\n  inputs=tf.constant(\"this\", shape=[12], dtype=tf.string),\n  segment_ids=tf.constant(0, shape=[12], dtype=tf.int64),\n  num_segments=tf.constant(0, shape=[12], dtype=tf.int64))\n``` \n  \nThe code assumes `num_segments` is a scalar but there is no validation for this before accessing its value:\n\n```cc\nconst Tensor\u0026 num_segments_tensor = context-\u003einput(2);\nOP_REQUIRES(context, num_segments_tensor.NumElements() != 0,\n            errors::InvalidArgument(\"Number of segments cannot be empty.\"));\nauto num_segments = num_segments_tensor.scalar\u003cNUM_SEGMENTS_TYPE\u003e()();\n``` \n\n### Patches\nWe have patched the issue in GitHub commit [13d38a07ce9143e044aa737cfd7bb759d0e9b400](https://github.com/tensorflow/tensorflow/commit/13d38a07ce9143e044aa737cfd7bb759d0e9b400).\n\nThe fix will be included in TensorFlow 2.9.0. We will also cherrypick this commit on TensorFlow 2.8.1, TensorFlow 2.7.2, and TensorFlow 2.6.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Neophytos Christou from Secure Systems Lab at Brown University.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-05-24T22:08:20.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hrg5-737c-2p56","https://nvd.nist.gov/vuln/detail/CVE-2022-29197","https://github.com/tensorflow/tensorflow/commit/13d38a07ce9143e044aa737cfd7bb759d0e9b400","https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L92-L95","https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4","https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2","https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1","https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0","https://github.com/advisories/GHSA-hrg5-737c-2p56"],"source_kind":"github","identifiers":["GHSA-hrg5-737c-2p56","CVE-2022-29197"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.7.2"},{"first_patched_version":"2.6.4","vulnerable_version_range":"\u003c 2.6.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.7.2"},{"first_patched_version":"2.6.4","vulnerable_version_range":"\u003c 2.6.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003e= 2.7.0, \u003c 2.7.2"},{"first_patched_version":"2.6.4","vulnerable_version_range":"\u003c 2.6.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:23.779Z","updated_at":"2023-01-27T05:02:05.000Z","epss_percentage":0.0011,"epss_percentile":0.30467},{"uuid":"GSA_kwCzR0hTQS00NHFwLTl3d2YtNzM0cs0oeg","url":"https://github.com/advisories/GHSA-44qp-9wwf-734r","title":"Heap overflow in Tensorflow","description":"### Impact \nThe [implementation of `SparseCountSparseOutput`](https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/count_ops.cc#L168-L273) is vulnerable to a heap overflow:\n\n```python\nimport tensorflow as tf\nimport numpy as np\n\ntf.raw_ops.SparseCountSparseOutput(\n  indices=[[-1,-1]],\n  values=[2],\n  dense_shape=[1, 1],\n  weights=[1],\n  binary_output=True,\n  minlength=-1,\n  maxlength=-1,\n  name=None)\n```\n\n### Patches\nWe have patched the issue in GitHub commits [2b7100d6cdff36aa21010a82269bc05a6d1cc74a](https://github.com/tensorflow/tensorflow/commit/2b7100d6cdff36aa21010a82269bc05a6d1cc74a) and [adbbabdb0d3abb3cdeac69e38a96de1d678b24b3](https://github.com/tensorflow/tensorflow/commit/adbbabdb0d3abb3cdeac69e38a96de1d678b24b3).\n\nThe fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Faysal Hossain Shezan from University of Virginia.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-02-09T23:47:14.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.2,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-44qp-9wwf-734r","https://github.com/tensorflow/tensorflow/commit/2b7100d6cdff36aa21010a82269bc05a6d1cc74a","https://github.com/tensorflow/tensorflow/commit/adbbabdb0d3abb3cdeac69e38a96de1d678b24b3","https://github.com/tensorflow/tensorflow/blob/5100e359aef5c8021f2e71c7b986420b85ce7b3d/tensorflow/core/kernels/count_ops.cc#L168-L273","https://nvd.nist.gov/vuln/detail/CVE-2022-21740","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2022-64.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2022-119.yaml","https://github.com/advisories/GHSA-44qp-9wwf-734r"],"source_kind":"github","identifiers":["GHSA-44qp-9wwf-734r","CVE-2022-21740"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":35.04809856489007,"packages":[{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.7.1","vulnerable_version_range":"= 2.7.0"},{"first_patched_version":"2.6.3","vulnerable_version_range":"\u003e= 2.6.0, \u003c 2.6.3"},{"first_patched_version":"2.5.3","vulnerable_version_range":"\u003c 2.5.3"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:37.030Z","updated_at":"2024-11-13T22:33:50.000Z","epss_percentage":0.00388,"epss_percentile":0.58751},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWdoNngtNHdoci0ycXY0","url":"https://github.com/advisories/GHSA-gh6x-4whr-2qv4","title":"Null pointer dereference and heap OOB read in operations restoring tensors","description":"### Impact\nWhen restoring tensors via raw APIs, if the tensor name is not provided, TensorFlow can be tricked into dereferencing a null pointer:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.Restore(\n  file_pattern=['/tmp'],\n  tensor_name=[], \n  default_value=21,\n  dt=tf.int,\n  preferred_shard=1)\n```\n  \nThe same undefined behavior can be triggered by `tf.raw_ops.RestoreSlice`:\n  \n```python\nimport tensorflow as tf\n\ntf.raw_ops.RestoreSlice(\n  file_pattern=['/tmp'],\n  tensor_name=[], \n  shape_and_slice='2',\n  dt=inp.array([tf.int]),\n  preferred_shard=1)\n```\n\nAlternatively, attackers can read memory outside the bounds of heap allocated data by providing some tensor names but not enough for a successful restoration:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.Restore(\n  file_pattern=['/tmp'],\n  tensor_name=['x'], \n  default_value=21,\n  dt=tf.int,\n  preferred_shard=42)\n```\n  \nThe [implementation](https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/kernels/save_restore_tensor.cc#L158-L159) retrieves the tensor list corresponding to the `tensor_name` user controlled input and immediately retrieves the tensor at the restoration index (controlled via `preferred_shard` argument). This occurs without validating that the provided list has enough values.\n\nIf the list is empty this results in dereferencing a null pointer (undefined behavior). If, however, the list has some elements, if the restoration index is outside the bounds this results in heap OOB read.\n\n### Patches \nWe have patched the issue in GitHub commit [9e82dce6e6bd1f36a57e08fa85af213e2b2f2622](https://github.com/tensorflow/tensorflow/commit/9e82dce6e6bd1f36a57e08fa85af213e2b2f2622).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information \nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-08-25T14:44:05.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.6,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh6x-4whr-2qv4","https://nvd.nist.gov/vuln/detail/CVE-2021-37639","https://github.com/tensorflow/tensorflow/commit/9e82dce6e6bd1f36a57e08fa85af213e2b2f2622","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-552.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-750.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-261.yaml","https://github.com/advisories/GHSA-gh6x-4whr-2qv4"],"source_kind":"github","identifiers":["GHSA-gh6x-4whr-2qv4","CVE-2021-37639"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":41.86300661917424,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:51.680Z","updated_at":"2024-11-13T16:33:03.000Z","epss_percentage":0.0003,"epss_percentile":0.06952},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM5NjgtcHE3aC03Znh2","url":"https://github.com/advisories/GHSA-c968-pq7h-7fxv","title":"Division by 0 in `Conv3DBackprop*`","description":"### Impact\nThe `tf.raw_ops.Conv3DBackprop*` operations fail to validate that the input tensors are not empty. In turn, this would result in a division by 0:\n\n```python\nimport tensorflow as tf\n\ninput_sizes = tf.constant([0, 0, 0, 0, 0], shape=[5], dtype=tf.int32)\nfilter_tensor = tf.constant([], shape=[0, 0, 0, 1, 0], dtype=tf.float32)\nout_backprop = tf.constant([], shape=[0, 0, 0, 0, 0], dtype=tf.float32)\n                            \ntf.raw_ops.Conv3DBackpropInputV2(input_sizes=input_sizes, filter=filter_tensor, out_backprop=out_backprop, strides=[1, 1, 1, 1, 1], padding='SAME', data_format='NDHWC', dilations=[1, 1, 1, 1, 1])\n```\n```python\nimport tensorflow as tf\n\ninput_sizes = tf.constant([1], shape=[1, 1, 1, 1, 1], dtype=tf.float32)\nfilter_tensor = tf.constant([0, 0, 0, 1, 0], shape=[5], dtype=tf.int32)\nout_backprop = tf.constant([], shape=[1, 1, 1, 1, 0], dtype=tf.float32)\n\ntf.raw_ops.Conv3DBackpropFilterV2(input=input_sizes, filter_sizes=filter_tensor, out_backprop=out_backprop, strides=[1, 1, 1, 1, 1], padding='SAME', data_format='NDHWC', dilations=[1, 1, 1, 1, 1])\n```\n\nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/a91bb59769f19146d5a0c20060244378e878f140/tensorflow/core/kernels/conv_grad_ops_3d.cc#L430-L450) does not check that the divisor used in computing the shard size is not zero:\n\n```cc\n  const int64 size_A = output_image_size * dims.out_depth;\n  const int64 size_B = filter_total_size * dims.out_depth;\n  const int64 size_C = output_image_size * filter_total_size;\n  const int64 work_unit_size = size_A + size_B + size_C;\n  ...\n  const size_t shard_size =\n      use_parallel_contraction\n        ? 1\n        : (target_working_set_size + work_unit_size - 1) / work_unit_size;\n```\n\nThus, if attacker controls the input sizes, they can trigger a denial of service via a division by zero error.\n\n### Patches\nWe have patched the issue in GitHub commit [311403edbc9816df80274bd1ea8b3c0c0f22c3fa](https://github.com/tensorflow/tensorflow/commit/311403edbc9816df80274bd1ea8b3c0c0f22c3fa).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:21:39.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c968-pq7h-7fxv","https://nvd.nist.gov/vuln/detail/CVE-2021-29522","https://github.com/tensorflow/tensorflow/commit/311403edbc9816df80274bd1ea8b3c0c0f22c3fa","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-450.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-648.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-159.yaml","https://github.com/advisories/GHSA-c968-pq7h-7fxv"],"source_kind":"github","identifiers":["GHSA-c968-pq7h-7fxv","CVE-2021-29522"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.347Z","updated_at":"2024-10-30T23:10:59.000Z","epss_percentage":0.00015,"epss_percentile":0.018},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWc0aDItZ3FtMy1jOXdx","url":"https://github.com/advisories/GHSA-g4h2-gqm3-c9wq","title":"Segfault in tf.raw_ops.ImmutableConst","description":"### Impact\nCalling [`tf.raw_ops.ImmutableConst`](https://www.tensorflow.org/api_docs/python/tf/raw_ops/ImmutableConst) with a `dtype` of `tf.resource` or `tf.variant` results in a segfault in the implementation as code assumes that the tensor contents are pure scalars.\n\n```python\n\u003e\u003e\u003e import tensorflow as tf\n\u003e\u003e\u003e tf.raw_ops.ImmutableConst(dtype=tf.resource, shape=[], memory_region_name=\"/tmp/test.txt\")\n...\nSegmentation fault\n```\n\n### Patches\nWe have patched the issue in 4f663d4b8f0bec1b48da6fa091a7d29609980fa4 and will release TensorFlow 2.5.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.\n\n### Workarounds\nIf using `tf.raw_ops.ImmutableConst` in code, you can prevent the segfault by inserting a filter for the `dtype` argument.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:23:05.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g4h2-gqm3-c9wq","https://nvd.nist.gov/vuln/detail/CVE-2021-29539","https://github.com/tensorflow/tensorflow/commit/4f663d4b8f0bec1b48da6fa091a7d29609980fa4","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-467.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-665.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-176.yaml","https://github.com/advisories/GHSA-g4h2-gqm3-c9wq"],"source_kind":"github","identifiers":["GHSA-g4h2-gqm3-c9wq","CVE-2021-29539"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.529Z","updated_at":"2024-10-30T23:27:32.000Z","epss_percentage":0.00015,"epss_percentile":0.018},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLThoNDYtNW05aC03NTUz","url":"https://github.com/advisories/GHSA-8h46-5m9h-7553","title":"Heap out of bounds write in `RaggedBinCount`","description":"### Impact\nIf the `splits` argument of `RaggedBincount` does not specify a valid [`SparseTensor`](https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor), then an attacker can trigger a heap buffer overflow:\n\n```python\nimport tensorflow as tf\ntf.raw_ops.RaggedBincount(splits=[7,8], values= [5, 16, 51, 76, 29, 27, 54, 95],\\\n                          size= 59, weights= [0, 0, 0, 0, 0, 0, 0, 0],\\\n                          binary_output=False)\n```\n\nThis will cause a read from outside the bounds of the `splits` tensor buffer in the [implementation of the `RaggedBincount` op](https://github.com/tensorflow/tensorflow/blob/8b677d79167799f71c42fd3fa074476e0295413a/tensorflow/core/kernels/bincount_op.cc#L430-L446):\n    \n```cc \n    for (int idx = 0; idx \u003c num_values; ++idx) {\n      while (idx \u003e= splits(batch_idx)) {\n        batch_idx++;\n      }\n      ...\n      if (bin \u003c size) {\n        if (binary_output_) {\n          out(batch_idx - 1, bin) = T(1);\n        } else {\n          T value = (weights_size \u003e 0) ? weights(idx) : T(1);\n          out(batch_idx - 1, bin) += value;\n        }\n      } \n    }\n```\n\nBefore the `for` loop, `batch_idx` is set to 0. The attacker sets `splits(0)` to be 7, hence the `while` loop does not execute and `batch_idx` remains 0. This then results in writing to `out(-1, bin)`, which is before the heap allocated buffer for the output tensor.\n\n### Patches\nWe have patched the issue in GitHub commit [eebb96c2830d48597d055d247c0e9aebaea94cd5](https://github.com/tensorflow/tensorflow/commit/eebb96c2830d48597d055d247c0e9aebaea94cd5).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 and TensorFlow 2.3.3, as these are also affected.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:20:51.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":1.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8h46-5m9h-7553","https://nvd.nist.gov/vuln/detail/CVE-2021-29514","https://github.com/tensorflow/tensorflow/commit/eebb96c2830d48597d055d247c0e9aebaea94cd5","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-442.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-640.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-151.yaml","https://github.com/advisories/GHSA-8h46-5m9h-7553"],"source_kind":"github","identifiers":["GHSA-8h46-5m9h-7553","CVE-2021-29514"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":4.8677914673458424,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.262Z","updated_at":"2024-10-30T21:30:51.000Z","epss_percentage":0.00018,"epss_percentile":0.03034},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTc3MnAteDU0cC1oanJ2","url":"https://github.com/advisories/GHSA-772p-x54p-hjrv","title":"Division by zero in `Conv3D`","description":"### Impact\nA malicious user could trigger a division by 0 in `Conv3D` implementation:\n\n```python\nimport tensorflow as tf\n\ninput_tensor = tf.constant([], shape=[0, 0, 0, 0, 0], dtype=tf.float32)\nfilter_tensor = tf.constant([], shape=[0, 0, 0, 0, 0], dtype=tf.float32)\n\ntf.raw_ops.Conv3D(input=input_tensor, filter=filter_tensor, strides=[1, 56, 56, 56, 1], padding='VALID', data_format='NDHWC', dilations=[1, 1, 1, 23, 1])\n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/42033603003965bffac51ae171b51801565e002d/tensorflow/core/kernels/conv_ops_3d.cc#L143-L145) does a modulo operation based on user controlled input:\n\n```cc\n  const int64 out_depth = filter.dim_size(4);\n  OP_REQUIRES(context, in_depth % filter_depth == 0, ...);\n```\n\nThus, when `filter` has a 0 as the fifth element, this results in a division by 0.\n\nAdditionally, if the shape of the two tensors is not valid, an Eigen assertion can be triggered, resulting in a program crash:\n\n```python\nimport tensorflow as tf\n\ninput_tensor = tf.constant([], shape=[2, 2, 2, 2, 0], dtype=tf.float32)\nfilter_tensor = tf.constant([], shape=[0, 0, 2, 6, 2], dtype=tf.float32)\n\ntf.raw_ops.Conv3D(input=input_tensor, filter=filter_tensor, strides=[1, 56, 39, 34, 1], padding='VALID', data_format='NDHWC', dilations=[1, 1, 1, 1, 1])\n```\n\nThe shape of the two tensors must follow the constraints specified in the [op description](https://www.tensorflow.org/api_docs/python/tf/raw_ops/Conv3D).\n\n### Patches\nWe have patched the issue in GitHub commit [799f835a3dfa00a4d852defa29b15841eea9d64f](https://github.com/tensorflow/tensorflow/commit/799f835a3dfa00a4d852defa29b15841eea9d64f).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:21:01.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-772p-x54p-hjrv","https://nvd.nist.gov/vuln/detail/CVE-2021-29517","https://github.com/tensorflow/tensorflow/commit/799f835a3dfa00a4d852defa29b15841eea9d64f","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-445.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-643.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-154.yaml","https://github.com/advisories/GHSA-772p-x54p-hjrv"],"source_kind":"github","identifiers":["GHSA-772p-x54p-hjrv","CVE-2021-29517"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.300Z","updated_at":"2024-10-28T21:26:23.000Z","epss_percentage":0.00015,"epss_percentile":0.018},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXE0cWYtM2ZjNi04eDM0","url":"https://github.com/advisories/GHSA-q4qf-3fc6-8x34","title":"Segfault and data corruption in tensorflow-lite","description":"### Impact\nTo mimic Python's indexing with negative values, TFLite uses `ResolveAxis` to convert negative values to positive indices. However, the only check that the converted index is now valid is only present in debug builds:\nhttps://github.com/tensorflow/tensorflow/blob/0e68f4d3295eb0281a517c3662f6698992b7b2cf/tensorflow/lite/kernels/internal/reference/reduce.h#L68-L72\n\nIf the `DCHECK` does not trigger, then code execution moves ahead with a negative index. This, in turn, results in accessing data out of bounds which results in segfaults and/or data corruption.\n### Patches\nWe have patched the issue in 2d88f470dea2671b430884260f3626b1fe99830a and will release patch releases for all versions between 1.15 and 2.3.\n\nWe recommend users to upgrade to TensorFlow 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2020-09-25T18:28:43.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":6.4,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:H/SA:H","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q4qf-3fc6-8x34","https://github.com/tensorflow/tensorflow/commit/2d88f470dea2671b430884260f3626b1fe99830a","https://github.com/tensorflow/tensorflow/releases/tag/v2.3.1","https://nvd.nist.gov/vuln/detail/CVE-2020-15207","http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00065.html","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-287.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-322.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-130.yaml","https://github.com/advisories/GHSA-q4qf-3fc6-8x34"],"source_kind":"github","identifiers":["GHSA-q4qf-3fc6-8x34","CVE-2020-15207"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":31.153865391013394,"packages":[{"versions":[{"first_patched_version":"2.3.1","vulnerable_version_range":"= 2.3.0"},{"first_patched_version":"2.2.1","vulnerable_version_range":"= 2.2.0"},{"first_patched_version":"2.1.2","vulnerable_version_range":"\u003e= 2.1.0, \u003c 2.1.2"},{"first_patched_version":"2.0.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.0.3"},{"first_patched_version":"1.15.4","vulnerable_version_range":"\u003c 1.15.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.3.1","vulnerable_version_range":"= 2.3.0"},{"first_patched_version":"2.2.1","vulnerable_version_range":"= 2.2.0"},{"first_patched_version":"2.1.2","vulnerable_version_range":"\u003e= 2.1.0, \u003c 2.1.2"},{"first_patched_version":"2.0.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.0.3"},{"first_patched_version":"1.15.4","vulnerable_version_range":"\u003c 1.15.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.3.1","vulnerable_version_range":"= 2.3.0"},{"first_patched_version":"2.2.1","vulnerable_version_range":"= 2.2.0"},{"first_patched_version":"2.1.2","vulnerable_version_range":"\u003e= 2.1.0, \u003c 2.1.2"},{"first_patched_version":"2.0.3","vulnerable_version_range":"\u003e= 2.0.0, \u003c 2.0.3"},{"first_patched_version":"1.15.4","vulnerable_version_range":"\u003c 1.15.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:13.706Z","updated_at":"2024-10-30T21:12:27.000Z","epss_percentage":0.01411,"epss_percentile":0.79501},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXFmcGMtNXBqci1taDI2","url":"https://github.com/advisories/GHSA-qfpc-5pjr-mh26","title":"Missing validation in shape inference for `Dequantize`","description":"### Impact\nThe shape inference code for `tf.raw_ops.Dequantize` has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments:\n\n```python\nimport tensorflow as tf\n\ntf.compat.v1.disable_v2_behavior()\ntf.raw_ops.Dequantize(\n  input_tensor = tf.constant(-10.0, dtype=tf.float32),\n  input_tensor = tf.cast(input_tensor, dtype=tf.quint8),\n  min_range = tf.constant([], shape=[0], dtype=tf.float32),\n  max_range = tf.constant([], shape=[0], dtype=tf.float32),\n  mode  = 'MIN_COMBINED',\n  narrow_range=False,\n  axis=-10,\n  dtype=tf.dtypes.float32)\n```\n\nThe shape inference [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/ops/array_ops.cc#L2999-L3014) uses `axis` to select between two different values for `minmax_rank` which is then used to retrieve tensor dimensions. However, code assumes that `axis` can be either `-1` or a value greater than `-1`, with no validation for the other values.\n\n### Patches\nWe have patched the issue in GitHub commit [da857cfa0fde8f79ad0afdbc94e88b5d4bbec764](https://github.com/tensorflow/tensorflow/commit/da857cfa0fde8f79ad0afdbc94e88b5d4bbec764).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang of Baidu Security.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2021-08-25T14:41:23.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":6.8,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qfpc-5pjr-mh26","https://nvd.nist.gov/vuln/detail/CVE-2021-37677","https://github.com/tensorflow/tensorflow/commit/da857cfa0fde8f79ad0afdbc94e88b5d4bbec764","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-590.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-788.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-299.yaml","https://github.com/advisories/GHSA-qfpc-5pjr-mh26"],"source_kind":"github","identifiers":["GHSA-qfpc-5pjr-mh26","CVE-2021-37677"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":33.100981977951726,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:49.251Z","updated_at":"2024-11-13T21:14:01.000Z","epss_percentage":0.00017,"epss_percentile":0.027},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWcyNWgtanI3NC1xcDVq","url":"https://github.com/advisories/GHSA-g25h-jr74-qp5j","title":"Incomplete validation in `QuantizeV2`","description":"### Impact                                                                                                                                                                                                                                                                                \nDue to incomplete validation in `tf.raw_ops.QuantizeV2`, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.QuantizeV2(\n  input=[1,2,3],\n  min_range=[1,2],\n  max_range=[],\n  T=tf.qint32,\n  mode='SCALED',\n  round_mode='HALF_AWAY_FROM_ZERO',\n  narrow_range=False,\n  axis=1,\n  ensure_minimum_range=3)\n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/quantize_op.cc#L59) has some validation but does not check that `min_range` and `max_range` both have the same non-zero number of elements. If `axis` is provided (i.e., not `-1`), then validation should check that it is a value in range for the rank of `input` tensor and then the lengths of `min_range` and `max_range` inputs match the `axis` dimension of the `input` tensor.\n  \n### Patches\nWe have patched the issue in GitHub commit [6da6620efad397c85493b8f8667b821403516708](https://github.com/tensorflow/tensorflow/commit/6da6620efad397c85493b8f8667b821403516708).\n  \nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-08-25T14:42:23.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.5,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g25h-jr74-qp5j","https://nvd.nist.gov/vuln/detail/CVE-2021-37663","https://github.com/tensorflow/tensorflow/commit/6da6620efad397c85493b8f8667b821403516708","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-576.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-774.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-285.yaml","https://github.com/advisories/GHSA-g25h-jr74-qp5j"],"source_kind":"github","identifiers":["GHSA-g25h-jr74-qp5j","CVE-2021-37663"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":41.37622747243966,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:49.427Z","updated_at":"2024-11-13T20:57:22.000Z","epss_percentage":0.0003,"epss_percentile":0.06871},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWNtNXgtODM3eC1qZjNj","url":"https://github.com/advisories/GHSA-cm5x-837x-jf3c","title":"Division by 0 in inplace operations","description":"### Impact\nAn attacker can cause a floating point exception by calling inplace operations with crafted arguments that would result in a division by 0:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.InplaceSub(x=[],i=[-99,-1,-1],v=[1,1,1])\n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/inplace_ops.cc#L283) has a logic error: it should skip processing if `x` and `v` are empty but the code uses `||` instead of `\u0026\u0026`.\n\n### Patches\nWe have patched the issue in GitHub commit [e86605c0a336c088b638da02135ea6f9f6753618](https://github.com/tensorflow/tensorflow/commit/e86605c0a336c088b638da02135ea6f9f6753618).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2021-08-25T14:42:44.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":6.8,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cm5x-837x-jf3c","https://nvd.nist.gov/vuln/detail/CVE-2021-37660","https://github.com/tensorflow/tensorflow/commit/e86605c0a336c088b638da02135ea6f9f6753618","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-573.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-771.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-282.yaml","https://github.com/advisories/GHSA-cm5x-837x-jf3c"],"source_kind":"github","identifiers":["GHSA-cm5x-837x-jf3c","CVE-2021-37660"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":33.100981977951726,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:49.556Z","updated_at":"2024-11-13T20:54:13.000Z","epss_percentage":0.00035,"epss_percentile":0.08885},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLWM1eDItcDY3OS05NXdj","url":"https://github.com/advisories/GHSA-c5x2-p679-95wc","title":"Null pointer dereference in `SparseTensorSliceDataset`","description":"### Impact\nWhen a user does not supply arguments that determine a valid sparse tensor, `tf.raw_ops.SparseTensorSliceDataset` implementation can be made to dereference a null pointer:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.SparseTensorSliceDataset(\n  indices=[[],[],[]],\n  values=[1,2,3],\n  dense_shape=[3,3])\n```\n  \nThe [implementation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L240-L251) has some argument validation but fails to consider the case when either `indices` or `values` are provided for an empty sparse tensor when the other is not.\n\nIf `indices` is empty (as in the example above), then [code that performs validation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L260-L261) (i.e., checking that the indices are monotonically increasing) results in a null pointer dereference: \n\n```cc\n    for (int64_t i = 0; i \u003c indices-\u003edim_size(0); ++i) {\n      int64_t next_batch_index = indices-\u003ematrix\u003cint64\u003e()(i, 0);\n      ...\n    }\n```\n\nIf `indices` as provided by the user is empty, then `indices` in the C++ code above is backed by an empty `std::vector`, hence calling `indices-\u003edim_size(0)` results in null pointer dereferencing (same as calling `std::vector::at()` on an empty vector).\n\n### Patches\nWe have patched the issue in GitHub commit [02cc160e29d20631de3859c6653184e3f876b9d7](https://github.com/tensorflow/tensorflow/commit/02cc160e29d20631de3859c6653184e3f876b9d7).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-08-25T14:43:32.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c5x2-p679-95wc","https://nvd.nist.gov/vuln/detail/CVE-2021-37647","https://github.com/tensorflow/tensorflow/commit/02cc160e29d20631de3859c6653184e3f876b9d7","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-560.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-758.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-269.yaml","https://github.com/advisories/GHSA-c5x2-p679-95wc"],"source_kind":"github","identifiers":["GHSA-c5x2-p679-95wc","CVE-2021-37647"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":34.0745402714209,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:49.930Z","updated_at":"2024-11-13T17:20:45.000Z","epss_percentage":0.00035,"epss_percentile":0.08889},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk1eG0tZzU4Zy0zcDg4","url":"https://github.com/advisories/GHSA-95xm-g58g-3p88","title":"Integer division by 0 in sparse reshaping","description":"### Impact\nThe implementation of `tf.raw_ops.SparseReshape` can be made to trigger an integral division by 0 exception:\n\n```python\nimport tensorflow as tf\n\ntf.raw_ops.SparseReshape(\n  input_indices = np.ones((1,3)),\n  input_shape = np.array([1,1,0]),\n  new_shape = np.array([1,0]))\n```\n  \nThe [implementation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/reshape_util.cc#L176-L181) calls the reshaping functor whenever there is at least an index in the input but does not check that shape of the input or the target shape have both a non-zero number of elements.\n\nThe [reshape functor](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/reshape_util.cc#L40-L78) blindly divides by the dimensions of the target shape. Hence, if this is not checked, code will result in a division by 0.\n  \n### Patches\nWe have patched the issue in GitHub commit [4923de56ec94fff7770df259ab7f2288a74feb41](https://github.com/tensorflow/tensorflow/commit/4923de56ec94fff7770df259ab7f2288a74feb41).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1 as this is the other affected version.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n  \n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2021-08-25T14:44:02.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":5.7,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-95xm-g58g-3p88","https://nvd.nist.gov/vuln/detail/CVE-2021-37640","https://github.com/tensorflow/tensorflow/commit/4923de56ec94fff7770df259ab7f2288a74feb41","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-553.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-751.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-262.yaml","https://github.com/advisories/GHSA-95xm-g58g-3p88"],"source_kind":"github","identifiers":["GHSA-95xm-g58g-3p88","CVE-2021-37640"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":27.746411363871303,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:50.525Z","updated_at":"2024-11-13T16:32:14.000Z","epss_percentage":0.00035,"epss_percentile":0.08885},{"uuid":"GSA_kwCzR0hTQS01NHBwLWM2cHAtN2ZweM4AAv-u","url":"https://github.com/advisories/GHSA-54pp-c6pp-7fpx","title":"Overflow in `ImageProjectiveTransformV2`","description":"### Impact\nWhen [`tf.raw_ops.ImageProjectiveTransformV2`](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/image_ops.cc) is given a large output shape, it overflows.\n```python\nimport tensorflow as tf\n\ninterpolation = \"BILINEAR\"\nfill_mode = \"REFLECT\"\nimages = tf.constant(0.184634328, shape=[2,5,8,3], dtype=tf.float32)\ntransforms = tf.constant(0.378575385, shape=[2,8], dtype=tf.float32)\noutput_shape = tf.constant([1879048192,1879048192], shape=[2], dtype=tf.int32)\ntf.raw_ops.ImageProjectiveTransformV2(images=images, transforms=transforms, output_shape=output_shape, interpolation=interpolation, fill_mode=fill_mode)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [8faa6ea692985dbe6ce10e1a3168e0bd60a723ba](https://github.com/tensorflow/tensorflow/commit/8faa6ea692985dbe6ce10e1a3168e0bd60a723ba).\n\nThe fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Neophytos Christou from the Secure Systems Lab (SSL) at Brown University.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-11-21T20:40:55.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-54pp-c6pp-7fpx","https://nvd.nist.gov/vuln/detail/CVE-2022-41886","https://github.com/tensorflow/tensorflow/commit/8faa6ea692985dbe6ce10e1a3168e0bd60a723ba","https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/image_ops.cc","https://github.com/advisories/GHSA-54pp-c6pp-7fpx"],"source_kind":"github","identifiers":["GHSA-54pp-c6pp-7fpx","CVE-2022-41886"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:50.080Z","updated_at":"2023-02-01T05:04:05.000Z","epss_percentage":0.00133,"epss_percentile":0.34379},{"uuid":"GSA_kwCzR0hTQS05NG1tLWcybXYtOHA3cs4AAyT4","url":"https://github.com/advisories/GHSA-94mm-g2mv-8p7r","title":"TensorFlow has Null Pointer Error in LookupTableImportV2","description":"### Impact\nThe function `tf.raw_ops.LookupTableImportV2` cannot handle scalars in the `values` parameter and gives an NPE.\n\n```python\nimport tensorflow as tf\n\nv = tf.Variable(1)\n\n@tf.function(jit_compile=True)\ndef test():\n   func = tf.raw_ops.LookupTableImportV2\n   para={'table_handle': v.handle,'keys': [62.98910140991211, 94.36528015136719], 'values': -919}\n\n   y = func(**para)\n   return y\n\nprint(test())\n```\n\n### Patches\nWe have patched the issue in GitHub commit [980b22536abcbbe1b4a5642fc940af33d8c19b69](https://github.com/tensorflow/tensorflow/commit/980b22536abcbbe1b4a5642fc940af33d8c19b69).\n\nThe fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by r3pwnx of 360 AIVul Team\n","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-03-24T21:54:55.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-94mm-g2mv-8p7r","https://github.com/tensorflow/tensorflow/commit/980b22536abcbbe1b4a5642fc940af33d8c19b69","https://nvd.nist.gov/vuln/detail/CVE-2023-25672","https://github.com/advisories/GHSA-94mm-g2mv-8p7r"],"source_kind":"github","identifiers":["GHSA-94mm-g2mv-8p7r","CVE-2023-25672"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2023-03-24T22:03:48.273Z","updated_at":"2023-03-30T16:59:15.000Z","epss_percentage":0.00092,"epss_percentile":0.27446},{"uuid":"GSA_kwCzR0hTQS03anZtLXh4bXItdjVjd84AAyUC","url":"https://github.com/advisories/GHSA-7jvm-xxmr-v5cw","title":"TensorFlow vulnerable to integer overflow in EditDistance","description":"### Impact\nTFversion 2.11.0 //tensorflow/core/ops/array_ops.cc:1067 const Tensor* hypothesis_shape_t = c-\u003einput_tensor(2); std::vector\u003cDimensionHandle\u003e dims(hypothesis_shape_t-\u003eNumElements() - 1); for (int i = 0; i \u003c dims.size(); ++i) { dims[i] = c-\u003eMakeDim(std::max(h_values(i), t_values(i))); }\n\nif hypothesis_shape_t is empty, hypothesis_shape_t-\u003eNumElements() - 1 will be integer overflow, and the it will deadlock\n```python\nimport tensorflow as tf\npara={\n    'hypothesis_indices': [[]],\n    'hypothesis_values': ['tmp/'],\n    'hypothesis_shape': [],\n    'truth_indices': [[]],\n    'truth_values': [''],\n    'truth_shape': [],\n    'normalize': False\n    }\ntf.raw_ops.EditDistance(**para)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [08b8e18643d6dcde00890733b270ff8d9960c56c](https://github.com/tensorflow/tensorflow/commit/08b8e18643d6dcde00890733b270ff8d9960c56c).\n\nThe fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by r3pwnx","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-03-24T21:58:31.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7jvm-xxmr-v5cw","https://github.com/tensorflow/tensorflow/commit/08b8e18643d6dcde00890733b270ff8d9960c56c","https://nvd.nist.gov/vuln/detail/CVE-2023-25662","https://github.com/advisories/GHSA-7jvm-xxmr-v5cw"],"source_kind":"github","identifiers":["GHSA-7jvm-xxmr-v5cw","CVE-2023-25662"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2023-03-24T22:03:48.173Z","updated_at":"2023-03-27T21:58:28.000Z","epss_percentage":0.00134,"epss_percentile":0.34492},{"uuid":"GSA_kwCzR0hTQS1tZ21oLWcydjYtbXF3Nc4AAu2J","url":"https://github.com/advisories/GHSA-mgmh-g2v6-mqw5","title":"TensorFlow vulnerable to `CHECK` failure in `AvgPoolOp`","description":"### Impact\nThe [`AvgPoolOp`](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/avgpooling_op.cc#L56-L98) function takes an argument `ksize` that must be positive but is not checked. A negative `ksize` can trigger a `CHECK` failure and crash the program.\n```python\nimport tensorflow as tf\nimport numpy as np\n\nvalue = np.ones([1, 1, 1, 1])\nksize = [1, 1e20, 1, 1]\nstrides = [1, 1, 1, 1]\npadding = 'SAME'\ndata_format = 'NHWC'\n\ntf.raw_ops.AvgPool(value=value, ksize=ksize, strides=strides, padding=padding, data_format=data_format)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [3a6ac52664c6c095aa2b114e742b0aa17fdce78f](https://github.com/tensorflow/tensorflow/commit/3a6ac52664c6c095aa2b114e742b0aa17fdce78f).\n\nThe fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Jingyi Shi.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-09-16T21:18:42.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mgmh-g2v6-mqw5","https://github.com/tensorflow/tensorflow/commit/3a6ac52664c6c095aa2b114e742b0aa17fdce78f","https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/avgpooling_op.cc#L56-L98","https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0","https://nvd.nist.gov/vuln/detail/CVE-2022-35941","https://github.com/advisories/GHSA-mgmh-g2v6-mqw5"],"source_kind":"github","identifiers":["GHSA-mgmh-g2v6-mqw5","CVE-2022-35941"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.2","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.9.2","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.9.2","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:58.369Z","updated_at":"2023-01-28T05:03:03.000Z","epss_percentage":0.00197,"epss_percentile":0.42214},{"uuid":"GSA_kwCzR0hTQS02OHYzLWc5Y20tcm1tNs4AAyTx","url":"https://github.com/advisories/GHSA-68v3-g9cm-rmm6","title":"TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad","description":"### Impact\nOut of bounds read in GRUBlockCellGrad\n```python\nfunc = tf.raw_ops.GRUBlockCellGrad\n\npara = {'x': [[21.1, 156.2], [83.3, 115.4]], 'h_prev': array([[136.5],\n      [136.6]]), 'w_ru': array([[26.7,  0.8],\n      [47.9, 26.1],\n      [26.2, 26.3]]), 'w_c': array([[ 0.4],\n      [31.5],\n      [ 0.6]]), 'b_ru': array([0.1, 0.2 ], dtype=float32), 'b_c': 0x41414141, 'r': array([[0.3],\n      [0.4]], dtype=float32), 'u': array([[5.7],\n      [5.8]]), 'c': array([[52.9],\n      [53.1]]), 'd_h': array([[172.2],\n      [188.3 ]])}\n```\n\n### Patches\nWe have patched the issue in GitHub commit [ff459137c2716a2a60f7d441b855fcb466d778cb](https://github.com/tensorflow/tensorflow/commit/ff459137c2716a2a60f7d441b855fcb466d778cb).\n\nThe fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by r3pwnx.\n","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-03-24T21:53:25.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-68v3-g9cm-rmm6","https://github.com/tensorflow/tensorflow/commit/ff459137c2716a2a60f7d441b855fcb466d778cb","https://nvd.nist.gov/vuln/detail/CVE-2023-25658","https://github.com/advisories/GHSA-68v3-g9cm-rmm6"],"source_kind":"github","identifiers":["GHSA-68v3-g9cm-rmm6","CVE-2023-25658"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2023-03-24T22:03:48.356Z","updated_at":"2023-03-27T21:26:05.000Z","epss_percentage":0.00047,"epss_percentile":0.14155},{"uuid":"GSA_kwCzR0hTQS1qcTZ4LTk5aGotcTYzNs4AAv-s","url":"https://github.com/advisories/GHSA-jq6x-99hj-q636","title":"Seg fault in `ndarray_tensor_bridge` due to zero and large inputs","description":"### Impact\nIf a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. E.g. the following raises an error:\n```python\nnp.ones((0, 2**31, 2**31))\n```\nAn example of a proof of concept:\n```python\nimport numpy as np\nimport tensorflow as tf\n\ninput_val = tf.constant([1])\nshape_val = np.array([i for i in range(21)])\n\ntf.broadcast_to(input=input_val,shape=shape_val)\n```\nThe return value of `PyArray_SimpleNewFromData`, which returns null on such shapes, is not checked.\n\n### Patches\nWe have patched the issue in GitHub commit [2b56169c16e375c521a3bc8ea658811cc0793784](https://github.com/tensorflow/tensorflow/commit/2b56169c16e375c521a3bc8ea658811cc0793784).\n\nThe fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Pattarakrit Rattanukul.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-11-21T20:39:49.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636","https://nvd.nist.gov/vuln/detail/CVE-2022-41884","https://github.com/tensorflow/tensorflow/commit/2b56169c16e375c521a3bc8ea658811cc0793784","https://github.com/advisories/GHSA-jq6x-99hj-q636"],"source_kind":"github","identifiers":["GHSA-jq6x-99hj-q636","CVE-2022-41884"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:50.097Z","updated_at":"2023-02-01T05:03:58.000Z","epss_percentage":0.00145,"epss_percentile":0.36173},{"uuid":"GSA_kwCzR0hTQS13NTh3LTc5eHYtNnZjas4AAv-r","url":"https://github.com/advisories/GHSA-w58w-79xv-6vcj","title":"Out of bounds segmentation fault due to unequal op inputs in Tensorflow","description":"### Impact\n [`tf.raw_ops.DynamicStitch`](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/dynamic_stitch_op.cc) specifies input sizes when it is [registered](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/ops/data_flow_ops.cc). \n```cpp\nREGISTER_OP(\"DynamicStitch\")\n    .Input(\"indices: N * int32\")\n    .Input(\"data: N * T\")\n    .Output(\"merged: T\")\n    .Attr(\"N : int \u003e= 1\")\n    .Attr(\"T : type\")\n    .SetShapeFn(DynamicStitchShapeFunction);\n```\nWhen it receives a differing number of inputs, such as when it is called with an `indices` size 1 and a `data` size 2, it will crash.\n```python\nimport tensorflow as tf\n\n# indices = 1*[tf.random.uniform([1,2], dtype=tf.dtypes.int32, maxval=100)]\nindices = [tf.constant([[0, 1]]),]\n\n# data = 2*[tf.random.uniform([1,2], dtype=tf.dtypes.float32, maxval=100)]\ndata = [tf.constant([[5, 6]]), tf.constant([[7, 8]])]\n\ntf.raw_ops.DynamicStitch(\n    indices=indices, \n    data=data)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [f5381e0e10b5a61344109c1b7c174c68110f7629](https://github.com/tensorflow/tensorflow/commit/f5381e0e10b5a61344109c1b7c174c68110f7629).\n\nThe fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1 as this is also affected.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Zizhuang Deng of IIE, UCAS\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-11-21T20:39:20.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w58w-79xv-6vcj","https://nvd.nist.gov/vuln/detail/CVE-2022-41883","https://github.com/tensorflow/tensorflow/commit/f5381e0e10b5a61344109c1b7c174c68110f7629","https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/dynamic_stitch_op.cc","https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/ops/data_flow_ops.cc","https://github.com/advisories/GHSA-w58w-79xv-6vcj"],"source_kind":"github","identifiers":["GHSA-w58w-79xv-6vcj","CVE-2022-41883"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"= 2.10.0"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"= 2.10.0"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"= 2.10.0"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:50.105Z","updated_at":"2023-02-01T05:03:59.000Z","epss_percentage":0.00093,"epss_percentile":0.27446},{"uuid":"GSA_kwCzR0hTQS05amp3LWhmNzItM214d84AAvMC","url":"https://github.com/advisories/GHSA-9jjw-hf72-3mxw","title":"TensorFlow vulnerable to heap out of bounds read in filesystem glob matching","description":"### Impact\nThe general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of [the array holding the directories](https://github.com/tensorflow/tensorflow/blob/458c6260265c46ebaf18052d6c61aea4b6b40926/tensorflow/core/platform/file_system_helper.cc#L127):\n\n```cc\nif (!fs-\u003eMatch(child_path, dirs[dir_index])) { ... }\n```\n\nSince `dir_index` is [unconditionaly incremented](https://github.com/tensorflow/tensorflow/blob/458c6260265c46ebaf18052d6c61aea4b6b40926/tensorflow/core/platform/file_system_helper.cc#L106) outside of the lambda function where the vulnerable pattern occurs, this results in an access out of bounds issue under certain scenarios. For example, if `/tmp/x` is a directory that only contains a single file `y`, then the following scenario will cause a crash due to the out of bounds read:\n\n```python\n\u003e\u003e\u003e tf.io.gfile.glob('/tmp/x/')\nSegmentation fault\n```\n\nThere are multiple invariants and preconditions that are assumed by the parallel implementation of `GetMatchingPaths` but are not verified by the PRs introducing it ([#40861](https://github.com/tensorflow/tensorflow/pull/40861) and [#44310](https://github.com/tensorflow/tensorflow/pull/44310)). Thus, we are completely rewriting the implementation to fully specify and validate these.\n\n### Patches\nWe have patched the issue in GitHub commit [8b5b9dc96666a3a5d27fad7179ff215e3b74b67c](https://github.com/tensorflow/tensorflow/commit/8b5b9dc96666a3a5d27fad7179ff215e3b74b67c) and will release TensorFlow 2.4.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.\n\nThis issue only impacts master branch and the release candidates for TF version 2.4. The final release of the 2.4 release will be patched.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by members of the Aivul Team from Qihoo 360.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-10-07T07:22:33.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":7.2,"cvss_vector":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9jjw-hf72-3mxw","https://nvd.nist.gov/vuln/detail/CVE-2020-26269","https://github.com/tensorflow/tensorflow/pull/40861","https://github.com/tensorflow/tensorflow/pull/44310","https://github.com/tensorflow/tensorflow/commit/8b5b9dc96666a3a5d27fad7179ff215e3b74b67c","https://github.com/tensorflow/tensorflow/blob/458c6260265c46ebaf18052d6c61aea4b6b40926/tensorflow/core/platform/file_system_helper.cc#L106","https://github.com/tensorflow/tensorflow/blob/458c6260265c46ebaf18052d6c61aea4b6b40926/tensorflow/core/platform/file_system_helper.cc#L127","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2020-300.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2020-335.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2020-141.yaml","https://github.com/advisories/GHSA-9jjw-hf72-3mxw"],"source_kind":"github","identifiers":["GHSA-9jjw-hf72-3mxw","CVE-2020-26269"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":35.04809856489007,"packages":[{"versions":[{"first_patched_version":"2.4.0","vulnerable_version_range":"\u003e= 2.4.0rc0, \u003c 2.4.0"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.0","vulnerable_version_range":"\u003e= 2.4.0rc0, \u003c 2.4.0"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.0","vulnerable_version_range":"\u003e= 2.4.0rc0, \u003c 2.4.0"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:55.859Z","updated_at":"2024-10-30T21:23:20.000Z","epss_percentage":0.00181,"epss_percentile":0.40479},{"uuid":"GSA_kwCzR0hTQS1mNjM3LXZoM3ItdmZoMs4AAyT-","url":"https://github.com/advisories/GHSA-f637-vh3r-vfh2","title":"TensorFlow has Floating Point Exception in AudioSpectrogram ","description":"### Impact\nversion:2.11.0 //core/ops/audio_ops.cc:70\n\nStatus SpectrogramShapeFn(InferenceContext* c) { ShapeHandle input; TF_RETURN_IF_ERROR(c-\u003eWithRank(c-\u003einput(0), 2, \u0026input)); int32_t window_size; TF_RETURN_IF_ERROR(c-\u003eGetAttr(\"window_size\", \u0026window_size)); int32_t stride; TF_RETURN_IF_ERROR(c-\u003eGetAttr(\"stride\", \u0026stride)); .....[1]\n\nDimensionHandle input_length = c-\u003eDim(input, 0); DimensionHandle input_channels = c-\u003eDim(input, 1);\n\nDimensionHandle output_length; if (!c-\u003eValueKnown(input_length)) { output_length = c-\u003eUnknownDim(); } else { const int64_t input_length_value = c-\u003eValue(input_length); const int64_t length_minus_window = (input_length_value - window_size); int64_t output_length_value; if (length_minus_window \u003c 0) { output_length_value = 0; } else { output_length_value = 1 + (length_minus_window / stride); .....[2] } output_length = c-\u003eMakeDim(output_length_value); }\n\nGet the value of stride at [1], and the used at [2]\n```python\nimport tensorflow as tf\n\npara = {'input': tf.constant([[14.], [24.]], dtype=tf.float32), 'window_size': 1, 'stride': 0, 'magnitude_squared': False}\nfunc = tf.raw_ops.AudioSpectrogram\n\n@tf.function(jit_compile=True)\ndef fuzz_jit():\n   y = func(**para)\n   return y\n\nfuzz_jit()\n```\n\n### Patches\nWe have patched the issue in GitHub commit [d0d4e779da0d0f56499c6fa5ba09f0a576cc6b14](https://github.com/tensorflow/tensorflow/commit/d0d4e779da0d0f56499c6fa5ba09f0a576cc6b14).\n\nThe fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by r3pwnx\n","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-03-24T21:57:18.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2","https://github.com/tensorflow/tensorflow/commit/d0d4e779da0d0f56499c6fa5ba09f0a576cc6b14","https://nvd.nist.gov/vuln/detail/CVE-2023-25666","https://github.com/advisories/GHSA-f637-vh3r-vfh2"],"source_kind":"github","identifiers":["GHSA-f637-vh3r-vfh2","CVE-2023-25666"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2023-03-24T22:03:48.213Z","updated_at":"2023-03-27T22:01:35.000Z","epss_percentage":0.0003,"epss_percentile":0.06933},{"uuid":"GSA_kwCzR0hTQS02NDd2LXI3cXEtMjRmaM4AAyT3","url":"https://github.com/advisories/GHSA-647v-r7qq-24fh","title":"TensorFlow has Floating Point Exception in TensorListSplit with XLA ","description":"### Impact\nFPE in TensorListSplit with XLA \n```python\nimport tensorflow as tf\n\nfunc = tf.raw_ops.TensorListSplit\npara = {'tensor': [1], 'element_shape': -1, 'lengths': [0]}\n\n@tf.function(jit_compile=True)\ndef fuzz_jit():\n y = func(**para)\n return y\n\nprint(fuzz_jit())\n```\n\n### Patches\nWe have patched the issue in GitHub commit [728113a3be690facad6ce436660a0bc1858017fa](https://github.com/tensorflow/tensorflow/commit/728113a3be690facad6ce436660a0bc1858017fa).\n\nThe fix will be included in TensorFlow 2.12.0. We will also cherrypick this commit on TensorFlow 2.11.1\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by r3pwnx","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2023-03-24T21:54:42.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-647v-r7qq-24fh","https://github.com/tensorflow/tensorflow/commit/728113a3be690facad6ce436660a0bc1858017fa","https://nvd.nist.gov/vuln/detail/CVE-2023-25673","https://github.com/advisories/GHSA-647v-r7qq-24fh"],"source_kind":"github","identifiers":["GHSA-647v-r7qq-24fh","CVE-2023-25673"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.11.1","vulnerable_version_range":"\u003c 2.11.1"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2023-03-24T22:03:48.283Z","updated_at":"2023-03-30T16:59:45.000Z","epss_percentage":0.00187,"epss_percentile":0.41092},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXg0ZzctZnZqai1wcmc4","url":"https://github.com/advisories/GHSA-x4g7-fvjj-prg8","title":"Division by 0 in `QuantizedConv2D`","description":"### Impact\nAn attacker can trigger a division by 0 in `tf.raw_ops.QuantizedConv2D`:\n\n```python\nimport tensorflow as tf\n\ninput = tf.zeros([1, 1, 1, 1], dtype=tf.quint8)\nfilter = tf.constant([], shape=[1, 0, 1, 1], dtype=tf.quint8)\nmin_input = tf.constant(0.0)\nmax_input = tf.constant(0.0001)\nmin_filter = tf.constant(0.0)\nmax_filter = tf.constant(0.0001)\nstrides = [1, 1, 1, 1]\npadding = \"SAME\"               \n                               \n\ntf.raw_ops.QuantizedConv2D(input=input, filter=filter, min_input=min_input, max_input=max_input, min_filter=min_filter, max_filter=max_filter, strides=strides, padding=padding)\n```\nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/00e9a4d67d76703fa1aee33dac582acf317e0e81/tensorflow/core/kernels/quantized_conv_ops.cc#L257-L259) does a division by a quantity that is controlled by the caller: \n\n```cc\nconst int filter_value_count = filter_width * filter_height * input_depth;\nconst int64 patches_per_chunk = kMaxChunkSize / (filter_value_count * sizeof(T1));\n```\n  \n### Patches\nWe have patched the issue in GitHub commit [cfa91be9863a91d5105a3b4941096044ab32036b](https://github.com/tensorflow/tensorflow/commit/cfa91be9863a91d5105a3b4941096044ab32036b).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Ying Wang and Yakun Zhang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:21:59.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x4g7-fvjj-prg8","https://nvd.nist.gov/vuln/detail/CVE-2021-29527","https://github.com/tensorflow/tensorflow/commit/cfa91be9863a91d5105a3b4941096044ab32036b","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-455.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-653.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-164.yaml","https://github.com/advisories/GHSA-x4g7-fvjj-prg8"],"source_kind":"github","identifiers":["GHSA-x4g7-fvjj-prg8","CVE-2021-29527"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.395Z","updated_at":"2024-10-30T23:17:40.000Z","epss_percentage":0.00015,"epss_percentile":0.018},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXhnYzMtbTg5cC12cjN4","url":"https://github.com/advisories/GHSA-xgc3-m89p-vr3x","title":"Heap buffer overflow in `Conv2DBackpropFilter`","description":"### Impact\nAn attacker can cause a heap buffer overflow to occur in `Conv2DBackpropFilter`:\n\n```python\nimport tensorflow as tf\n\ninput_tensor = tf.constant([386.078431372549, 386.07843139643234],\n                           shape=[1, 1, 1, 2], dtype=tf.float32)\nfilter_sizes = tf.constant([1, 1, 1, 1], shape=[4], dtype=tf.int32)\nout_backprop = tf.constant([386.078431372549], shape=[1, 1, 1, 1],\n                           dtype=tf.float32)\n  \ntf.raw_ops.Conv2DBackpropFilter(\n  input=input_tensor,\n  filter_sizes=filter_sizes,\n  out_backprop=out_backprop,\n  strides=[1, 66, 49, 1],\n  use_cudnn_on_gpu=True,\n  padding='VALID',\n  explicit_paddings=[],\n  data_format='NHWC',\n  dilations=[1, 1, 1, 1]\n)\n```\n\nAlternatively, passing empty tensors also results in similar behavior: \n\n```python\nimport tensorflow as tf\n\ninput_tensor = tf.constant([], shape=[0, 1, 1, 5], dtype=tf.float32)\nfilter_sizes = tf.constant([3, 8, 1, 1], shape=[4], dtype=tf.int32)\nout_backprop = tf.constant([], shape=[0, 1, 1, 1], dtype=tf.float32)\n\ntf.raw_ops.Conv2DBackpropFilter(\n  input=input_tensor,\n  filter_sizes=filter_sizes, \n  out_backprop=out_backprop,\n  strides=[1, 66, 49, 1], \n  use_cudnn_on_gpu=True,\n  padding='VALID',\n  explicit_paddings=[],\n  data_format='NHWC',\n  dilations=[1, 1, 1, 1]\n)\n```\n\nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/1b0296c3b8dd9bd948f924aa8cd62f87dbb7c3da/tensorflow/core/kernels/conv_grad_filter_ops.cc#L495-L497) computes the size of the filter tensor but does not validate that it matches the number of elements in `filter_sizes`. Later, when reading/writing to this buffer, code uses the value computed here, instead of the number of elements in the tensor.\n\n### Patches \nWe have patched the issue in GitHub commit [c570e2ecfc822941335ad48f6e10df4e21f11c96](https://github.com/tensorflow/tensorflow/commit/c570e2ecfc822941335ad48f6e10df4e21f11c96).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:23:09.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xgc3-m89p-vr3x","https://nvd.nist.gov/vuln/detail/CVE-2021-29540","https://github.com/tensorflow/tensorflow/commit/c570e2ecfc822941335ad48f6e10df4e21f11c96","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-468.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-666.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-177.yaml","https://github.com/advisories/GHSA-xgc3-m89p-vr3x"],"source_kind":"github","identifiers":["GHSA-xgc3-m89p-vr3x","CVE-2021-29540"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.538Z","updated_at":"2024-10-30T23:28:16.000Z","epss_percentage":0.00019,"epss_percentile":0.03467},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTRwNHAtd3d3OC04ZnY5","url":"https://github.com/advisories/GHSA-4p4p-www8-8fv9","title":"Reference binding to null in `ParameterizedTruncatedNormal`","description":"### Impact\nAn attacker can trigger undefined behavior by binding to null pointer in `tf.raw_ops.ParameterizedTruncatedNormal`:\n\n```python\nimport tensorflow as tf\n    \nshape = tf.constant([], shape=[0], dtype=tf.int32)\nmeans = tf.constant((1), dtype=tf.float32)\nstdevs = tf.constant((1), dtype=tf.float32)\nminvals = tf.constant((1), dtype=tf.float32)\nmaxvals = tf.constant((1), dtype=tf.float32)\n  \ntf.raw_ops.ParameterizedTruncatedNormal(\n  shape=shape, means=means, stdevs=stdevs, minvals=minvals, maxvals=maxvals)\n```\n\nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/3f6fe4dfef6f57e768260b48166c27d148f3015f/tensorflow/core/kernels/parameterized_truncated_normal_op.cc#L630) does not validate input arguments before accessing the first element of `shape`:\n\n```cc\nint32 num_batches = shape_tensor.flat\u003cint32\u003e()(0);\n``` \n\nIf `shape` argument is empty, then `shape_tensor.flat\u003cT\u003e()` is an empty array.\n\n### Patches\nWe have patched the issue in GitHub commit [5e52ef5a461570cfb68f3bdbbebfe972cb4e0fd8](https://github.com/tensorflow/tensorflow/commit/5e52ef5a461570cfb68f3bdbbebfe972cb4e0fd8).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information \nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Ying Wang and Yakun Zhang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:25:19.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4p4p-www8-8fv9","https://nvd.nist.gov/vuln/detail/CVE-2021-29568","https://github.com/tensorflow/tensorflow/commit/5e52ef5a461570cfb68f3bdbbebfe972cb4e0fd8","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-496.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-694.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-205.yaml","https://github.com/advisories/GHSA-4p4p-www8-8fv9"],"source_kind":"github","identifiers":["GHSA-4p4p-www8-8fv9","CVE-2021-29568"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.916Z","updated_at":"2024-11-01T17:05:08.000Z","epss_percentage":0.00011,"epss_percentile":0.00688},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXI2angtOWc0OC0ycjVy","url":"https://github.com/advisories/GHSA-r6jx-9g48-2r5r","title":"Arbitrary code execution due to YAML deserialization","description":"### Impact\nTensorFlow and Keras can be tricked to perform arbitrary code execution when deserializing a Keras model from YAML format.\n\n```python\nfrom tensorflow.keras import models\n\npayload = '''\n!!python/object/new:type\nargs: ['z', !!python/tuple [], {'extend': !!python/name:exec }]\nlistitems: \"__import__('os').system('cat /etc/passwd')\"\n'''\n  \nmodels.model_from_yaml(payload)\n```\n  \nThe [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/python/keras/saving/model_config.py#L66-L104) uses `yaml.unsafe_load` which can perform arbitrary code execution on the input.\n\n### Patches\nGiven that YAML format support requires a significant amount of work, we have removed it for now.\n\nWe have patched the issue in GitHub commit [23d6383eb6c14084a8fc3bdf164043b974818012](https://github.com/tensorflow/tensorflow/commit/23d6383eb6c14084a8fc3bdf164043b974818012).\n\nThe fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.\n\n### For more information \nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Arjun Shibu.","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2021-08-25T14:41:12.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":8.5,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r6jx-9g48-2r5r","https://nvd.nist.gov/vuln/detail/CVE-2021-37678","https://github.com/tensorflow/tensorflow/commit/23d6383eb6c14084a8fc3bdf164043b974818012","https://github.com/tensorflow/tensorflow/commit/1df5a69e9f1a18a937e7907223066e606bf466b9","https://github.com/tensorflow/tensorflow/commit/8e47a685785bef8f81bcb996048921dfde08a9ab","https://github.com/tensorflow/tensorflow/commit/a09ab4e77afdcc6e1e045c9d41d5edab63aafc1a","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-591.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-789.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-300.yaml","https://github.com/advisories/GHSA-r6jx-9g48-2r5r"],"source_kind":"github","identifiers":["GHSA-r6jx-9g48-2r5r","CVE-2021-37678"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":41.37622747243966,"packages":[{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.5.1","vulnerable_version_range":"= 2.5.0"},{"first_patched_version":"2.4.3","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.3"},{"first_patched_version":"2.3.4","vulnerable_version_range":"\u003c 2.3.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:12:32.228Z","updated_at":"2024-11-13T21:14:32.000Z","epss_percentage":0.0161,"epss_percentile":0.80678},{"uuid":"GSA_kwCzR0hTQS00cGM0LW05bWotdjJyOc4AAu2w","url":"https://github.com/advisories/GHSA-4pc4-m9mj-v2r9","title":"TensorFlow vulnerable to segfault in `QuantizedBiasAdd`","description":"### Impact\nIf `QuantizedBiasAdd` is given `min_input`, `max_input`, `min_bias`, `max_bias` tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack.\n```python\nimport tensorflow as tf\n\nout_type = tf.qint32\ninput = tf.constant([85,170,255], shape=[3], dtype=tf.quint8)\nbias = tf.constant(43, shape=[2,3], dtype=tf.quint8)\nmin_input = tf.constant([], shape=[0], dtype=tf.float32)\nmax_input = tf.constant(0, shape=[1], dtype=tf.float32)\nmin_bias = tf.constant(0, shape=[1], dtype=tf.float32)\nmax_bias = tf.constant(0, shape=[1], dtype=tf.float32)\ntf.raw_ops.QuantizedBiasAdd(input=input, bias=bias, min_input=min_input, max_input=max_input, min_bias=min_bias, max_bias=max_bias, out_type=out_type)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [785d67a78a1d533759fcd2f5e8d6ef778de849e0](https://github.com/tensorflow/tensorflow/commit/785d67a78a1d533759fcd2f5e8d6ef778de849e0).\n\nThe fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Neophytos Christou, Secure Systems Labs, Brown University.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-09-16T22:20:36.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4pc4-m9mj-v2r9","https://github.com/tensorflow/tensorflow/commit/785d67a78a1d533759fcd2f5e8d6ef778de849e0","https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0","https://nvd.nist.gov/vuln/detail/CVE-2022-35972","https://github.com/advisories/GHSA-4pc4-m9mj-v2r9"],"source_kind":"github","identifiers":["GHSA-4pc4-m9mj-v2r9","CVE-2022-35972"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:57.966Z","updated_at":"2023-01-28T05:03:02.000Z","epss_percentage":0.00154,"epss_percentile":0.37223},{"uuid":"GSA_kwCzR0hTQS1nMzVyLTM2OXctM2ZxcM4AAu2u","url":"https://github.com/advisories/GHSA-g35r-369w-3fqp","title":"TensorFlow vulnerable to segfault in `QuantizedInstanceNorm`","description":"### Impact\nIf `QuantizedInstanceNorm` is given `x_min` or `x_max` tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack.\n```python\nimport tensorflow as tf\n\noutput_range_given = False\ngiven_y_min = 0\ngiven_y_max = 0\nvariance_epsilon = 1e-05\nmin_separation = 0.001\nx = tf.constant(88, shape=[1,4,4,32], dtype=tf.quint8)\nx_min = tf.constant([], shape=[0], dtype=tf.float32)\nx_max = tf.constant(0, shape=[], dtype=tf.float32)\ntf.raw_ops.QuantizedInstanceNorm(x=x, x_min=x_min, x_max=x_max, output_range_given=output_range_given, given_y_min=given_y_min, given_y_max=given_y_max, variance_epsilon=variance_epsilon, min_separation=min_separation)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [785d67a78a1d533759fcd2f5e8d6ef778de849e0](https://github.com/tensorflow/tensorflow/commit/785d67a78a1d533759fcd2f5e8d6ef778de849e0).\n\nThe fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Neophytos Christou, Secure Systems Labs, Brown University.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-09-16T22:17:57.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g35r-369w-3fqp","https://github.com/tensorflow/tensorflow/commit/785d67a78a1d533759fcd2f5e8d6ef778de849e0","https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0","https://nvd.nist.gov/vuln/detail/CVE-2022-35970","https://github.com/advisories/GHSA-g35r-369w-3fqp"],"source_kind":"github","identifiers":["GHSA-g35r-369w-3fqp","CVE-2022-35970"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:57.984Z","updated_at":"2023-01-28T05:02:54.000Z","epss_percentage":0.00154,"epss_percentile":0.37223},{"uuid":"GSA_kwCzR0hTQS12NmgzLTM0OGctNmg1eM4AAu2r","url":"https://github.com/advisories/GHSA-v6h3-348g-6h5x","title":"TensorFlow vulnerable to segfault in `QuantizedAdd`","description":"### Impact\nIf `QuantizedAdd` is given `min_input` or `max_input` tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack.\n```python\nimport tensorflow as tf\n\nToutput = tf.qint32\nx = tf.constant(140, shape=[1], dtype=tf.quint8)\ny = tf.constant(26, shape=[10], dtype=tf.quint8)\nmin_x = tf.constant([], shape=[0], dtype=tf.float32)\nmax_x = tf.constant(0, shape=[], dtype=tf.float32)\nmin_y = tf.constant(0, shape=[], dtype=tf.float32)\nmax_y = tf.constant(0, shape=[], dtype=tf.float32)\ntf.raw_ops.QuantizedAdd(x=x, y=y, min_x=min_x, max_x=max_x, min_y=min_y, max_y=max_y, Toutput=Toutput)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [49b3824d83af706df0ad07e4e677d88659756d89](https://github.com/tensorflow/tensorflow/commit/49b3824d83af706df0ad07e4e677d88659756d89).\n\nThe fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Neophytos Christou, Secure Systems Labs, Brown University.","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-09-16T22:16:30.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v6h3-348g-6h5x","https://github.com/tensorflow/tensorflow/commit/49b3824d83af706df0ad07e4e677d88659756d89","https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0","https://nvd.nist.gov/vuln/detail/CVE-2022-35967","https://github.com/advisories/GHSA-v6h3-348g-6h5x"],"source_kind":"github","identifiers":["GHSA-v6h3-348g-6h5x","CVE-2022-35967"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:58.016Z","updated_at":"2023-01-28T05:02:54.000Z","epss_percentage":0.00154,"epss_percentile":0.37223},{"uuid":"GSA_kwCzR0hTQS12bTd4LTRxaGotcnJjcc4AAu2o","url":"https://github.com/advisories/GHSA-vm7x-4qhj-rrcq","title":"TensorFlow vulnerable to `CHECK` fail in `TensorListScatter` and `TensorListScatterV2`","description":"### Impact\nWhen `TensorListScatter` and `TensorListScatterV2` receive an `element_shape` of a rank greater than one, they give a `CHECK` fail that can trigger a denial of service attack.\n```python\nimport tensorflow as tf\narg_0=tf.random.uniform(shape=(2, 2, 2), dtype=tf.float16, maxval=None)\narg_1=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536)\narg_2=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536)\narg_3=''\ntf.raw_ops.TensorListScatter(tensor=arg_0, indices=arg_1, \nelement_shape=arg_2, name=arg_3)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [bb03fdf4aae944ab2e4b35c7daa051068a8b7f61](https://github.com/tensorflow/tensorflow/commit/bb03fdf4aae944ab2e4b35c7daa051068a8b7f61).\n\nThe fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by 刘力源, Information System \u0026 Security and Countermeasures Experiments Center, Beijing Institute of Technology.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-09-16T22:15:05.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vm7x-4qhj-rrcq","https://github.com/tensorflow/tensorflow/commit/bb03fdf4aae944ab2e4b35c7daa051068a8b7f61","https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0","https://nvd.nist.gov/vuln/detail/CVE-2022-35991","https://github.com/advisories/GHSA-vm7x-4qhj-rrcq"],"source_kind":"github","identifiers":["GHSA-vm7x-4qhj-rrcq","CVE-2022-35991"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:58.051Z","updated_at":"2023-01-28T05:02:54.000Z","epss_percentage":0.0016,"epss_percentile":0.37876},{"uuid":"GSA_kwCzR0hTQS1maGZjLTJxN3gtOTI5Zs4AAu2g","url":"https://github.com/advisories/GHSA-fhfc-2q7x-929f","title":"TensorFlow vulnerable to `CHECK` fail in `CollectiveGather`","description":"### Impact\nWhen `CollectiveGather` receives an scalar input `input`, it gives a `CHECK` fails that can be used to trigger a denial of service attack.\n```python\nimport tensorflow as tf\narg_0=1\narg_1=1\narg_2=1\narg_3=1\narg_4=(3, 3,3)\narg_5='auto'\narg_6=0\narg_7=''\ntf.raw_ops.CollectiveGather(input=arg_0, group_size=arg_1, group_key=arg_2,\n                            instance_key=arg_3, shape=arg_4,\n                            communication_hint=arg_5, timeout_seconds=arg_6, name=arg_7)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [c1f491817dec39a26be3c574e86a88c30f3c4770](https://github.com/tensorflow/tensorflow/commit/c1f491817dec39a26be3c574e86a88c30f3c4770).\n\nThe fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by 刘力源, Information System \u0026 Security and Countermeasures Experiments Center, Beijing Institute of Technology.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-09-16T22:11:58.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fhfc-2q7x-929f","https://github.com/tensorflow/tensorflow/commit/c1f491817dec39a26be3c574e86a88c30f3c4770","https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0","https://nvd.nist.gov/vuln/detail/CVE-2022-35994","https://github.com/advisories/GHSA-fhfc-2q7x-929f"],"source_kind":"github","identifiers":["GHSA-fhfc-2q7x-929f","CVE-2022-35994"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:58.122Z","updated_at":"2023-01-28T05:03:01.000Z","epss_percentage":0.00082,"epss_percentile":0.25022},{"uuid":"GSA_kwCzR0hTQS1jdjJwLTMydjMtdmh3cc4AAu2U","url":"https://github.com/advisories/GHSA-cv2p-32v3-vhwq","title":"TensorFlow vulnerable to `CHECK` fail in `RandomPoissonV2`","description":"### Impact\nWhen `RandomPoissonV2` receives large input shape and rates, it gives a `CHECK` fail that can trigger a denial of service attack.\n```python\nimport tensorflow as tf\narg_0=tf.random.uniform(shape=(4,), dtype=tf.int32, maxval=65536)\narg_1=tf.random.uniform(shape=(4, 4, 4, 4, 4), dtype=tf.float32, maxval=None)\narg_2=0\narg_3=0\narg_4=tf.int32\narg_5=None\ntf.raw_ops.RandomPoissonV2(shape=arg_0, rate=arg_1, seed=arg_2,\n                           seed2=arg_3, dtype=arg_4, name=arg_5)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [552bfced6ce4809db5f3ca305f60ff80dd40c5a3](https://github.com/tensorflow/tensorflow/commit/552bfced6ce4809db5f3ca305f60ff80dd40c5a3).\n\nThe fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by 刘力源, Information System \u0026 Security and Countermeasures Experiments Center, Beijing Institute of Technology.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-09-16T21:39:10.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cv2p-32v3-vhwq","https://github.com/tensorflow/tensorflow/commit/552bfced6ce4809db5f3ca305f60ff80dd40c5a3","https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0","https://nvd.nist.gov/vuln/detail/CVE-2022-36003","https://github.com/advisories/GHSA-cv2p-32v3-vhwq"],"source_kind":"github","identifiers":["GHSA-cv2p-32v3-vhwq","CVE-2022-36003"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:58.242Z","updated_at":"2023-01-28T05:03:02.000Z","epss_percentage":0.00151,"epss_percentile":0.36857},{"uuid":"GSA_kwCzR0hTQS03NjJoLXZwdnctM3JjeM4AAv-t","url":"https://github.com/advisories/GHSA-762h-vpvw-3rcx","title":"Overflow in `FusedResizeAndPadConv2D`","description":"### Impact\nWhen [`tf.raw_ops.FusedResizeAndPadConv2D`](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/conv_ops_fused_image_transform.cc) is given a large tensor shape, it overflows.\n```python\nimport tensorflow as tf\n\nmode = \"REFLECT\"\nstrides = [1, 1, 1, 1]\npadding = \"SAME\"\nresize_align_corners = False\ninput = tf.constant(147, shape=[3,3,1,1], dtype=tf.float16)\nsize = tf.constant([1879048192,1879048192], shape=[2], dtype=tf.int32)\npaddings = tf.constant([3,4], shape=[2], dtype=tf.int32)\nfilter = tf.constant(123, shape=[1,3,4,1], dtype=tf.float16)\ntf.raw_ops.FusedResizeAndPadConv2D(input=input, size=size, paddings=paddings, filter=filter, mode=mode, strides=strides, padding=padding, resize_align_corners=resize_align_corners)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [d66e1d568275e6a2947de97dca7a102a211e01ce](https://github.com/tensorflow/tensorflow/commit/d66e1d568275e6a2947de97dca7a102a211e01ce).\n\nThe fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Neophytos Christou from the Secure Systems Lab (SSL) at Brown University.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-11-21T20:40:42.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-762h-vpvw-3rcx","https://nvd.nist.gov/vuln/detail/CVE-2022-41885","https://github.com/tensorflow/tensorflow/commit/d66e1d568275e6a2947de97dca7a102a211e01ce","https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/conv_ops_fused_image_transform.cc","https://github.com/advisories/GHSA-762h-vpvw-3rcx"],"source_kind":"github","identifiers":["GHSA-762h-vpvw-3rcx","CVE-2022-41885"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.4","vulnerable_version_range":"\u003c 2.7.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.4","vulnerable_version_range":"\u003c 2.7.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.4","vulnerable_version_range":"\u003c 2.7.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:50.088Z","updated_at":"2023-02-01T05:04:05.000Z","epss_percentage":0.00098,"epss_percentile":0.2843},{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTZxZ20tZnY2di1yZnB2","url":"https://github.com/advisories/GHSA-6qgm-fv6v-rfpv","title":"Overflow/denial of service in `tf.raw_ops.ReverseSequence`","description":"### Impact\nThe implementation of `tf.raw_ops.ReverseSequence` allows for stack overflow and/or `CHECK`-fail based denial of service.\n\n```python\nimport tensorflow as tf\n\ninput = tf.zeros([1, 1, 1], dtype=tf.int32)\nseq_lengths = tf.constant([0], shape=[1], dtype=tf.int32)\n\ntf.raw_ops.ReverseSequence(\n    input=input, seq_lengths=seq_lengths, seq_dim=-2, batch_dim=0)\n```\n\nThe [implementation](https://github.com/tensorflow/tensorflow/blob/5b3b071975e01f0d250c928b2a8f901cd53b90a7/tensorflow/core/kernels/reverse_sequence_op.cc#L114-L118) fails to validate that `seq_dim` and `batch_dim` arguments are valid.\n  \nNegative values for `seq_dim` can result in stack overflow or `CHECK`-failure, depending on the version of Eigen code used to implement the operation. Similar behavior can be exhibited by invalid values of `batch_dim`.\n  \n### Patches\nWe have patched the issue in GitHub commit [ecf768cbe50cedc0a45ce1ee223146a3d3d26d23](https://github.com/tensorflow/tensorflow/commit/ecf768cbe50cedc0a45ce1ee223146a3d3d26d23).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution \nThis vulnerability has been reported by Ying Wang and Yakun Zhang of Baidu X-Team.","origin":"UNSPECIFIED","severity":"LOW","published_at":"2021-05-21T14:26:13.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":2.0,"cvss_vector":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N","references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6qgm-fv6v-rfpv","https://nvd.nist.gov/vuln/detail/CVE-2021-29575","https://github.com/tensorflow/tensorflow/commit/ecf768cbe50cedc0a45ce1ee223146a3d3d26d23","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-503.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-701.yaml","https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-212.yaml","https://github.com/advisories/GHSA-6qgm-fv6v-rfpv"],"source_kind":"github","identifiers":["GHSA-6qgm-fv6v-rfpv","CVE-2021-29575"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":9.735582934691685,"packages":[{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.4.2","vulnerable_version_range":"\u003e= 2.4.0, \u003c 2.4.2"},{"first_patched_version":"2.3.3","vulnerable_version_range":"\u003e= 2.3.0, \u003c 2.3.3"},{"first_patched_version":"2.2.3","vulnerable_version_range":"\u003e= 2.2.0, \u003c 2.2.3"},{"first_patched_version":"2.1.4","vulnerable_version_range":"\u003c 2.1.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:13:02.982Z","updated_at":"2024-11-01T17:10:30.000Z","epss_percentage":0.00062,"epss_percentile":0.19545},{"uuid":"GSA_kwCzR0hTQS05OTQyLXIyMnYtNzhjcM4AAu25","url":"https://github.com/advisories/GHSA-9942-r22v-78cp","title":"TensorFlow vulnerable to `CHECK` fail in `LRNGrad`","description":"### Impact\nIf `LRNGrad` is given an `output_image` input tensor that is not 4-D, it results in a `CHECK` fail that can be used to trigger a denial of service attack.\n```python\nimport tensorflow as tf\ndepth_radius = 1\nbias = 1.59018219\nalpha = 0.117728651\nbeta = 0.404427052\ninput_grads = tf.random.uniform(shape=[4, 4, 4, 4], minval=-10000, maxval=10000, dtype=tf.float32, seed=-2033)\ninput_image = tf.random.uniform(shape=[4, 4, 4, 4], minval=-10000, maxval=10000, dtype=tf.float32, seed=-2033)\noutput_image = tf.random.uniform(shape=[4, 4, 4, 4, 4, 4], minval=-10000, maxval=10000, dtype=tf.float32, seed=-2033)\ntf.raw_ops.LRNGrad(input_grads=input_grads, input_image=input_image, output_image=output_image, depth_radius=depth_radius, bias=bias, alpha=alpha, beta=beta)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [bd90b3efab4ec958b228cd7cfe9125be1c0cf255](https://github.com/tensorflow/tensorflow/commit/bd90b3efab4ec958b228cd7cfe9125be1c0cf255).\n\nThe fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Di Jin, Secure Systems Labs, Brown University\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-09-16T22:29:52.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9942-r22v-78cp","https://github.com/tensorflow/tensorflow/commit/bd90b3efab4ec958b228cd7cfe9125be1c0cf255","https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0","https://nvd.nist.gov/vuln/detail/CVE-2022-35985","https://github.com/advisories/GHSA-9942-r22v-78cp"],"source_kind":"github","identifiers":["GHSA-9942-r22v-78cp","CVE-2022-35985"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:57.889Z","updated_at":"2023-01-28T05:02:55.000Z","epss_percentage":0.00161,"epss_percentile":0.38003},{"uuid":"GSA_kwCzR0hTQS1oNnEzLXZ2MzItMmNxNc4AAv-1","url":"https://github.com/advisories/GHSA-h6q3-vv32-2cq5","title":"Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite","description":"### Impact\nThe reference kernel of the [`CONV_3D_TRANSPOSE`](https://github.com/tensorflow/tensorflow/blob/091e63f0ea33def7ecad661a5ac01dcafbafa90b/tensorflow/lite/kernels/internal/reference/conv3d_transpose.h#L121) TensorFlow Lite operator wrongly increments the data_ptr when adding the bias to the result.\n\nInstead of `data_ptr += num_channels;` it should be `data_ptr += output_num_channels;` as if the number of input channels is different than the number of output channels, the wrong result will be returned and a buffer overflow will occur if num_channels \u003e output_num_channels.\n\nAn attacker can craft a model with a specific number of input channels in a way similar to the attached example script. It is then possible to write specific values through the bias of the layer outside the bounds of the buffer. This attack only works if the reference kernel resolver is used in the interpreter (i.e. `experimental_op_resolver_type=tf.lite.experimental.OpResolverType.BUILTIN_REF` is used).\n```python\nimport tensorflow as tf\nmodel = tf.keras.Sequential(\n    [\n        tf.keras.layers.InputLayer(input_shape=(2, 2, 2, 1024), batch_size=1),\n        tf.keras.layers.Conv3DTranspose(\n            filters=8,\n            kernel_size=(2, 2, 2),\n            padding=\"same\",\n            data_format=\"channels_last\",\n        ),\n    ]\n)\n\nconverter = tf.lite.TFLiteConverter.from_keras_model(model)\ntflite_model = converter.convert()\n\ninterpreter = tf.lite.Interpreter(\n    model_content=tflite_model,\n    experimental_op_resolver_type=tf.lite.experimental.OpResolverType.BUILTIN_REF,\n)\n\ninterpreter.allocate_tensors()\ninterpreter.set_tensor(\n    interpreter.get_input_details()[0][\"index\"], tf.zeros(shape=[1, 2, 2, 2, 1024])\n)\ninterpreter.invoke()\n```\n\n### Patches\nWe have patched the issue in GitHub commit [72c0bdcb25305b0b36842d746cc61d72658d2941](https://github.com/tensorflow/tensorflow/commit/72c0bdcb25305b0b36842d746cc61d72658d2941).\n\nThe fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Thibaut Goetghebuer-Planchon, Arm Ltd.\n","origin":"UNSPECIFIED","severity":"HIGH","published_at":"2022-11-21T20:44:24.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6q3-vv32-2cq5","https://nvd.nist.gov/vuln/detail/CVE-2022-41894","https://github.com/tensorflow/tensorflow/commit/72c0bdcb25305b0b36842d746cc61d72658d2941","https://github.com/tensorflow/tensorflow/blob/091e63f0ea33def7ecad661a5ac01dcafbafa90b/tensorflow/lite/kernels/internal/reference/conv3d_transpose.h#L121","https://github.com/advisories/GHSA-h6q3-vv32-2cq5"],"source_kind":"github","identifiers":["GHSA-h6q3-vv32-2cq5","CVE-2022-41894"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:50.020Z","updated_at":"2023-04-10T19:02:13.000Z","epss_percentage":0.00283,"epss_percentile":0.51436},{"uuid":"GSA_kwCzR0hTQS02eDk5LWd2MnYtcTc2ds4AAv-w","url":"https://github.com/advisories/GHSA-6x99-gv2v-q76v","title":"FPE in `tf.image.generate_bounding_box_proposals`","description":"### Impact\nWhen running on GPU, [`tf.image.generate_bounding_box_proposals`](https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/generate_box_proposals_op.cu.cc) receives a `scores` input that must be of rank 4 but is not checked.\n```python\nimport tensorflow as tf\n\na = tf.constant(value=[[1.0, 1.0], [1.0, 1.0], [1.0, 1.0], [1.0, 1.0]])\nb = tf.constant(value=[1])\n\ntf.image.generate_bounding_box_proposals(scores=a,bbox_deltas=a,image_info=a,anchors=a,pre_nms_topn=b)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [cf35502463a88ca7185a99daa7031df60b3c1c98](https://github.com/tensorflow/tensorflow/commit/cf35502463a88ca7185a99daa7031df60b3c1c98).\n\nThe fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Pattarakrit Rattankul.\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-11-21T20:41:45.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6x99-gv2v-q76v","https://nvd.nist.gov/vuln/detail/CVE-2022-41888","https://github.com/tensorflow/tensorflow/commit/cf35502463a88ca7185a99daa7031df60b3c1c98","https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/generate_box_proposals_op.cu.cc","https://github.com/advisories/GHSA-6x99-gv2v-q76v"],"source_kind":"github","identifiers":["GHSA-6x99-gv2v-q76v","CVE-2022-41888"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.10.1","vulnerable_version_range":"\u003e= 2.10.0, \u003c 2.10.1"},{"first_patched_version":"2.9.3","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.3"},{"first_patched_version":"2.8.4","vulnerable_version_range":"\u003c 2.8.4"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:50.064Z","updated_at":"2023-02-01T05:04:05.000Z","epss_percentage":0.00235,"epss_percentile":0.46395},{"uuid":"GSA_kwCzR0hTQS0zOTdjLTVnMmotcXhwds4AAu21","url":"https://github.com/advisories/GHSA-397c-5g2j-qxpv","title":"TensorFlow vulnerable to segfault in `SparseBincount`","description":"### Impact\nIf `SparseBincount` is given inputs for `indices`, `values`, and `dense_shape` that do not make a valid sparse tensor, it results in a segfault that can be used to trigger a denial of service attack.\n```python\nimport tensorflow as tf\nbinary_output = True\nindices = tf.random.uniform(shape=[], minval=-10000, maxval=10000, dtype=tf.int64, seed=-1288)\nvalues = tf.random.uniform(shape=[], minval=-10000, maxval=10000, dtype=tf.int32, seed=-9366)\ndense_shape = tf.random.uniform(shape=[0], minval=-10000, maxval=10000, dtype=tf.int64, seed=-9878)\nsize = tf.random.uniform(shape=[], minval=-10000, maxval=10000, dtype=tf.int32, seed=-10000)\nweights = tf.random.uniform(shape=[], minval=-10000, maxval=10000, dtype=tf.float32, seed=-10000)\ntf.raw_ops.SparseBincount(indices=indices, values=values, dense_shape=dense_shape, size=size, weights=weights, binary_output=binary_output)\n```\n\n### Patches\nWe have patched the issue in GitHub commit [40adbe4dd15b582b0210dfbf40c243a62f5119fa](https://github.com/tensorflow/tensorflow/commit/40adbe4dd15b582b0210dfbf40c243a62f5119fa).\n\nThe fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.\n\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n\n### Attribution\nThis vulnerability has been reported by Di Jin, Secure Systems Labs, Brown University\n","origin":"UNSPECIFIED","severity":"MODERATE","published_at":"2022-09-16T22:27:28.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://github.com/tensorflow/tensorflow/security/advisories/GHSA-397c-5g2j-qxpv","https://github.com/tensorflow/tensorflow/commit/40adbe4dd15b582b0210dfbf40c243a62f5119fa","https://github.com/tensorflow/tensorflow/releases/tag/v2.10.0","https://nvd.nist.gov/vuln/detail/CVE-2022-35982","https://github.com/advisories/GHSA-397c-5g2j-qxpv"],"source_kind":"github","identifiers":["GHSA-397c-5g2j-qxpv","CVE-2022-35982"],"repository_url":"https://github.com/tensorflow/tensorflow","blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-gpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow-cpu"},{"versions":[{"first_patched_version":"2.9.1","vulnerable_version_range":"\u003e= 2.9.0, \u003c 2.9.1"},{"first_patched_version":"2.8.1","vulnerable_version_range":"\u003e= 2.8.0, \u003c 2.8.1"},{"first_patched_version":"2.7.2","vulnerable_version_range":"\u003c 2.7.2"}],"ecosystem":"pypi","package_name":"tensorflow"}],"created_at":"2022-12-21T16:11:57.923Z","updated_at":"2023-01-28T05:02:55.000Z","epss_percentage":0.00165,"epss_percentile":0.38482}],"docker_usage_url":"https://docker.ecosyste.ms/usage/pypi/tensorflow","docker_dependents_count":2120,"docker_downloads_count":1113359952,"usage_url":"https://repos.ecosyste.ms/usage/pypi/tensorflow","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/pypi/tensorflow/dependencies","status":null,"funding_links":[],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/tensorflow/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/tensorflow/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/tensorflow/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages/tensorflow/related_packages","maintainers":[{"uuid":"tf-nightly","login":"tf-nightly","name":null,"email":null,"url":null,"packages_count":24,"html_url":"https://pypi.org/user/tf-nightly/","role":null,"created_at":"2022-11-16T20:38:13.290Z","updated_at":"2022-11-16T20:38:13.290Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/tf-nightly/packages"},{"uuid":"mihaimaruseac","login":"mihaimaruseac","name":null,"email":null,"url":null,"packages_count":12,"html_url":"https://pypi.org/user/mihaimaruseac/","role":null,"created_at":"2022-11-16T20:38:13.251Z","updated_at":"2022-11-16T20:38:13.251Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/mihaimaruseac/packages"},{"uuid":"rostam","login":"rostam","name":null,"email":null,"url":null,"packages_count":6,"html_url":"https://pypi.org/user/rostam/","role":null,"created_at":"2022-11-16T20:38:13.267Z","updated_at":"2022-11-16T20:38:13.267Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers/rostam/packages"}],"registry":{"name":"pypi.org","url":"https://pypi.org","ecosystem":"pypi","default":true,"packages_count":690449,"maintainers_count":292827,"namespaces_count":0,"keywords_count":228590,"github":"pypi","metadata":{"funded_packages_count":48950},"icon_url":"https://github.com/pypi.png","created_at":"2022-04-04T15:19:23.364Z","updated_at":"2025-06-06T05:32:09.692Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/pypi.org/namespaces"}},"unique_repositories_count":509,"unique_repositories_count_past_30_days":13,"recent_issues":[{"uuid":"4554039011","node_id":"PR_kwDOQ3fShs7g7Qds","number":1,"state":"open","title":"Bump the pip group across 2 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T09:53:07.000Z","updated_at":"2026-05-30T09:55:15.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":6,"packages":[{"name":"tensorflow","old_version":"2.4.1","new_version":"2.12.1","repository_url":"https://github.com/tensorflow/tensorflow"},{"name":"opencv-contrib-python","old_version":"4.1.2.30","new_version":"4.8.1.78","repository_url":"https://github.com/opencv/opencv-python"},{"name":"urllib3","old_version":"1.24.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"opencv-contrib-python","old_version":"4.5.5.64","new_version":"4.8.1.78","repository_url":"https://github.com/opencv/opencv-python"},{"name":"fonttools","old_version":"4.33.3","new_version":"4.60.2","repository_url":"https://github.com/fonttools/fonttools"},{"name":"pillow","old_version":"9.1.0","new_version":"12.2.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"protobuf","old_version":"3.20.1","new_version":"5.29.6","repository_url":"https://github.com/protocolbuffers/protobuf"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 3 updates in the /video-classification-and-human-activity-recognition directory: [tensorflow](https://github.com/tensorflow/tensorflow), [opencv-contrib-python](https://github.com/opencv/opencv-python) and [urllib3](https://github.com/urllib3/urllib3).\nBumps the pip group with 4 updates in the /zoom-gestures directory: [opencv-contrib-python](https://github.com/opencv/opencv-python), [fonttools](https://github.com/fonttools/fonttools), [pillow](https://github.com/python-pillow/Pillow) and [protobuf](https://github.com/protocolbuffers/protobuf).\n\nUpdates `tensorflow` from 2.4.1 to 2.12.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.12.1\u003c/h2\u003e\n\u003ch1\u003eRelease 2.12.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe use of the ambe config to build and test aarch64 is not needed. The ambe config will be removed in the future. Making cpu_arm64_pip.sh and cpu_arm64_nonpip.sh more similar for easier future maintenance.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTensorFlow 2.12.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.12.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eBuild, Compilation and Packaging\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved redundant packages \u003ccode\u003etensorflow-gpu\u003c/code\u003e and \u003ccode\u003etf-nightly-gpu\u003c/code\u003e. These packages were removed and replaced with packages that direct users to switch to \u003ccode\u003etensorflow\u003c/code\u003e or \u003ccode\u003etf-nightly\u003c/code\u003e respectively. Since TensorFlow 2.1, the only difference between these two sets of packages was their names, so there is no loss of functionality or GPU support. See \u003ca href=\"https://pypi.org/project/tensorflow-gpu\"\u003ehttps://pypi.org/project/tensorflow-gpu\u003c/a\u003e for more details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.function\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.function\u003c/code\u003e now uses the Python inspect library directly for parsing the signature of the Python function it is decorated on. This change may break code where the function signature is malformed, but was ignored previously, such as:\n\u003cul\u003e\n\u003cli\u003eUsing \u003ccode\u003efunctools.wraps\u003c/code\u003e on a function with different signature\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003efunctools.partial\u003c/code\u003e with an invalid \u003ccode\u003etf.function\u003c/code\u003e input\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.function\u003c/code\u003e now enforces input parameter names to be valid Python identifiers. Incompatible names are automatically sanitized similarly to existing SavedModel signature behavior.\u003c/li\u003e\n\u003cli\u003eParameterless \u003ccode\u003etf.function\u003c/code\u003es are assumed to have an empty \u003ccode\u003einput_signature\u003c/code\u003e instead of an undefined one even if the \u003ccode\u003einput_signature\u003c/code\u003e is unspecified.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.types.experimental.TraceType\u003c/code\u003e now requires an additional \u003ccode\u003eplaceholder_value\u003c/code\u003e method to be defined.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.function\u003c/code\u003e now traces with placeholder values generated by TraceType instead of the value itself.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eExperimental APIs \u003ccode\u003etf.config.experimental.enable_mlir_graph_optimization\u003c/code\u003e and \u003ccode\u003etf.config.experimental.disable_mlir_graph_optimization\u003c/code\u003e were removed.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport for Python 3.11 has been added.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport for Python 3.7 has been removed. We are not releasing any more patches for Python 3.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd 16-bit float type support for built-in op \u003ccode\u003efill\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eTranspose now supports 6D tensors.\u003c/li\u003e\n\u003cli\u003eFloat LSTM now supports diagonal recurrent tensors: \u003ca href=\"https://arxiv.org/abs/1903.08023\"\u003ehttps://arxiv.org/abs/1903.08023\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.experimental.dtensor\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCoordination service now works with \u003ccode\u003edtensor.initialize_accelerator_system\u003c/code\u003e, and enabled by default.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etf.experimental.dtensor.is_dtensor\u003c/code\u003e to check if a tensor is a DTensor instance.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.data\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for alternative checkpointing protocol which makes it possible to checkpoint the state of the input pipeline without having to store the contents of internal buffers. The new functionality can be enabled through the \u003ccode\u003eexperimental_symbolic_checkpoint\u003c/code\u003e option of \u003ccode\u003etf.data.Options()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded a new \u003ccode\u003ererandomize_each_iteration\u003c/code\u003e argument for the \u003ccode\u003etf.data.Dataset.random()\u003c/code\u003e operation, which controls whether the sequence of generated random numbers should be re-randomized every epoch or not (the default behavior). If \u003ccode\u003eseed\u003c/code\u003e is set and \u003ccode\u003ererandomize_each_iteration=True\u003c/code\u003e, the \u003ccode\u003erandom()\u003c/code\u003e operation will produce a different (deterministic) sequence of numbers every epoch.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.12.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe use of the ambe config to build and test aarch64 is not needed. The ambe config will be removed in the future. Making cpu_arm64_pip.sh and cpu_arm64_nonpip.sh more similar for easier future maintenance.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.12.0\u003c/h1\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eBuild, Compilation and Packaging\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved redundant packages \u003ccode\u003etensorflow-gpu\u003c/code\u003e and \u003ccode\u003etf-nightly-gpu\u003c/code\u003e. These packages were removed and replaced with packages that direct users to switch to \u003ccode\u003etensorflow\u003c/code\u003e or \u003ccode\u003etf-nightly\u003c/code\u003e respectively. Since TensorFlow 2.1, the only difference between these two sets of packages was their names, so there is no loss of functionality or GPU support. See \u003ca href=\"https://pypi.org/project/tensorflow-gpu\"\u003ehttps://pypi.org/project/tensorflow-gpu\u003c/a\u003e for more details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.function\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.function\u003c/code\u003e now uses the Python inspect library directly for parsing the signature of the Python function it is decorated on. This change may break code where the function signature is malformed, but was ignored previously, such as:\n\u003cul\u003e\n\u003cli\u003eUsing \u003ccode\u003efunctools.wraps\u003c/code\u003e on a function with different signature\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003efunctools.partial\u003c/code\u003e with an invalid \u003ccode\u003etf.function\u003c/code\u003e input\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.function\u003c/code\u003e now enforces input parameter names to be valid Python identifiers. Incompatible names are automatically sanitized similarly to existing SavedModel signature behavior.\u003c/li\u003e\n\u003cli\u003eParameterless \u003ccode\u003etf.function\u003c/code\u003es are assumed to have an empty \u003ccode\u003einput_signature\u003c/code\u003e instead of an undefined one even if the \u003ccode\u003einput_signature\u003c/code\u003e is unspecified.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.types.experimental.TraceType\u003c/code\u003e now requires an additional \u003ccode\u003eplaceholder_value\u003c/code\u003e method to be defined.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.function\u003c/code\u003e now traces with placeholder values generated by TraceType instead of the value itself.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eExperimental APIs \u003ccode\u003etf.config.experimental.enable_mlir_graph_optimization\u003c/code\u003e and \u003ccode\u003etf.config.experimental.disable_mlir_graph_optimization\u003c/code\u003e were removed.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport for Python 3.11 has been added.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport for Python 3.7 has been removed. We are not releasing any more patches for Python 3.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd 16-bit float type support for built-in op \u003ccode\u003efill\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eTranspose now supports 6D tensors.\u003c/li\u003e\n\u003cli\u003eFloat LSTM now supports diagonal recurrent tensors: \u003ca href=\"https://arxiv.org/abs/1903.08023\"\u003ehttps://arxiv.org/abs/1903.08023\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.experimental.dtensor\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCoordination service now works with \u003ccode\u003edtensor.initialize_accelerator_system\u003c/code\u003e, and enabled by default.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etf.experimental.dtensor.is_dtensor\u003c/code\u003e to check if a tensor is a DTensor instance.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.data\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for alternative checkpointing protocol which makes it possible to checkpoint the state of the input pipeline without having to store the contents of internal buffers. The new functionality can be enabled through the \u003ccode\u003eexperimental_symbolic_checkpoint\u003c/code\u003e option of \u003ccode\u003etf.data.Options()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded a new \u003ccode\u003ererandomize_each_iteration\u003c/code\u003e argument for the \u003ccode\u003etf.data.Dataset.random()\u003c/code\u003e operation, which controls whether the sequence of generated random numbers should be re-randomized every epoch or not (the default behavior). If \u003ccode\u003eseed\u003c/code\u003e is set and \u003ccode\u003ererandomize_each_iteration=True\u003c/code\u003e, the \u003ccode\u003erandom()\u003c/code\u003e operation will produce a different (deterministic) sequence of numbers every epoch.\u003c/li\u003e\n\u003cli\u003eAdded a new \u003ccode\u003ererandomize_each_iteration\u003c/code\u003e argument for the \u003ccode\u003etf.data.Dataset.sample_from_datasets()\u003c/code\u003e operation, which controls whether the sequence of generated random numbers used for sampling should be re-randomized every epoch or not. If \u003ccode\u003eseed\u003c/code\u003e is set and \u003ccode\u003ererandomize_each_iteration=True\u003c/code\u003e, the \u003ccode\u003esample_from_datasets()\u003c/code\u003e operation will use a different (deterministic) sequence of numbers every epoch.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.test\u003c/code\u003e:\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/8e2b6655c0c488290179ab90a0daed0f6d3006f7\"\u003e\u003ccode\u003e8e2b665\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/61094\"\u003e#61094\u003c/a\u003e from tensorflow/venkat-patch-444\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/02478f09201719a94c7eb01a0e280b65d8fff261\"\u003e\u003ccode\u003e02478f0\u003c/code\u003e\u003c/a\u003e Fix unit test failure caused by numpy update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cd9b4143cb19335fdbd06aa6ecc3ecdae474fb8\"\u003e\u003ccode\u003e2cd9b41\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/61082\"\u003e#61082\u003c/a\u003e from tensorflow/venkat-patch-333\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/7995c95fb197f11dcf4635a719668e10f9700c38\"\u003e\u003ccode\u003e7995c95\u003c/code\u003e\u003c/a\u003e Updating Simplified retry logic to DNS cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/29479edb66c12159ef6a1ecf6af6fbd665a1c9f6\"\u003e\u003ccode\u003e29479ed\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/60872\"\u003e#60872\u003c/a\u003e from tensorflow/r2.12-c45a6c0b1cb\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/e76a9332a2801fdabc4c5692b389c708fa79d8e0\"\u003e\u003ccode\u003ee76a933\u003c/code\u003e\u003c/a\u003e Simplified retry logic to DNS cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/76addf724a4794222e780542180dc32747d04aa2\"\u003e\u003ccode\u003e76addf7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/60850\"\u003e#60850\u003c/a\u003e from elfringham/non_pip_fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/05987a86af6544e8a93182c7f898465a87066a57\"\u003e\u003ccode\u003e05987a8\u003c/code\u003e\u003c/a\u003e [Linaro:ARM_CI] Fix permissions for running nonpip tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/23724d2f60835df36f0cfe8b78f9d2c6e8085663\"\u003e\u003ccode\u003e23724d2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/60842\"\u003e#60842\u003c/a\u003e from elfringham/r2.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/496730b8b5007e1cea0b609a3de45e5082dcd685\"\u003e\u003ccode\u003e496730b\u003c/code\u003e\u003c/a\u003e Limit typing_extensions to less than 4.6.0 until it works\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.4.1...v2.12.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `opencv-contrib-python` from 4.1.2.30 to 4.8.1.78\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/opencv/opencv-python/releases\"\u003eopencv-contrib-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.8.1.78\u003c/h2\u003e\n\u003cp\u003eOpenCV 4.8.1 release.\u003c/p\u003e\n\u003cp\u003eImportant changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWebP security update for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2023-4863\"\u003eCVE-2023-4863\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.8.0.76\u003c/h2\u003e\n\u003cp\u003eAdds cv2.typing to package. Close \u003ca href=\"https://redirect.github.com/opencv/opencv-python/issues/869\"\u003e#869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.8.0.74\u003c/h2\u003e\n\u003cp\u003eImportant changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/20370\"\u003e#20370\u003c/a\u003e Python typing stubs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23350\"\u003e#23350\u003c/a\u003e Fix reference counting errors in registerNewType.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23399\"\u003e#23399\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23436\"\u003e#23436\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23138\"\u003e#23138\u003c/a\u003e Fixed ChAruco and diamond boards detector bindings.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23371\"\u003e#23371\u003c/a\u003e Added bindings to allow GpuMat and Stream objects to be initialized from memory initialized in other libraries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23691\"\u003e#23691\u003c/a\u003e np.float16 support.\u003c/li\u003e\n\u003cli\u003ePython bindings for RotatedRect, CV_MAKETYPE, CV_8UC(n).\u003c/li\u003e\n\u003cli\u003eSeveral build fixes for OpenCV-Python package\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0.72\u003c/h2\u003e\n\u003cp\u003eOpenCV 4.7.0 with various distribution bug fixes.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMac OS 11 support.\u003c/li\u003e\n\u003cli\u003eOld Linux support with zlib version older than 1.9.\u003c/li\u003e\n\u003cli\u003ePackage build fixes for Python 11 on Musl C based system (Alpine).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0.70\u003c/h2\u003e\n\u003cp\u003eOpenCV 4.7.0 with various distribution bug fixes.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMac OS 11 support.\u003c/li\u003e\n\u003cli\u003eOld Linux support with zlib version older than 1.9.\u003c/li\u003e\n\u003cli\u003ePackage build fixes for Python 11 on Musl C based system (Alpine).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0.68\u003c/h2\u003e\n\u003cp\u003eopencv-python: \u003ca href=\"https://pypi.org/project/opencv-python/\"\u003ehttps://pypi.org/project/opencv-python/\u003c/a\u003e\nopencv-contrib-python: \u003ca href=\"https://pypi.org/project/opencv-contrib-python/\"\u003ehttps://pypi.org/project/opencv-contrib-python/\u003c/a\u003e\nopencv-python-headless: \u003ca href=\"https://pypi.org/project/opencv-python-headless/\"\u003ehttps://pypi.org/project/opencv-python-headless/\u003c/a\u003e\nopencv-contrib-python-headless: \u003ca href=\"https://pypi.org/project/opencv-contrib-python-headless/\"\u003ehttps://pypi.org/project/opencv-contrib-python-headless/\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/opencv/opencv/releases/tag/4.7.0\"\u003eOpenCV 4.7.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated third-party libraries to fix potential vulnerabilities.\u003c/li\u003e\n\u003cli\u003eDropped Python 3.6 support.\u003c/li\u003e\n\u003cli\u003eAdded Python 3.11 support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.6.0.66\u003c/h2\u003e\n\u003cp\u003eopencv-python: \u003ca href=\"https://pypi.org/project/opencv-python/\"\u003ehttps://pypi.org/project/opencv-python/\u003c/a\u003e\nopencv-contrib-python: \u003ca href=\"https://pypi.org/project/opencv-contrib-python/\"\u003ehttps://pypi.org/project/opencv-contrib-python/\u003c/a\u003e\nopencv-python-headless: \u003ca href=\"https://pypi.org/project/opencv-python-headless/\"\u003ehttps://pypi.org/project/opencv-python-headless/\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/opencv/opencv-python/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.24.3 to 2.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.7.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cp\u003eAddressed high-severity security issues. Impact was limited to specific use cases detailed in the accompanying advisories; overall user exposure was estimated to be marginal.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDecompression-bomb safeguards of the streaming API were bypassed:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eWhen \u003ccode\u003eHTTPResponse.drain_conn()\u003c/code\u003e was called after the response had been read and decompressed partially. (Reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDuring the second \u003ccode\u003eHTTPResponse.read(amt=N)\u003c/code\u003e or \u003ccode\u003eHTTPResponse.stream(amt=N)\u003c/code\u003e call when the response was decompressed using the official \u003ca href=\"https://pypi.org/project/brotli/\"\u003eBrotli\u003c/a\u003e library. (Reported by \u003ca href=\"https://github.com/kimkou2024\"\u003e\u003ccode\u003e@​kimkou2024\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eSee GHSA-mf9v-mfxr-j63j for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTTP pools created using \u003ccode\u003eProxyManager.connection_from_url\u003c/code\u003e did not strip sensitive headers specified in \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e when redirecting to a different host. (GHSA-qccp-gfcp-xxvc reported by \u003ca href=\"https://github.com/christos-spearbit\"\u003e\u003ccode\u003e@​christos-spearbit\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUsed \u003ccode\u003eFutureWarning\u003c/code\u003e instead of \u003ccode\u003eDeprecationWarning\u003c/code\u003e for better visibility of existing deprecation notices. Rescheduled the removal of deprecated features to version 3.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3763\"\u003eurllib3/urllib3#3763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life Python 3.9. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3720\"\u003eurllib3/urllib3#3720\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life PyPy3.10. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4979\"\u003eurllib3/urllib3#4979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBumped the minimum supported pyOpenSSL version to 19.0.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3777\"\u003eurllib3/urllib3#3777\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read(amt=None)\u003c/code\u003e was ignoring decompressed data buffered from previous partial reads. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3636\"\u003eurllib3/urllib3#3636\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read()\u003c/code\u003e could cache only part of the response after a partial read when \u003ccode\u003ecache_content=True\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4967\"\u003eurllib3/urllib3#4967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.stream()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to handle \u003ccode\u003eamt=0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3793\"\u003eurllib3/urllib3#3793\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated \u003ccode\u003e_TYPE_BODY\u003c/code\u003e type alias to include missing \u003ccode\u003eIterable[str]\u003c/code\u003e, matching the documented and runtime behavior of chunked request bodies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3798\"\u003eurllib3/urllib3#3798\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eLocationParseError\u003c/code\u003e when paths resembling schemeless URIs were passed to \u003ccode\u003eHTTPConnectionPool.urlopen()\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3352\"\u003eurllib3/urllib3#3352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eBaseHTTPResponse.readinto()\u003c/code\u003e type annotation to accept \u003ccode\u003ememoryview\u003c/code\u003e in addition to \u003ccode\u003ebytearray\u003c/code\u003e, matching the \u003ccode\u003eio.RawIOBase.readinto\u003c/code\u003e contract and enabling use with \u003ccode\u003eio.BufferedReader\u003c/code\u003e without type errors. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3764\"\u003eurllib3/urllib3#3764\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.7.0 (2026-05-07)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cp\u003eAddressed high-severity security issues.\nImpact was limited to specific use cases detailed in the accompanying\nadvisories; overall user exposure was estimated to be marginal.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDecompression-bomb safeguards of the streaming API were bypassed:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eWhen \u003ccode\u003eHTTPResponse.drain_conn()\u003c/code\u003e was called after the response had been\nread and decompressed partially.\u003c/li\u003e\n\u003cli\u003eDuring the second \u003ccode\u003eHTTPResponse.read(amt=N)\u003c/code\u003e or\n\u003ccode\u003eHTTPResponse.stream(amt=N)\u003c/code\u003e call when the response was decompressed\nusing the official \u003ccode\u003eBrotli \u0026lt;https://pypi.org/project/brotli/\u0026gt;\u003c/code\u003e__ library.\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eSee \u003ccode\u003eGHSA-mf9v-mfxr-j63j \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j\u0026gt;\u003c/code\u003e__\nfor details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTTP pools created using \u003ccode\u003eProxyManager.connection_from_url\u003c/code\u003e did not strip\nsensitive headers specified in \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e when\nredirecting to a different host.\n(\u003ccode\u003eGHSA-qccp-gfcp-xxvc \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc\u0026gt;\u003c/code\u003e__)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUsed \u003ccode\u003eFutureWarning\u003c/code\u003e instead of \u003ccode\u003eDeprecationWarning\u003c/code\u003e for better\nvisibility of existing deprecation notices. Rescheduled the removal of\ndeprecated features to version 3.0.\n(\u003ccode\u003e[#3763](https://github.com/urllib3/urllib3/issues/3763) \u0026lt;https://github.com/urllib3/urllib3/issues/3763\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life Python 3.9.\n(\u003ccode\u003e[#3720](https://github.com/urllib3/urllib3/issues/3720) \u0026lt;https://github.com/urllib3/urllib3/issues/3720\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life PyPy3.10.\n(\u003ccode\u003e[#4979](https://github.com/urllib3/urllib3/issues/4979) \u0026lt;https://github.com/urllib3/urllib3/issues/4979\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eBumped the minimum supported pyOpenSSL version to 19.0.0.\n(\u003ccode\u003e[#3777](https://github.com/urllib3/urllib3/issues/3777) \u0026lt;https://github.com/urllib3/urllib3/issues/3777\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read(amt=None)\u003c/code\u003e was ignoring decompressed\ndata buffered from previous partial reads.\n(\u003ccode\u003e[#3636](https://github.com/urllib3/urllib3/issues/3636) \u0026lt;https://github.com/urllib3/urllib3/issues/3636\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read()\u003c/code\u003e could cache only part of the\nresponse after a partial read when \u003ccode\u003ecache_content=True\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9a950b92d999f906b6020bb2d1076ee56cddd5d2\"\u003e\u003ccode\u003e9a950b9\u003c/code\u003e\u003c/a\u003e Release 2.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/5ec0de499b9166ca71c65ab04f2a7e4eb0d66fcc\"\u003e\u003ccode\u003e5ec0de4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2bdcc44d1e163fb5cc48a8662425e35e15adfe6a\"\u003e\u003ccode\u003e2bdcc44\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f45b0df09d8620ac6ed0491eb9362c8c87b7bc2c\"\u003e\u003ccode\u003ef45b0df\u003c/code\u003e\u003c/a\u003e Fix a misleading example for \u003ccode\u003eProxyManager\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4970\"\u003e#4970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/577193ca029872384f82c133449e0935f6d8a64b\"\u003e\u003ccode\u003e577193c\u003c/code\u003e\u003c/a\u003e Switch to nightly PyPy3.11 in CI for now (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4984\"\u003e#4984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/e90af45bb006c3a452a3a21644a2681523f5c7fc\"\u003e\u003ccode\u003ee90af45\u003c/code\u003e\u003c/a\u003e Avoid infinite loop in \u003ccode\u003eHTTPResponse.read_chunked\u003c/code\u003e when \u003ccode\u003eamt=0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4974\"\u003e#4974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/67ed74fdaec6659a6534621ec8e3aaaa6f976210\"\u003e\u003ccode\u003e67ed74f\u003c/code\u003e\u003c/a\u003e Bump dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4972\"\u003e#4972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/3abd481097b54d87b574ac7ea593c3f40938a84d\"\u003e\u003ccode\u003e3abd481\u003c/code\u003e\u003c/a\u003e Upgrade mypy to version 1.20.2 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4978\"\u003e#4978\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2b8725dfcac4f21d4d93cc0cc3a64a33af08f890\"\u003e\u003ccode\u003e2b8725d\u003c/code\u003e\u003c/a\u003e Drop support for EOL PyPy3.10 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4979\"\u003e#4979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2944b2a0a6c573f5548a39cfd17196f98ee21b33\"\u003e\u003ccode\u003e2944b2a\u003c/code\u003e\u003c/a\u003e Upgrade \u003ccode\u003esetup-chrome\u003c/code\u003e and \u003ccode\u003esetup-firefox\u003c/code\u003e to fix warnings (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4973\"\u003e#4973\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.24.3...2.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `opencv-contrib-python` from 4.5.5.64 to 4.8.1.78\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/opencv/opencv-python/releases\"\u003eopencv-contrib-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.8.1.78\u003c/h2\u003e\n\u003cp\u003eOpenCV 4.8.1 release.\u003c/p\u003e\n\u003cp\u003eImportant changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWebP security update for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2023-4863\"\u003eCVE-2023-4863\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.8.0.76\u003c/h2\u003e\n\u003cp\u003eAdds cv2.typing to package. Close \u003ca href=\"https://redirect.github.com/opencv/opencv-python/issues/869\"\u003e#869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.8.0.74\u003c/h2\u003e\n\u003cp\u003eImportant changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/20370\"\u003e#20370\u003c/a\u003e Python typing stubs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23350\"\u003e#23350\u003c/a\u003e Fix reference counting errors in registerNewType.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23399\"\u003e#23399\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23436\"\u003e#23436\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23138\"\u003e#23138\u003c/a\u003e Fixed ChAruco and diamond boards detector bindings.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23371\"\u003e#23371\u003c/a\u003e Added bindings to allow GpuMat and Stream objects to be initialized from memory initialized in other libraries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23691\"\u003e#23691\u003c/a\u003e np.float16 support.\u003c/li\u003e\n\u003cli\u003ePython bindings for RotatedRect, CV_MAKETYPE, CV_8UC(n).\u003c/li\u003e\n\u003cli\u003eSeveral build fixes for OpenCV-Python package\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0.72\u003c/h2\u003e\n\u003cp\u003eOpenCV 4.7.0 with various distribution bug fixes.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMac OS 11 support.\u003c/li\u003e\n\u003cli\u003eOld Linux support with zlib version older than 1.9.\u003c/li\u003e\n\u003cli\u003ePackage build fixes for Python 11 on Musl C based system (Alpine).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0.70\u003c/h2\u003e\n\u003cp\u003eOpenCV 4.7.0 with various distribution bug fixes.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMac OS 11 support.\u003c/li\u003e\n\u003cli\u003eOld Linux support with zlib version older than 1.9.\u003c/li\u003e\n\u003cli\u003ePackage build fixes for Python 11 on Musl C based system (Alpine).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0.68\u003c/h2\u003e\n\u003cp\u003eopencv-python: \u003ca href=\"https://pypi.org/project/opencv-python/\"\u003ehttps://pypi.org/project/opencv-python/\u003c/a\u003e\nopencv-contrib-python: \u003ca href=\"https://pypi.org/project/opencv-contrib-python/\"\u003ehttps://pypi.org/project/opencv-contrib-python/\u003c/a\u003e\nopencv-python-headless: \u003ca href=\"https://pypi.org/project/opencv-python-headless/\"\u003ehttps://pypi.org/project/opencv-python-headless/\u003c/a\u003e\nopencv-contrib-python-headless: \u003ca href=\"https://pypi.org/project/opencv-contrib-python-headless/\"\u003ehttps://pypi.org/project/opencv-contrib-python-headless/\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/opencv/opencv/releases/tag/4.7.0\"\u003eOpenCV 4.7.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated third-party libraries to fix potential vulnerabilities.\u003c/li\u003e\n\u003cli\u003eDropped Python 3.6 support.\u003c/li\u003e\n\u003cli\u003eAdded Python 3.11 support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.6.0.66\u003c/h2\u003e\n\u003cp\u003eopencv-python: \u003ca href=\"https://pypi.org/project/opencv-python/\"\u003ehttps://pypi.org/project/opencv-python/\u003c/a\u003e\nopencv-contrib-python: \u003ca href=\"https://pypi.org/project/opencv-contrib-python/\"\u003ehttps://pypi.org/project/opencv-contrib-python/\u003c/a\u003e\nopencv-python-headless: \u003ca href=\"https://pypi.org/project/opencv-python-headless/\"\u003ehttps://pypi.org/project/opencv-python-headless/\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/opencv/opencv-python/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fonttools` from 4.33.3 to 4.60.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fonttools/fonttools/releases\"\u003efonttools's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.60.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBackport release\u003c/strong\u003e Same as 4.61.0 but without \u0026quot;Drop support for EOL Python 3.9\u0026quot; change to allow downstream projects still on Python 3.9 to avail of the security fix for CVE-2025-66034 (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3994\"\u003e#3994\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3999\"\u003e#3999\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[ufoLib] Reverted accidental method name change in \u003ccode\u003eUFOReader.getKerningGroupConversionRenameMaps\u003c/code\u003e\nthat broke compatibility with downstream projects like defcon (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3948\"\u003e#3948\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3947\"\u003e#3947\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/robotools/defcon/issues/478\"\u003erobotools/defcon#478\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[ufoLib] Added test coverage for \u003ccode\u003egetKerningGroupConversionRenameMaps\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3950\"\u003e#3950\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Don't try to subset BASE table; pass it through by default instead (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3949\"\u003e#3949\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Remove empty BaseRecord entries in MarkBasePos lookups (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3897\"\u003e#3897\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3892\"\u003e#3892\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Add pruning for MarkLigPos and MarkMarkPos lookups (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3946\"\u003e#3946\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Remove duplicate features when subsetting (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3945\"\u003e#3945\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[Docs] Added documentation for the visitor module (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3944\"\u003e#3944\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e[pointPen] Allow \u003ccode\u003ereverseFlipped\u003c/code\u003e parameter of \u003ccode\u003eDecomposingPointPen\u003c/code\u003e to take a \u003ccode\u003eReverseFlipped\u003c/code\u003e enum value to control whether/how to reverse contour direction of flipped components, in addition to the existing True/False. This allows to set \u003ccode\u003eReverseFlipped.ON_CURVE_FIRST\u003c/code\u003e to ensure that the decomposed outline starts with an on-curve point before being reversed, for better consistency with other segment-oriented contour transformations. The change is backward compatible, and the default behavior hasn't changed (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3934\"\u003e#3934\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[filterPen] Added \u003ccode\u003eContourFilterPointPen\u003c/code\u003e, base pen for buffered contour operations, and \u003ccode\u003eOnCurveStartPointPen\u003c/code\u003e filter to ensure contours start with an on-curve point (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3934\"\u003e#3934\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[cu2qu] Fixed difference in cython vs pure-python complex division by real number (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3930\"\u003e#3930\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[varLib.avar] Refactored and added some new sub-modules and scripts (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3926\"\u003e#3926\u003c/a\u003e).\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003evarLib.avar.build\u003c/code\u003e module to build avar (and a missing fvar) binaries into a possibly empty TTFont,\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003evarLib.avar.unbuild\u003c/code\u003e module to print a .designspace snippet that would generate the same avar binary,\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003evarLib.avar.map\u003c/code\u003e module to take TTFont and do the mapping, in user/normalized space,\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003evarLib.avar.plan\u003c/code\u003e module moved from \u003ccode\u003evarLib.avarPlanner\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe bare \u003ccode\u003efonttools varLib.avar\u003c/code\u003e script is deprecated, in favour of \u003ccode\u003efonttools varLib.avar.build\u003c/code\u003e (or \u003ccode\u003eunbuild\u003c/code\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[interpolatable] Clarify \u003ccode\u003elinear_sum_assignment\u003c/code\u003e backend options and minimal dependency usage (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3927\"\u003e#3927\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[post] Speed up \u003ccode\u003ebuild_psNameMapping\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3923\"\u003e#3923\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[ufoLib] Added typing annotations to fontTools.ufoLib (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3875\"\u003e#3875\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.59.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[varLib] Clear \u003ccode\u003eUSE_MY_METRICS\u003c/code\u003e component flags when inconsistent across masters (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3912\"\u003e#3912\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[varLib.instancer] Avoid negative advance width/height values when instatiating HVAR/VVAR, (unlikely in well-behaved fonts) (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3918\"\u003e#3918\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Fix shaping behaviour when pruning empty mark sets (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3915\"\u003e#3915\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/harfbuzz/harfbuzz/issues/5499\"\u003eharfbuzz/harfbuzz#5499\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[cu2qu] Fixed \u003ccode\u003edot()\u003c/code\u003e product of perpendicular vectors not always returning exactly 0.0 in all Python implementations (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3911\"\u003e#3911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[varLib.instancer] Implemented fully-instantiating \u003ccode\u003eavar2\u003c/code\u003e fonts (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3909\"\u003e#3909\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[feaLib] Allow float values in \u003ccode\u003eVariableScalar\u003c/code\u003e's axis locations (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3906\"\u003e#3906\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3907\"\u003e#3907\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[cu2qu] Handle special case in \u003ccode\u003ecalc_intersect\u003c/code\u003e for degenerate cubic curves where 3 to 4 control points are equal (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3904\"\u003e#3904\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.59.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[featureVars] Update OS/2.usMaxContext if possible after addFeatureVariationsRaw (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3894\"\u003e#3894\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[vhmtx] raise TTLibError('not enough data...') when hmtx/vmtx are truncated (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3843\"\u003e#3843\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3901\"\u003e#3901\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[feaLib] Combine duplicate features that have the same set of lookups regardless of the order in which those lookups are added to the feature (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3895\"\u003e#3895\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[varLib] Deprecate \u003ccode\u003evarLib.mutator\u003c/code\u003e in favor of \u003ccode\u003evarLib.instancer\u003c/code\u003e. The latter provides equivalent full (static font) instancing in addition to partial VF instancing.\u003cbr /\u003e\nCLI users should replace \u003ccode\u003efonttools varLib.mutator\u003c/code\u003e with \u003ccode\u003efonttools varLib.instancer\u003c/code\u003e. API users should migrate to \u003ccode\u003efontTools.varLib.instancer.instantiateVariableFont\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/2680\"\u003e#2680\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved hard-dependency on pyfilesystem2 (\u003ccode\u003efs\u003c/code\u003e package) from \u003ccode\u003efonttools[ufo]\u003c/code\u003e extra. This is replaced by the \u003ccode\u003efontTools.misc.filesystem\u003c/code\u003e package, a stdlib-only, drop-in replacement for the subset of the pyfilesystem2's API used by \u003ccode\u003efontTools.ufoLib\u003c/code\u003e. The latter should continue to work with the upstream \u003ccode\u003efs\u003c/code\u003e (we even test with/without). However, clients who wish to continue using \u003ccode\u003efs\u003c/code\u003e can do so by depending on it directly instead of via the \u003ccode\u003efonttools[ufo]\u003c/code\u003e extra (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3885\"\u003e#3885\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3620\"\u003e#3620\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[xmlWriter] Replace illegal XML characters (e.g. control or non-characters) with \u0026quot;?\u0026quot; when dumping to ttx (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3868\"\u003e#3868\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/71\"\u003e#71\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[varLib.hvar] Fixed vertical metrics fields copy/pasta error (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3884\"\u003e#3884\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eMicro optimizations in ttLib and sstruct modules (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3878\"\u003e#3878\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3879\"\u003e#3879\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[unicodedata] Add Garay script to RTL_SCRIPTS (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3882\"\u003e#3882\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fonttools/fonttools/blob/main/NEWS.rst\"\u003efonttools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.60.2 (released 2025-12-09)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBackport release\u003c/strong\u003e Same as 4.61.0 but without \u0026quot;Drop support for EOL Python 3.9\u0026quot; change to allow\ndownstream projects still on Python 3.9 to avail of the security fix for CVE-2025-66034 (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3994\"\u003e#3994\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3999\"\u003e#3999\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.61.0 (released 2025-11-28)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[varLib.main]: \u003cstrong\u003eSECURITY\u003c/strong\u003e Only use basename(vf.filename) to prevent path traversal attacks when\nrunning \u003ccode\u003efonttools varLib\u003c/code\u003e command, or code which invokes \u003ccode\u003efonttools.varLib.main()\u003c/code\u003e.\nFixes CVE-2025-66034, see:\n\u003ca href=\"https://github.com/fonttools/fonttools/security/advisories/GHSA-768j-98cg-p3fv\"\u003ehttps://github.com/fonttools/fonttools/security/advisories/GHSA-768j-98cg-p3fv\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e[feaLib] Sort BaseLangSysRecords by tag (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3986\"\u003e#3986\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDrop support for EOL Python 3.9 (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3982\"\u003e#3982\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[instancer] Support --remove-overlaps for fonts with CFF2 table (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3975\"\u003e#3975\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[CFF2ToCFF] Add --remove-overlaps option (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3976\"\u003e#3976\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[feaLib] Raise an error for rsub with NULL target (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3979\"\u003e#3979\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[bezierTools] Fix logic bug in curveCurveIntersections (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3963\"\u003e#3963\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[feaLib] Error when condition sets have the same name (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3958\"\u003e#3958\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[cu2qu.ufo] skip processing empty glyphs to support sparse kerning masters (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3956\"\u003e#3956\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[unicodedata] Update to Unicode 17. Require \u003ccode\u003eunicodedata2 \u0026gt;= 17.0.0\u003c/code\u003e when installed with 'unicode' extra.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.1 (released 2025-09-29)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[ufoLib] Reverted accidental method name change in \u003ccode\u003eUFOReader.getKerningGroupConversionRenameMaps\u003c/code\u003e\nthat broke compatibility with downstream projects like defcon (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3948\"\u003e#3948\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3947\"\u003e#3947\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/robotools/defcon/issues/478\"\u003erobotools/defcon#478\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[ufoLib] Added test coverage for \u003ccode\u003egetKerningGroupConversionRenameMaps\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3950\"\u003e#3950\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Don't try to subset BASE table; pass it through by default instead (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3949\"\u003e#3949\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Remove empty BaseRecord entries in MarkBasePos lookups (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3897\"\u003e#3897\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3892\"\u003e#3892\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Add pruning for MarkLigPos and MarkMarkPos lookups (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3946\"\u003e#3946\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Remove duplicate features when subsetting (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3945\"\u003e#3945\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[Docs] Added documentation for the visitor module (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3944\"\u003e#3944\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.0 (released 2025-09-17)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[pointPen] Allow \u003ccode\u003ereverseFlipped\u003c/code\u003e parameter of \u003ccode\u003eDecomposingPointPen\u003c/code\u003e to take a \u003ccode\u003eReverseFlipped\u003c/code\u003e\nenum value to control whether/how to reverse contour direction of flipped components, in addition to\nthe existing True/False. This allows to set \u003ccode\u003eReverseFlipped.ON_CURVE_FIRST\u003c/code\u003e to ensure that\nthe decomposed outline starts with an on-curve point before being reversed, for better consistency\nwith other segment-oriented contour transformations. The change is backward compatible, and the\ndefault behavior hasn't changed (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3934\"\u003e#3934\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[filterPen] Added \u003ccode\u003eContourFilterPointPen\u003c/code\u003e, base pen for buffered contour operations, and\n\u003ccode\u003eOnCurveStartPointPen\u003c/code\u003e filter to ensure contours start with an on-curve point (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3934\"\u003e#3934\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[cu2qu] Fixed difference in cython vs pure-python complex division by real number (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3930\"\u003e#3930\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[varLib.avar] Refactored and added some new sub-modules and scripts (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3926\"\u003e#3926\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003evarLib.avar.build\u003c/code\u003e module to build avar (and a missing fvar) binaries into a possibly empty TTFont,\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003evarLib.avar.unbuild\u003c/code\u003e module to print a .designspace snippet that would generate the same avar binary,\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/78ba5e8bb4ccf65ef8077d81bc48450ccacf1728\"\u003e\u003ccode\u003e78ba5e8\u003c/code\u003e\u003c/a\u003e Release 4.60.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/c3f9979dbf278baf82beba675dda40c94f78c48e\"\u003e\u003ccode\u003ec3f9979\u003c/code\u003e\u003c/a\u003e macos-13 runner is no more, use macos-15-intel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/8016403e0ad4b7de00c0b48d30afa4de9d7a29e4\"\u003e\u003ccode\u003e8016403\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Merge pull request \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3982\"\u003e#3982\u003c/a\u003e from fonttools/drop-py39\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/e691e3bef9fc4e8096e4023ccacbc327d2569905\"\u003e\u003ccode\u003ee691e3b\u003c/code\u003e\u003c/a\u003e Release 4.61.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/c2d540f4ada946ea1ef97f898e0daa9601bc1019\"\u003e\u003ccode\u003ec2d540f\u003c/code\u003e\u003c/a\u003e Update NEWS.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/3859753a0511efc568d4d71c4933219c11b6207b\"\u003e\u003ccode\u003e3859753\u003c/code\u003e\u003c/a\u003e Update NEWS.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/26eb070a55c731d9828dddf5cb022e0d79e9af45\"\u003e\u003ccode\u003e26eb070\u003c/code\u003e\u003c/a\u003e black\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/5ff73af3265e0b5207c3a2870c9f0ccc8ee19d0f\"\u003e\u003ccode\u003e5ff73af\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/a696d5ba93270d5954f98e7cab5ddca8a02c1e32\"\u003e\u003ccode\u003ea696d5b\u003c/code\u003e\u003c/a\u003e varLib: only use the basename(vf.filename)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/b00bc459efac4d9d52a1eafa2cdd2c7ff503ced7\"\u003e\u003ccode\u003eb00bc45\u003c/code\u003e\u003c/a\u003e varLib_test: test path traversal in variable-font filename\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fonttools/fonttools/compare/4.33.3...4.60.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pillow` from 9.1.0 to 12.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/releases\"\u003epillow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e12.2.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html\"\u003ehttps://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 12.2.0 release notes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9522\"\u003e#9522\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd loader plugins: AMOS abk, Atari Degas, 40+ more obscure formats via Netpbm \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9482\"\u003e#9482\u003c/a\u003e [\u003ca href=\"https://github.com/bitplane\"\u003e\u003ccode\u003e@​bitplane\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate Python versions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9515\"\u003e#9515\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eJeffrey A. Clark -\u0026gt; Jeffrey 'Alex' Clark \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9513\"\u003e#9513\u003c/a\u003e [\u003ca href=\"https://github.com/aclark4life\"\u003e\u003ccode\u003e@​aclark4life\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd release notes for \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9394\"\u003e#9394\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9419\"\u003e#9419\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9456\"\u003e#9456\u003c/a\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9467\"\u003e#9467\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd Amiga Workbench .info loader to 3rd party plugins list \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9459\"\u003e#9459\u003c/a\u003e [\u003ca href=\"https://github.com/bitplane\"\u003e\u003ccode\u003e@​bitplane\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eMerge PFM documentation into PPM \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9434\"\u003e#9434\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate macOS tested Pillow versions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9431\"\u003e#9431\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix CVE number \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9430\"\u003e#9430\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDependencies\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate xz to 5.8.3 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9523\"\u003e#9523\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate libjpeg-turbo to 3.1.4.1 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9507\"\u003e#9507\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate libpng to 1.6.56 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9499\"\u003e#9499\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate freetype to 2.14.3 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9485\"\u003e#9485\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdated libavif to 1.4.1 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9479\"\u003e#9479\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdated harfbuzz to 13.2.1 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9461\"\u003e#9461\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate Ghostscript to 10.7.0 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9469\"\u003e#9469\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate harfbuzz to 13.0.1 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9453\"\u003e#9453\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate libavif to 1.4.0 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9460\"\u003e#9460\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate freetype to 2.14.2 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9449\"\u003e#9449\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate actions/download-artifact action to v8 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9451\"\u003e#9451\u003c/a\u003e [@\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdated libpng to 1.6.55 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9425\"\u003e#9425\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTesting\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleanup .spider extension in the same test where it is added \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9517\"\u003e#9517\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRun tests in parallel via tox for 3.5x speedup \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9516\"\u003e#9516\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eEnable colour in CI logs \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9486\"\u003e#9486\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate Ghostscript to 10.7.0 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9469\"\u003e#9469\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eSimplify TGA test code \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9477\"\u003e#9477\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate tests to check for ValueError when encoding an empty image \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9464\"\u003e#9464\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpgrade CI from \u003ccode\u003emacos-15-intel\u003c/code\u003e to \u003ccode\u003emacos-26-intel\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9454\"\u003e#9454\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd check-case-conflict hook \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9446\"\u003e#9446\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eSpecify platform when pulling docker image \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9440\"\u003e#9440\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eGHA: Cache libavif and webp builds for Ubuntu \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9437\"\u003e#9437\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate macOS tested Pillow versions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9431\"\u003e#9431\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck calloc return value \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9527\"\u003e#9527\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eCheck all allocs in the Arrow tree \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9488\"\u003e#9488\u003c/a\u003e [\u003ca href=\"https://github.com/wiredfool\"\u003e\u003ccode\u003e@​wiredfool\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eReject non-numeric elements inside list coords \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9526\"\u003e#9526\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eMove variable declaration inside define \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9525\"\u003e#9525\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst\"\u003epillow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog (Pillow)\u003c/h1\u003e\n\u003ch2\u003e11.1.0 and newer\u003c/h2\u003e\n\u003cp\u003eSee GitHub Releases:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/releases\"\u003ehttps://github.com/python-pillow/Pillow/releases\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0.0 (2024-10-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate licence to MIT-CMU \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8460\"\u003e#8460\u003c/a\u003e\n[hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eConditionally define ImageCms type hint to avoid requiring core \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8197\"\u003e#8197\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport writing LONG8 offsets in AppendingTiffWriter \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8417\"\u003e#8417\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse ImageFile.MAXBLOCK when saving TIFF images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8461\"\u003e#8461\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not close provided file handles with libtiff when saving \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8458\"\u003e#8458\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport ImageFilter.BuiltinFilter for I;16* images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8438\"\u003e#8438\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse ImagingCore.ptr instead of ImagingCore.id \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8341\"\u003e#8341\u003c/a\u003e\n[homm, radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated EPS mode when opening images without transparency \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8281\"\u003e#8281\u003c/a\u003e\n[Yay295, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse transparency when combining P frames from APNGs \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8443\"\u003e#8443\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport all resampling filters when resizing I;16* images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8422\"\u003e#8422\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFree memory on early return \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8413\"\u003e#8413\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCast int before potentially exceeding INT_MAX \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8402\"\u003e#8402\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/3c41c095064200a02672d89cc5ff629eaf4b0d4f\"\u003e\u003ccode\u003e3c41c09\u003c/code\u003e\u003c/a\u003e 12.2.0 version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/cdaa29eb520291c4f1fb50fb71ae46502d41e460\"\u003e\u003ccode\u003ecdaa29e\u003c/code\u003e\u003c/a\u003e Check calloc return value (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9527\"\u003e#9527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/585b2f5a780722c8a5bfffb3a40f7f42e8a205be\"\u003e\u003ccode\u003e585b2f5\u003c/code\u003e\u003c/a\u003e Check calloc return value\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/ecf011ea15991d4cebacd946e58270cc30b0f2c1\"\u003e\u003ccode\u003eecf011e\u003c/code\u003e\u003c/a\u003e Check all allocs in the Arrow tree (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9488\"\u003e#9488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/cf6de8ca9b23e714aa5310e1c791eda66fc0b670\"\u003e\u003ccode\u003ecf6de8c\u003c/code\u003e\u003c/a\u003e Reject non-numeric elements inside list coords (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9526\"\u003e#9526\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/ffdcede6516b28d9667c92929854023d17048b64\"\u003e\u003ccode\u003effdcede\u003c/code\u003e\u003c/a\u003e Update 12.2.0 release notes (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9522\"\u003e#9522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/7929d7760fe5a307ba5ae6eabdf70ae4486b147c\"\u003e\u003ccode\u003e7929d77\u003c/code\u003e\u003c/a\u003e Added security release notes (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/c4f7aa5dfb4dbd1242978ac235e01b9934ec6d3c\"\u003e\u003ccode\u003ec4f7aa5\u003c/code\u003e\u003c/a\u003e Added security release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/22cdb5f2e4b15250c06563b1124ac1667342712f\"\u003e\u003ccode\u003e22cdb5f\u003c/code\u003e\u003c/a\u003e Move variable declaration inside define (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9525\"\u003e#9525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/fc15b3b01899408ec989d7804c5283e13802d057\"\u003e\u003ccode\u003efc15b3b\u003c/code\u003e\u003c/a\u003e Resize tall images vertically first (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9524\"\u003e#9524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-pillow/Pillow/compare/9.1.0...12.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobuf` from 3.20.1 to 5.29.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protocolbuffers/protobuf/releases\"\u003eprotobuf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eProtocol Buffers v34.0-rc1\u003c/h2\u003e\n\u003ch1\u003eAnnouncements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThis version includes breaking changes to: C++, Objective-C, PHP, Python.\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003e[Bazel] Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Make generator headers private (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/3a2af3510f0d454dbe3e4dc281674b61c4d20b9e\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/3a2af3510f0d454dbe3e4dc281674b61c4d20b9e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Add a debug check that the target of CopyFrom is not a descendant of the source. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/7a7589823d2cfaaf7994b050e98d5d553bc9b1c1\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/7a7589823d2cfaaf7994b050e98d5d553bc9b1c1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Add [[nodiscard]] to many APIs. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/a70115f33f9af2c4b2202c800b84837e7fe0d738\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/a70115f33f9af2c4b2202c800b84837e7fe0d738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Make the arena-enabled constructors of \u003ccode\u003eRepeatedField\u003c/code\u003e, \u003ccode\u003eRepeatedPtrField\u003c/code\u003e, and \u003ccode\u003eMap\u003c/code\u003e private. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/ef890c3d0c79398c70e047fe5dd893f460ba2336\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/ef890c3d0c79398c70e047fe5dd893f460ba2336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Removes proto2::util::MessageDifferencer::AddIgnoreCriteria that takes a raw pointer as an argument in favor of the overload that takes a unique_ptr. Remove macro PROTOBUF_FUTURE_REMOVE_ADD_IGNORE_CRITERIA (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/b115358c64127896fed88b8b5ef5d91d86d8cbae\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/b115358c64127896fed88b8b5ef5d91d86d8cbae\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated FieldDescriptor::has_optional_keyword() in OSS. Use is_repeated() or has_presence() instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/68346ec9348e932664e58c3ecdcd1478f95233a8\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/68346ec9348e932664e58c3ecdcd1478f95233a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove AddUnusedImportTrackFile() and ClearUnusedImportTrackFiles(). Remove PROTOBUF_FUTURE_RENAME_ADD_UNUSED_IMPORT (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/837a2cd1d6c75402b2503ffe7cd8aeaf25868536\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/837a2cd1d6c75402b2503ffe7cd8aeaf25868536\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated FieldDescriptor::is_optional() in OSS. Use (!is_required() \u0026amp;\u0026amp; !is_repeated()) instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/9dbc5d479a8e453921485d8d3de47fb3c005f1af\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/9dbc5d479a8e453921485d8d3de47fb3c005f1af\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] All entity names have length limit (2afb0dc)\u003c/li\u003e\n\u003cli\u003e[ObjC] Remove \u003ccode\u003egenerate_minimal_imports\u003c/code\u003e generation option warning (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/45b1297fdaad5a9436d0e207422168c38dc45ac4\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/45b1297fdaad5a9436d0e207422168c38dc45ac4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[ObjC] Fix nullability annotations on some \u003ccode\u003eGPB*Dictionary\u003c/code\u003e types. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/ea67d6d26a48478a567c404679e3bb99cf230d50\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/ea67d6d26a48478a567c404679e3bb99cf230d50\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[ObjC] Remove \u003ccode\u003e-[GPBFieldDescriptor optional]\u003c/code\u003e (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/3414dc151eb4dcbdb2ca952e2589993bf7af75c4\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/3414dc151eb4dcbdb2ca952e2589993bf7af75c4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Other] Remove deprecated flag for enabling MSVC support (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/97c979be6e0907e1051bee62584dac4594e73fa7\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/97c979be6e0907e1051bee62584dac4594e73fa7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP] Remove deprecated PHP APIs (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/9c45014099a4f7004fab6dd1278de2f4f2a393c5\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/9c45014099a4f7004fab6dd1278de2f4f2a393c5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP] Remove deprecated PHP APIs FieldDescriptor getLabel, use IsRepeated or isRequired instead. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\u003c/a\u003e, \u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/cd76e675b14d00dda5623b30835d2bc7105fccc6\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/cd76e675b14d00dda5623b30835d2bc7105fccc6\u003c/a\u003e, \u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP]  Add PHP typehints for setters and remove redundant GPBUtil checks (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/pull/25296\"\u003eprotocolbuffers/protobuf#25296\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/aee03b78929c02461a5f9d8e136a2a016359b0cd\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/aee03b78929c02461a5f9d8e136a2a016359b0cd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP]  support default values for editions/proto2 (\u003ca href=\"https://redirect.github.com/protocolbuffer...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpgrade key dependencies in `video-classification-and-human-activity-recognition` and `zoom-gestures` to pick up security fixes and modern Python support. Biggest changes: `tensorflow` to 2.12.1 and `opencv-contrib-python` to 4.8.1.78.\n\n- **Dependencies**\n  - `/video-classification-and-human-activity-recognition`: `tensorflow` 2.4.1 → 2.12.1, `opencv-contrib-python` 4.1.2.30 → 4.8.1.78, `urllib3` 1.24.3 → 2.7.0\n  - `/zoom-gestures`: `opencv-contrib-python` 4.5.5.64 → 4.8.1.78, `fonttools` 4.33.3 → 4.60.2, `Pillow` 9.1.0 → 12.2.0, `protobuf` 3.20.1 → 5.29.6\n\n- **Migration**\n  - Use Python 3.10+ (due to `urllib3` 2.7) and not 3.7 (dropped by `tensorflow` 2.12).\n  - Verify `numpy` pin meets `tensorflow` 2.12 requirements; update if needed.\n  - Recreate venv and reinstall deps; test training/inference and gesture pipeline for API changes.\n\n\u003csup\u003eWritten for commit 5a13bace6abf604f79fb1422899a04f8555998b1. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/EmilynnJ/learnopencv/pull/1?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n\n\n\u003c!-- Macroscope's pull request summary starts here --\u003e\n\u003c!-- Macroscope will only edit the content between these invisible markers, and the markers themselves will not be visible in the GitHub rendered markdown. --\u003e\n\u003c!-- If you delete either of the start / end markers from your PR's description, Macroscope will append its summary at the bottom of the description. --\u003e\n\u003e [!NOTE]\n\u003e ### Bump pip dependencies in video-classification and zoom-gestures projects\n\u003e - Updates [video-classification requirements](https://github.com/EmilynnJ/learnopencv/pull/1/files#diff-dd98c7a537bd3d9c2b899c36cb5a9ef59f71d552353709b755e3a2846d0ef4c4): `tensorflow` 2.4.1→2.12.1, `opencv-contrib-python` 4.1.2.30→4.8.1.78, `urllib3` 1.24.3→2.7.0\n\u003e - Updates [zoom-gestures requirements](https://github.com/EmilynnJ/learnopencv/pull/1/files#diff-44626a878ca157683a7f70cc3375ca97e388cc8241f1b1911cb85e2b984bd449): `fonttools` 4.33.3→4.60.2, `opencv-contrib-python` 4.5.5.64→4.8.1.78, `Pillow` 9.1.0→12.2.0, `protobuf` 3.20.1→5.29.6\n\u003e - Risk: `tensorflow` and `protobuf` are major version bumps and may introduce breaking API changes\n\u003e\n\u003e \u003c!-- Macroscope's review summary starts here --\u003e\n\u003e\n\u003e \u003csup\u003e\u003ca href=\"https://app.macroscope.com\"\u003eMacroscope\u003c/a\u003e summarized 5a13bac.\u003c/sup\u003e\n\u003e \u003c!-- Macroscope's review summary ends here --\u003e\n\u003e\n\u003c!-- macroscope-ui-refresh --\u003e\n\u003c!-- Macroscope's pull request summary ends here --\u003e","html_url":"https://github.com/EmilynnJ/learnopencv/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EmilynnJ%2Flearnopencv/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"},{"uuid":"4514375707","node_id":"PR_kwDOPUoCBs7e6QSD","number":14,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T04:57:10.000Z","updated_at":"2026-05-25T04:57:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Scorbinwen/SODO/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Scorbinwen%2FSODO/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"},{"uuid":"4514374384","node_id":"PR_kwDOO8P66c7e6QAQ","number":25,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T04:56:49.000Z","updated_at":"2026-05-25T04:57:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DDy0193/ImproveYolo/pull/25","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DDy0193%2FImproveYolo/issues/25","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/25/packages"},{"uuid":"4506566511","node_id":"PR_kwDOSlaxQ87eis5f","number":22,"state":"open","title":"Update tensorflow requirement from \u003c2.21.0,\u003e=2.5 to \u003e=2.5,\u003c2.22.0 in /tests","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T02:34:46.000Z","updated_at":"2026-05-23T02:34:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c2.21.0,\u003e=2.5","new_version":"\u003e=2.5,\u003c2.22.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":"/tests","ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.21.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a481b10260dfdf833a1b16007eead49c1d7febf3\"\u003e\u003ccode\u003ea481b10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111627\"\u003e#111627\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.21.0-25481\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a8f642e88e001734075133f9576ffd253b9eacc3\"\u003e\u003ccode\u003ea8f642e\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/3c51664da546f2e7741ad27e98f8dd22dbbf86f9\"\u003e\u003ccode\u003e3c51664\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111517\"\u003e#111517\u003c/a\u003e from tejaswin432/r2.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/460d178dda3124806d534ec0fb5e3d0830319628\"\u003e\u003ccode\u003e460d178\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9e2628c11188f4b1f4361ff08e1de198d13cadb1\"\u003e\u003ccode\u003e9e2628c\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/00a1ba7b4fd31bf1c75482bfff620a1cf21c5815\"\u003e\u003ccode\u003e00a1ba7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111234\"\u003e#111234\u003c/a\u003e from psamanoelton/remove_tb_nigthly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/41beecf3ee272e928c59e53edfcd5d8b40bf7f2b\"\u003e\u003ccode\u003e41beecf\u003c/code\u003e\u003c/a\u003e Remove tb-nigthly and replace it with protobuf.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/01dec748b0d0daa3eb60a386b857519644fe15e2\"\u003e\u003ccode\u003e01dec74\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111216\"\u003e#111216\u003c/a\u003e from psamanoelton/remove_tb_dependency_partial_rol...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9657881d9689a4c06d334645932abff9d3481698\"\u003e\u003ccode\u003e9657881\u003c/code\u003e\u003c/a\u003e Partial rollback to resolve breakage.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/78d130aec00f8b4dbee85d3757ce32032ec7cbdd\"\u003e\u003ccode\u003e78d130a\u003c/code\u003e\u003c/a\u003e Remove TensorBoard dependency from TensorFlow build\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.5.0...v2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/nludd25/openvino/pull/22","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/nludd25%2Fopenvino/issues/22","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/22/packages"},{"uuid":"4506458677","node_id":"PR_kwDOSlZemc7eiXvW","number":6,"state":"open","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T01:50:51.000Z","updated_at":"2026-05-23T01:50:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/farhan-hafizh/yolov26-mod/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/farhan-hafizh%2Fyolov26-mod/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4483636341","node_id":"PR_kwDOSikqRs7dYcFg","number":6,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T06:04:57.000Z","updated_at":"2026-05-20T06:04:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/xuxuhanhanzi/Edge-symbol-obb/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/xuxuhanhanzi%2FEdge-symbol-obb/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4474126173","node_id":"PR_kwDOShe6sM7c5vyg","number":7,"state":"open","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-19T03:17:18.000Z","updated_at":"2026-05-19T03:17:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/zhangyinuo0430/Helmet/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/zhangyinuo0430%2FHelmet/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"},{"uuid":"4463193550","node_id":"PR_kwDOSf4owM7cXFK1","number":4,"state":"open","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-17T10:38:39.000Z","updated_at":"2026-05-17T10:38:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/myp-super/Boat_YOLO/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/myp-super%2FBoat_YOLO/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4459158364","node_id":"PR_kwDOSfBqOs7cLQio","number":7,"state":"open","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-16T07:47:07.000Z","updated_at":"2026-05-16T07:47:07.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/CyanLimerence/ultralytics-main/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyanLimerence%2Fultralytics-main/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"},{"uuid":"4458451033","node_id":"PR_kwDOSYtL2s7cJGTL","number":17,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.21.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-16T04:04:26.000Z","updated_at":"2026-05-16T04:04:26.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.21.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.21.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a481b10260dfdf833a1b16007eead49c1d7febf3\"\u003e\u003ccode\u003ea481b10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111627\"\u003e#111627\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.21.0-25481\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a8f642e88e001734075133f9576ffd253b9eacc3\"\u003e\u003ccode\u003ea8f642e\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/3c51664da546f2e7741ad27e98f8dd22dbbf86f9\"\u003e\u003ccode\u003e3c51664\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111517\"\u003e#111517\u003c/a\u003e from tejaswin432/r2.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/460d178dda3124806d534ec0fb5e3d0830319628\"\u003e\u003ccode\u003e460d178\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9e2628c11188f4b1f4361ff08e1de198d13cadb1\"\u003e\u003ccode\u003e9e2628c\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/00a1ba7b4fd31bf1c75482bfff620a1cf21c5815\"\u003e\u003ccode\u003e00a1ba7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111234\"\u003e#111234\u003c/a\u003e from psamanoelton/remove_tb_nigthly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/41beecf3ee272e928c59e53edfcd5d8b40bf7f2b\"\u003e\u003ccode\u003e41beecf\u003c/code\u003e\u003c/a\u003e Remove tb-nigthly and replace it with protobuf.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/01dec748b0d0daa3eb60a386b857519644fe15e2\"\u003e\u003ccode\u003e01dec74\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111216\"\u003e#111216\u003c/a\u003e from psamanoelton/remove_tb_dependency_partial_rol...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9657881d9689a4c06d334645932abff9d3481698\"\u003e\u003ccode\u003e9657881\u003c/code\u003e\u003c/a\u003e Partial rollback to resolve breakage.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/78d130aec00f8b4dbee85d3757ce32032ec7cbdd\"\u003e\u003ccode\u003e78d130a\u003c/code\u003e\u003c/a\u003e Remove TensorBoard dependency from TensorFlow build\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/MuhRaflyArj/ultralytics-fhd/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/MuhRaflyArj%2Fultralytics-fhd/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"},{"uuid":"4450327130","node_id":"PR_kwDOSd4TzM7bvDvA","number":4,"state":"open","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-15T00:37:29.000Z","updated_at":"2026-05-15T00:37:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/3313679467mm-hue/ultralytics/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/3313679467mm-hue%2Fultralytics/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4417288619","node_id":"PR_kwDOSZeo7M7aEcA7","number":11,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T00:30:38.000Z","updated_at":"2026-05-11T00:30:39.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/nixiankaide1/yolov11-pose-recognition/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/nixiankaide1%2Fyolov11-pose-recognition/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"},{"uuid":"4370446770","node_id":"PR_kwDOCFMVp87XtaLt","number":412,"state":"closed","title":"chore(deps): Bump the ml group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-03T05:38:45.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-03T00:28:16.000Z","updated_at":"2026-05-03T05:38:46.000Z","time_to_close":18629,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","group_name":"ml","update_count":3,"packages":[{"name":"tensorflow","old_version":"2.15.0","new_version":"2.21.0","repository_url":"https://github.com/tensorflow/tensorflow"},{"name":"torch","old_version":"2.8.0","new_version":"2.11.0","repository_url":"https://github.com/pytorch/pytorch"},{"name":"torchvision","old_version":"0.17.1","new_version":"0.26.0","repository_url":"https://github.com/pytorch/vision"}],"path":null,"ecosystem":"pip"},"body":"Bumps the ml group with 3 updates in the /tests directory: [tensorflow](https://github.com/tensorflow/tensorflow), [torch](https://github.com/pytorch/pytorch) and [torchvision](https://github.com/pytorch/vision).\n\nUpdates `tensorflow` from 2.15.0 to 2.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.21.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003ch2\u003eTensorFlow 2.21.0-rc1\u003c/h2\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a481b10260dfdf833a1b16007eead49c1d7febf3\"\u003e\u003ccode\u003ea481b10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111627\"\u003e#111627\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.21.0-25481\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a8f642e88e001734075133f9576ffd253b9eacc3\"\u003e\u003ccode\u003ea8f642e\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/3c51664da546f2e7741ad27e98f8dd22dbbf86f9\"\u003e\u003ccode\u003e3c51664\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111517\"\u003e#111517\u003c/a\u003e from tejaswin432/r2.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/460d178dda3124806d534ec0fb5e3d0830319628\"\u003e\u003ccode\u003e460d178\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9e2628c11188f4b1f4361ff08e1de198d13cadb1\"\u003e\u003ccode\u003e9e2628c\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/00a1ba7b4fd31bf1c75482bfff620a1cf21c5815\"\u003e\u003ccode\u003e00a1ba7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111234\"\u003e#111234\u003c/a\u003e from psamanoelton/remove_tb_nigthly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/41beecf3ee272e928c59e53edfcd5d8b40bf7f2b\"\u003e\u003ccode\u003e41beecf\u003c/code\u003e\u003c/a\u003e Remove tb-nigthly and replace it with protobuf.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/01dec748b0d0daa3eb60a386b857519644fe15e2\"\u003e\u003ccode\u003e01dec74\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111216\"\u003e#111216\u003c/a\u003e from psamanoelton/remove_tb_dependency_partial_rol...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9657881d9689a4c06d334645932abff9d3481698\"\u003e\u003ccode\u003e9657881\u003c/code\u003e\u003c/a\u003e Partial rollback to resolve breakage.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/78d130aec00f8b4dbee85d3757ce32032ec7cbdd\"\u003e\u003ccode\u003e78d130a\u003c/code\u003e\u003c/a\u003e Remove TensorBoard dependency from TensorFlow build\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.15.0...v2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `torch` from 2.8.0 to 2.11.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytorch/pytorch/releases\"\u003etorch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ePyTorch 2.11.0 Release Notes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#highlights\"\u003eHighlights\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#backwards-incompatible-changes\"\u003eBackwards Incompatible Changes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#deprecations\"\u003eDeprecations\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#new-features\"\u003eNew Features\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#improvements\"\u003eImprovements\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#bug-fixes\"\u003eBug fixes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#performance\"\u003ePerformance\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#documentation\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#developers\"\u003eDevelopers\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#security\"\u003eSecurity\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eHighlights\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eFor more details about these highlighted features, you can look at the \u003ca href=\"https://pytorch.org/blog/pytorch-2-11-release-blog/\"\u003erelease blogpost\u003c/a\u003e. Below are the full release notes for this release.\u003c/p\u003e\n\u003ch1\u003eBackwards Incompatible Changes\u003c/h1\u003e\n\u003ch2\u003eRelease Engineering\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/70d99e998b4955e0049d13a98d77ae1b14db1f45\"\u003e\u003ccode\u003e70d99e9\u003c/code\u003e\u003c/a\u003e [release only] Increase timeout for rocm libtorch and manywheel builds (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/178006\"\u003e#178006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/3e05c5a9ca8aacd0d137541876f8bf4cfca7e940\"\u003e\u003ccode\u003e3e05c5a\u003c/code\u003e\u003c/a\u003e [MPS] Properly handle conjugated tensors in bmm (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/178010\"\u003e#178010\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/db741c72097871e384b22ee6fff1d6083adf23cc\"\u003e\u003ccode\u003edb741c7\u003c/code\u003e\u003c/a\u003e [MPS] fix compiling of SDPA producing nan results (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/178009\"\u003e#178009\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/483b55d84c74b92b3c2c67be4b9b7c7359ec2bbc\"\u003e\u003ccode\u003e483b55d\u003c/code\u003e\u003c/a\u003e Update pytorch_sphinx_theme2 version to 0.4.6 (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/177616\"\u003e#177616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/7f2cdeb75b76bf07bb73776444bbb94456adbfa0\"\u003e\u003ccode\u003e7f2cdeb\u003c/code\u003e\u003c/a\u003e [windows][smoke test] Add an option to install cuda if required cuda/cudnn on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/76fd07897dd9126df160e9723d97511b79888087\"\u003e\u003ccode\u003e76fd078\u003c/code\u003e\u003c/a\u003e [release-only] Fix libtorch builds. Fix lint (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/177299\"\u003e#177299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/fa384de31efe6548e694758d47ff295f2c2edb57\"\u003e\u003ccode\u003efa384de\u003c/code\u003e\u003c/a\u003e [Inductor][MPS] Fix half-precision type mismatches in Metal shader codegen (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/036b25f5a29dc58cbc62e7b976efb860ff128c3f\"\u003e\u003ccode\u003e036b25f\u003c/code\u003e\u003c/a\u003e Let stable::from_blob accept a lambda as deleter (cherry-pick) (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/176440\"\u003e#176440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/41f8e3e0381395e1669ca4bc6e36a7872d25cdcd\"\u003e\u003ccode\u003e41f8e3e\u003c/code\u003e\u003c/a\u003e [CI] Stop using G3 runners (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/177161\"\u003e#177161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/e2fa2953033020ad7e0f823ec534044fac15a3c7\"\u003e\u003ccode\u003ee2fa295\u003c/code\u003e\u003c/a\u003e [CD] Unpin cuda-bindings dependencies (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/177159\"\u003e#177159\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytorch/pytorch/compare/v2.8.0...v2.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `torchvision` from 0.17.1 to 0.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytorch/vision/releases\"\u003etorchvision's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTorchVision 0.26 Release\u003c/h2\u003e\n\u003cp\u003eTorchVision 0.26 is out! It is compatible with torch 2.11. It's a small release that comes with the following changes:\u003c/p\u003e\n\u003ch2\u003eBreaking changes and deprecations\u003c/h2\u003e\n\u003cp\u003eThe \u003cstrong\u003evideo decoding and encoding\u003c/strong\u003e utilities of TorchVision, which have been deprecate for a long time, are now removed. This includes \u003ccode\u003etorchvision.io.video.*\u003c/code\u003e, \u003ccode\u003eread_video\u003c/code\u003e, \u003ccode\u003ewrite_video\u003c/code\u003e, the \u003ccode\u003eVideoReader\u003c/code\u003e class, etc. Users are encouraged to switch to \u003ca href=\"https://github.com/meta-pytorch/torchcodec\"\u003eTorchCodec\u003c/a\u003e, which is faster and more stable.\u003c/p\u003e\n\u003cp\u003eThe rare torchvision utilities that were still relying on video decoding (like the video datasets) have been transparently migrated to TorchCodec.\u003c/p\u003e\n\u003cp\u003eNote: the \u003cstrong\u003eimage\u003c/strong\u003e decoders and encoders are staying in TorchVision.\u003c/p\u003e\n\u003cp\u003e(\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9341\"\u003e#9341\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9421\"\u003e#9421\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9370\"\u003e#9370\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9366\"\u003e#9366\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003eImprovements\u003c/h2\u003e\n\u003cp\u003e[ops] Speed up  masks_to_boxes on CPU and GPU (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9358\"\u003e#9358\u003c/a\u003e)\n[ops] Improve runtime complexity of roi_align on MPS (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9100\"\u003e#9100\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eVarious code quality improvements (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/8760\"\u003e#8760\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9364\"\u003e#9364\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9317\"\u003e#9317\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9359\"\u003e#9359\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9334\"\u003e#9334\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9286\"\u003e#9286\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9327\"\u003e#9327\u003c/a\u003e)\nVarious documentation improvements (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9339\"\u003e#9339\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9374\"\u003e#9374\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9323\"\u003e#9323\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9324\"\u003e#9324\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/8879\"\u003e#8879\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9350\"\u003e#9350\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cp\u003e[transforms] Fix edge case conversion from CXCYWH to XYXY for integer bounding boxes in F.convert_bounding_box_format  (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9322\"\u003e#9322\u003c/a\u003e)\n[transforms] Fix tv_tensors.wrap to preserve subclass types for BoundingBoxes and KeyPoints (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9332\"\u003e#9332\u003c/a\u003e)\n[transforms] Fix incorrect normalization axis in v2.ElasticTransform (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9300\"\u003e#9300\u003c/a\u003e)\n[ops] Fix masks_to_boxes for empty masks (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9357\"\u003e#9357\u003c/a\u003e)\n[io] Fix CPU jpeg and png decoder/encoder  error-path leak on malformed inputs  (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9434\"\u003e#9434\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003eContributors\u003c/h2\u003e\n\u003cp\u003e🎉 We're grateful for our community, which helps us improve Torchvision by submitting issues and PRs, and providing feedback and suggestions. The following persons have contributed patches for this release:\u003c/p\u003e\n\u003cp\u003eAdam J. Stewart, Andrey Talman, Jaebeom, MPSFuzz , Murat Raimbekov, Nicolas Hug, ribbon-otter , Roy Hvaara, Salman Chishti, Scott Todd, Zhitao Yu\u003c/p\u003e\n\u003ch2\u003eTorchVision 0.25 Release\u003c/h2\u003e\n\u003cp\u003eTorchVision 0.25 is out! It is compatible with torch 2.10. It's a small release that comes with the following improvements:\u003c/p\u003e\n\u003ch2\u003eEnhancement\u003c/h2\u003e\n\u003cp\u003e[transforms] KeyPoints aren't clamped by default anymore after a transform. This is a bug-fix that comes with a change of behavior. We also added the \u003ccode\u003eSanitizeKeyPoints\u003c/code\u003e transform to remove keypoints outside of the image area (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9236\"\u003e#9236\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9235\"\u003e#9235\u003c/a\u003e)\n[utils] \u003ccode\u003edraw_bounding_boxes\u003c/code\u003e now supports a \u003ccode\u003elabel_background_colors\u003c/code\u003e parameter (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9204\"\u003e#9204\u003c/a\u003e)\n[io] Fixed an issue in the GIF decoder (\u003ccode\u003edecode_gif\u003c/code\u003e, \u003ccode\u003edecode_image\u003c/code\u003e) which affected some (not all) animated GIFs. (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9241\"\u003e#9241\u003c/a\u003e)\n[misc] Various code-quality and docs improvements (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9218\"\u003e#9218\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9270\"\u003e#9270\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9250\"\u003e#9250\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9247\"\u003e#9247\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003eContributors\u003c/h2\u003e\n\u003cp\u003e🎉 We're grateful for our community, which helps us improve Torchvision by submitting issues and PRs, and providing feedback and suggestions. The following persons have contributed patches for this release:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/336d36e8db990a905498c73933e35231876e28bc\"\u003e\u003ccode\u003e336d36e\u003c/code\u003e\u003c/a\u003e [Cherry-pick for 0.26] Fix CPU decode_jpeg error-path leak on malformed JPEGs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/4fe736f90794280bf7f31a7867463c9bce9cf3d9\"\u003e\u003ccode\u003e4fe736f\u003c/code\u003e\u003c/a\u003e [Cherry-pick for 0.26] Remove rest of video decoder APIs (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9421\"\u003e#9421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/31d3aa3548bd6bd04c082d37dc8f82b1689e9441\"\u003e\u003ccode\u003e31d3aa3\u003c/code\u003e\u003c/a\u003e [Release 0.26] update test-infra refs and version (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9390\"\u003e#9390\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/186879a420a0779efff50205f7778883a97b42b6\"\u003e\u003ccode\u003e186879a\u003c/code\u003e\u003c/a\u003e [Release 0.26] remove CVCUDA stuff - not yet ready for release (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9389\"\u003e#9389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/b29ac894e25d0b799c0ed00b7620a86dac802d09\"\u003e\u003ccode\u003eb29ac89\u003c/code\u003e\u003c/a\u003e [Release 0.26] remove prototype (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9388\"\u003e#9388\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/0f6d91d9fe514e6de2f5519114cbeb389d498b2d\"\u003e\u003ccode\u003e0f6d91d\u003c/code\u003e\u003c/a\u003e Vectorize masks_to_boxes for performance (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9358\"\u003e#9358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/326a11d48a97b14b7b65e11afe0f34cd7981efd4\"\u003e\u003ccode\u003e326a11d\u003c/code\u003e\u003c/a\u003e ElasticTransform docs: fix issue#8879 (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9350\"\u003e#9350\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/74d128539ddf17c58a955468abe85e062c293ed9\"\u003e\u003ccode\u003e74d1285\u003c/code\u003e\u003c/a\u003e Fix CXCYWH to XYXY conversion for integer bounding boxes (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9322\"\u003e#9322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/6940e19087cecb5108370703e207f7a33d9b478d\"\u003e\u003ccode\u003e6940e19\u003c/code\u003e\u003c/a\u003e add warning for CelebA bbox data (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9339\"\u003e#9339\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/4b0a90c3616a348ee0cc9ce7fb36eb1b0e40ce54\"\u003e\u003ccode\u003e4b0a90c\u003c/code\u003e\u003c/a\u003e Update version to 0.26.0a0 (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9376\"\u003e#9376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytorch/vision/compare/v0.17.1...v0.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e","html_url":"https://github.com/kangwonlee/nmisp/pull/412","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/kangwonlee%2Fnmisp/issues/412","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/412/packages"},{"uuid":"4340745294","node_id":"PR_kwDORGasNs7WNaCt","number":48,"state":"open","title":"Update tensorflow requirement from \u003e=2.13.0 to \u003e=2.21.0","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-28T05:11:02.000Z","updated_at":"2026-04-28T05:11:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.13.0","new_version":"\u003e=2.21.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.21.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a481b10260dfdf833a1b16007eead49c1d7febf3\"\u003e\u003ccode\u003ea481b10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111627\"\u003e#111627\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.21.0-25481\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a8f642e88e001734075133f9576ffd253b9eacc3\"\u003e\u003ccode\u003ea8f642e\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/3c51664da546f2e7741ad27e98f8dd22dbbf86f9\"\u003e\u003ccode\u003e3c51664\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111517\"\u003e#111517\u003c/a\u003e from tejaswin432/r2.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/460d178dda3124806d534ec0fb5e3d0830319628\"\u003e\u003ccode\u003e460d178\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9e2628c11188f4b1f4361ff08e1de198d13cadb1\"\u003e\u003ccode\u003e9e2628c\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/00a1ba7b4fd31bf1c75482bfff620a1cf21c5815\"\u003e\u003ccode\u003e00a1ba7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111234\"\u003e#111234\u003c/a\u003e from psamanoelton/remove_tb_nigthly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/41beecf3ee272e928c59e53edfcd5d8b40bf7f2b\"\u003e\u003ccode\u003e41beecf\u003c/code\u003e\u003c/a\u003e Remove tb-nigthly and replace it with protobuf.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/01dec748b0d0daa3eb60a386b857519644fe15e2\"\u003e\u003ccode\u003e01dec74\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111216\"\u003e#111216\u003c/a\u003e from psamanoelton/remove_tb_dependency_partial_rol...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9657881d9689a4c06d334645932abff9d3481698\"\u003e\u003ccode\u003e9657881\u003c/code\u003e\u003c/a\u003e Partial rollback to resolve breakage.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/78d130aec00f8b4dbee85d3757ce32032ec7cbdd\"\u003e\u003ccode\u003e78d130a\u003c/code\u003e\u003c/a\u003e Remove TensorBoard dependency from TensorFlow build\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.13.0...v2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/pedrotescaro/redisus/pull/48","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pedrotescaro%2Fredisus/issues/48","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/48/packages"},{"uuid":"4340487813","node_id":"PR_kwDOSOez487WMm1Z","number":6,"state":"open","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-28T03:58:21.000Z","updated_at":"2026-04-28T04:02:33.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Sihang-Geng/CDP-train/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sihang-Geng%2FCDP-train/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4330360072","node_id":"PR_kwDOSM2lHs7Vsl4K","number":4,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-26T07:56:22.000Z","updated_at":"2026-04-26T07:56:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/VisaiCyber/Cambodia-Smart-Traffic-Light-Management-System-/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/VisaiCyber%2FCambodia-Smart-Traffic-Light-Management-System-/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4306357764","node_id":"PR_kwDOSJJ87c7UfKA_","number":3,"state":"closed","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-22T02:23:59.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-22T02:22:57.000Z","updated_at":"2026-04-22T02:24:01.000Z","time_to_close":62,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mmccyyaa/CMSNet/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mmccyyaa%2FCMSNet/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"4306069088","node_id":"PR_kwDOSJHAm87UePth","number":13,"state":"open","title":"Update tensorflow requirement from \u003c=2.13.1 to \u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-22T00:50:48.000Z","updated_at":"2026-04-29T02:02:56.410Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.13.1","new_version":"\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/tflite-v0.1.7...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/paklgym/YOLOv8/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/paklgym%2FYOLOv8/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"},{"uuid":"4280799784","node_id":"PR_kwDOFFVbCc7TOJ2o","number":257,"state":"closed","title":"Update tensorflow requirement from \u003c2.17.0,\u003e=2.5 to \u003e=2.5,\u003c2.22.0 in /tests","user":"dependabot[bot]","labels":["dependencies","python","category: dependency_changes","Stale"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":"2026-05-09T03:45:31.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-17T07:06:51.000Z","updated_at":"2026-05-09T03:45:39.000Z","time_to_close":1888720,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c2.17.0,\u003e=2.5","new_version":"\u003e=2.5,\u003c2.22.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":"/tests","ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.21.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a481b10260dfdf833a1b16007eead49c1d7febf3\"\u003e\u003ccode\u003ea481b10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111627\"\u003e#111627\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.21.0-25481\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a8f642e88e001734075133f9576ffd253b9eacc3\"\u003e\u003ccode\u003ea8f642e\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/3c51664da546f2e7741ad27e98f8dd22dbbf86f9\"\u003e\u003ccode\u003e3c51664\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111517\"\u003e#111517\u003c/a\u003e from tejaswin432/r2.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/460d178dda3124806d534ec0fb5e3d0830319628\"\u003e\u003ccode\u003e460d178\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9e2628c11188f4b1f4361ff08e1de198d13cadb1\"\u003e\u003ccode\u003e9e2628c\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/00a1ba7b4fd31bf1c75482bfff620a1cf21c5815\"\u003e\u003ccode\u003e00a1ba7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111234\"\u003e#111234\u003c/a\u003e from psamanoelton/remove_tb_nigthly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/41beecf3ee272e928c59e53edfcd5d8b40bf7f2b\"\u003e\u003ccode\u003e41beecf\u003c/code\u003e\u003c/a\u003e Remove tb-nigthly and replace it with protobuf.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/01dec748b0d0daa3eb60a386b857519644fe15e2\"\u003e\u003ccode\u003e01dec74\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111216\"\u003e#111216\u003c/a\u003e from psamanoelton/remove_tb_dependency_partial_rol...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9657881d9689a4c06d334645932abff9d3481698\"\u003e\u003ccode\u003e9657881\u003c/code\u003e\u003c/a\u003e Partial rollback to resolve breakage.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/78d130aec00f8b4dbee85d3757ce32032ec7cbdd\"\u003e\u003ccode\u003e78d130a\u003c/code\u003e\u003c/a\u003e Remove TensorBoard dependency from TensorFlow build\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.5.0...v2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/sungeunk/openvino/pull/257","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sungeunk%2Fopenvino/issues/257","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/257/packages"},{"uuid":"4280110727","node_id":"PR_kwDORsLFE87TL7ca","number":8,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-17T04:28:46.000Z","updated_at":"2026-04-17T04:28:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/rashvii/sample/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rashvii%2Fsample/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"}],"issue_packages":[{"old_version":"2.4.1","new_version":"2.12.1","update_type":"minor","path":null,"pr_created_at":"2026-05-30T09:53:07.000Z","version_change":"2.4.1 → 2.12.1","issue":{"uuid":"4554039011","node_id":"PR_kwDOQ3fShs7g7Qds","number":1,"state":"open","title":"Bump the pip group across 2 directories with 6 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T09:53:07.000Z","updated_at":"2026-05-30T09:55:15.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"pip","update_count":6,"packages":[{"name":"tensorflow","old_version":"2.4.1","new_version":"2.12.1","repository_url":"https://github.com/tensorflow/tensorflow"},{"name":"opencv-contrib-python","old_version":"4.1.2.30","new_version":"4.8.1.78","repository_url":"https://github.com/opencv/opencv-python"},{"name":"urllib3","old_version":"1.24.3","new_version":"2.7.0","repository_url":"https://github.com/urllib3/urllib3"},{"name":"opencv-contrib-python","old_version":"4.5.5.64","new_version":"4.8.1.78","repository_url":"https://github.com/opencv/opencv-python"},{"name":"fonttools","old_version":"4.33.3","new_version":"4.60.2","repository_url":"https://github.com/fonttools/fonttools"},{"name":"pillow","old_version":"9.1.0","new_version":"12.2.0","repository_url":"https://github.com/python-pillow/Pillow"},{"name":"protobuf","old_version":"3.20.1","new_version":"5.29.6","repository_url":"https://github.com/protocolbuffers/protobuf"}],"path":null,"ecosystem":"pip"},"body":"Bumps the pip group with 3 updates in the /video-classification-and-human-activity-recognition directory: [tensorflow](https://github.com/tensorflow/tensorflow), [opencv-contrib-python](https://github.com/opencv/opencv-python) and [urllib3](https://github.com/urllib3/urllib3).\nBumps the pip group with 4 updates in the /zoom-gestures directory: [opencv-contrib-python](https://github.com/opencv/opencv-python), [fonttools](https://github.com/fonttools/fonttools), [pillow](https://github.com/python-pillow/Pillow) and [protobuf](https://github.com/protocolbuffers/protobuf).\n\nUpdates `tensorflow` from 2.4.1 to 2.12.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.12.1\u003c/h2\u003e\n\u003ch1\u003eRelease 2.12.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe use of the ambe config to build and test aarch64 is not needed. The ambe config will be removed in the future. Making cpu_arm64_pip.sh and cpu_arm64_nonpip.sh more similar for easier future maintenance.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTensorFlow 2.12.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.12.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eBuild, Compilation and Packaging\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved redundant packages \u003ccode\u003etensorflow-gpu\u003c/code\u003e and \u003ccode\u003etf-nightly-gpu\u003c/code\u003e. These packages were removed and replaced with packages that direct users to switch to \u003ccode\u003etensorflow\u003c/code\u003e or \u003ccode\u003etf-nightly\u003c/code\u003e respectively. Since TensorFlow 2.1, the only difference between these two sets of packages was their names, so there is no loss of functionality or GPU support. See \u003ca href=\"https://pypi.org/project/tensorflow-gpu\"\u003ehttps://pypi.org/project/tensorflow-gpu\u003c/a\u003e for more details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.function\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.function\u003c/code\u003e now uses the Python inspect library directly for parsing the signature of the Python function it is decorated on. This change may break code where the function signature is malformed, but was ignored previously, such as:\n\u003cul\u003e\n\u003cli\u003eUsing \u003ccode\u003efunctools.wraps\u003c/code\u003e on a function with different signature\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003efunctools.partial\u003c/code\u003e with an invalid \u003ccode\u003etf.function\u003c/code\u003e input\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.function\u003c/code\u003e now enforces input parameter names to be valid Python identifiers. Incompatible names are automatically sanitized similarly to existing SavedModel signature behavior.\u003c/li\u003e\n\u003cli\u003eParameterless \u003ccode\u003etf.function\u003c/code\u003es are assumed to have an empty \u003ccode\u003einput_signature\u003c/code\u003e instead of an undefined one even if the \u003ccode\u003einput_signature\u003c/code\u003e is unspecified.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.types.experimental.TraceType\u003c/code\u003e now requires an additional \u003ccode\u003eplaceholder_value\u003c/code\u003e method to be defined.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.function\u003c/code\u003e now traces with placeholder values generated by TraceType instead of the value itself.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eExperimental APIs \u003ccode\u003etf.config.experimental.enable_mlir_graph_optimization\u003c/code\u003e and \u003ccode\u003etf.config.experimental.disable_mlir_graph_optimization\u003c/code\u003e were removed.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport for Python 3.11 has been added.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport for Python 3.7 has been removed. We are not releasing any more patches for Python 3.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd 16-bit float type support for built-in op \u003ccode\u003efill\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eTranspose now supports 6D tensors.\u003c/li\u003e\n\u003cli\u003eFloat LSTM now supports diagonal recurrent tensors: \u003ca href=\"https://arxiv.org/abs/1903.08023\"\u003ehttps://arxiv.org/abs/1903.08023\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.experimental.dtensor\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCoordination service now works with \u003ccode\u003edtensor.initialize_accelerator_system\u003c/code\u003e, and enabled by default.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etf.experimental.dtensor.is_dtensor\u003c/code\u003e to check if a tensor is a DTensor instance.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.data\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for alternative checkpointing protocol which makes it possible to checkpoint the state of the input pipeline without having to store the contents of internal buffers. The new functionality can be enabled through the \u003ccode\u003eexperimental_symbolic_checkpoint\u003c/code\u003e option of \u003ccode\u003etf.data.Options()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded a new \u003ccode\u003ererandomize_each_iteration\u003c/code\u003e argument for the \u003ccode\u003etf.data.Dataset.random()\u003c/code\u003e operation, which controls whether the sequence of generated random numbers should be re-randomized every epoch or not (the default behavior). If \u003ccode\u003eseed\u003c/code\u003e is set and \u003ccode\u003ererandomize_each_iteration=True\u003c/code\u003e, the \u003ccode\u003erandom()\u003c/code\u003e operation will produce a different (deterministic) sequence of numbers every epoch.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.12.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe use of the ambe config to build and test aarch64 is not needed. The ambe config will be removed in the future. Making cpu_arm64_pip.sh and cpu_arm64_nonpip.sh more similar for easier future maintenance.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.12.0\u003c/h1\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eBuild, Compilation and Packaging\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved redundant packages \u003ccode\u003etensorflow-gpu\u003c/code\u003e and \u003ccode\u003etf-nightly-gpu\u003c/code\u003e. These packages were removed and replaced with packages that direct users to switch to \u003ccode\u003etensorflow\u003c/code\u003e or \u003ccode\u003etf-nightly\u003c/code\u003e respectively. Since TensorFlow 2.1, the only difference between these two sets of packages was their names, so there is no loss of functionality or GPU support. See \u003ca href=\"https://pypi.org/project/tensorflow-gpu\"\u003ehttps://pypi.org/project/tensorflow-gpu\u003c/a\u003e for more details.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.function\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.function\u003c/code\u003e now uses the Python inspect library directly for parsing the signature of the Python function it is decorated on. This change may break code where the function signature is malformed, but was ignored previously, such as:\n\u003cul\u003e\n\u003cli\u003eUsing \u003ccode\u003efunctools.wraps\u003c/code\u003e on a function with different signature\u003c/li\u003e\n\u003cli\u003eUsing \u003ccode\u003efunctools.partial\u003c/code\u003e with an invalid \u003ccode\u003etf.function\u003c/code\u003e input\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.function\u003c/code\u003e now enforces input parameter names to be valid Python identifiers. Incompatible names are automatically sanitized similarly to existing SavedModel signature behavior.\u003c/li\u003e\n\u003cli\u003eParameterless \u003ccode\u003etf.function\u003c/code\u003es are assumed to have an empty \u003ccode\u003einput_signature\u003c/code\u003e instead of an undefined one even if the \u003ccode\u003einput_signature\u003c/code\u003e is unspecified.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.types.experimental.TraceType\u003c/code\u003e now requires an additional \u003ccode\u003eplaceholder_value\u003c/code\u003e method to be defined.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.function\u003c/code\u003e now traces with placeholder values generated by TraceType instead of the value itself.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eExperimental APIs \u003ccode\u003etf.config.experimental.enable_mlir_graph_optimization\u003c/code\u003e and \u003ccode\u003etf.config.experimental.disable_mlir_graph_optimization\u003c/code\u003e were removed.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSupport for Python 3.11 has been added.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport for Python 3.7 has been removed. We are not releasing any more patches for Python 3.7.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdd 16-bit float type support for built-in op \u003ccode\u003efill\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eTranspose now supports 6D tensors.\u003c/li\u003e\n\u003cli\u003eFloat LSTM now supports diagonal recurrent tensors: \u003ca href=\"https://arxiv.org/abs/1903.08023\"\u003ehttps://arxiv.org/abs/1903.08023\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.experimental.dtensor\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCoordination service now works with \u003ccode\u003edtensor.initialize_accelerator_system\u003c/code\u003e, and enabled by default.\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003etf.experimental.dtensor.is_dtensor\u003c/code\u003e to check if a tensor is a DTensor instance.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.data\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for alternative checkpointing protocol which makes it possible to checkpoint the state of the input pipeline without having to store the contents of internal buffers. The new functionality can be enabled through the \u003ccode\u003eexperimental_symbolic_checkpoint\u003c/code\u003e option of \u003ccode\u003etf.data.Options()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded a new \u003ccode\u003ererandomize_each_iteration\u003c/code\u003e argument for the \u003ccode\u003etf.data.Dataset.random()\u003c/code\u003e operation, which controls whether the sequence of generated random numbers should be re-randomized every epoch or not (the default behavior). If \u003ccode\u003eseed\u003c/code\u003e is set and \u003ccode\u003ererandomize_each_iteration=True\u003c/code\u003e, the \u003ccode\u003erandom()\u003c/code\u003e operation will produce a different (deterministic) sequence of numbers every epoch.\u003c/li\u003e\n\u003cli\u003eAdded a new \u003ccode\u003ererandomize_each_iteration\u003c/code\u003e argument for the \u003ccode\u003etf.data.Dataset.sample_from_datasets()\u003c/code\u003e operation, which controls whether the sequence of generated random numbers used for sampling should be re-randomized every epoch or not. If \u003ccode\u003eseed\u003c/code\u003e is set and \u003ccode\u003ererandomize_each_iteration=True\u003c/code\u003e, the \u003ccode\u003esample_from_datasets()\u003c/code\u003e operation will use a different (deterministic) sequence of numbers every epoch.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.test\u003c/code\u003e:\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/8e2b6655c0c488290179ab90a0daed0f6d3006f7\"\u003e\u003ccode\u003e8e2b665\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/61094\"\u003e#61094\u003c/a\u003e from tensorflow/venkat-patch-444\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/02478f09201719a94c7eb01a0e280b65d8fff261\"\u003e\u003ccode\u003e02478f0\u003c/code\u003e\u003c/a\u003e Fix unit test failure caused by numpy update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cd9b4143cb19335fdbd06aa6ecc3ecdae474fb8\"\u003e\u003ccode\u003e2cd9b41\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/61082\"\u003e#61082\u003c/a\u003e from tensorflow/venkat-patch-333\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/7995c95fb197f11dcf4635a719668e10f9700c38\"\u003e\u003ccode\u003e7995c95\u003c/code\u003e\u003c/a\u003e Updating Simplified retry logic to DNS cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/29479edb66c12159ef6a1ecf6af6fbd665a1c9f6\"\u003e\u003ccode\u003e29479ed\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/60872\"\u003e#60872\u003c/a\u003e from tensorflow/r2.12-c45a6c0b1cb\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/e76a9332a2801fdabc4c5692b389c708fa79d8e0\"\u003e\u003ccode\u003ee76a933\u003c/code\u003e\u003c/a\u003e Simplified retry logic to DNS cache\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/76addf724a4794222e780542180dc32747d04aa2\"\u003e\u003ccode\u003e76addf7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/60850\"\u003e#60850\u003c/a\u003e from elfringham/non_pip_fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/05987a86af6544e8a93182c7f898465a87066a57\"\u003e\u003ccode\u003e05987a8\u003c/code\u003e\u003c/a\u003e [Linaro:ARM_CI] Fix permissions for running nonpip tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/23724d2f60835df36f0cfe8b78f9d2c6e8085663\"\u003e\u003ccode\u003e23724d2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/60842\"\u003e#60842\u003c/a\u003e from elfringham/r2.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/496730b8b5007e1cea0b609a3de45e5082dcd685\"\u003e\u003ccode\u003e496730b\u003c/code\u003e\u003c/a\u003e Limit typing_extensions to less than 4.6.0 until it works\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.4.1...v2.12.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `opencv-contrib-python` from 4.1.2.30 to 4.8.1.78\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/opencv/opencv-python/releases\"\u003eopencv-contrib-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.8.1.78\u003c/h2\u003e\n\u003cp\u003eOpenCV 4.8.1 release.\u003c/p\u003e\n\u003cp\u003eImportant changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWebP security update for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2023-4863\"\u003eCVE-2023-4863\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.8.0.76\u003c/h2\u003e\n\u003cp\u003eAdds cv2.typing to package. Close \u003ca href=\"https://redirect.github.com/opencv/opencv-python/issues/869\"\u003e#869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.8.0.74\u003c/h2\u003e\n\u003cp\u003eImportant changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/20370\"\u003e#20370\u003c/a\u003e Python typing stubs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23350\"\u003e#23350\u003c/a\u003e Fix reference counting errors in registerNewType.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23399\"\u003e#23399\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23436\"\u003e#23436\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23138\"\u003e#23138\u003c/a\u003e Fixed ChAruco and diamond boards detector bindings.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23371\"\u003e#23371\u003c/a\u003e Added bindings to allow GpuMat and Stream objects to be initialized from memory initialized in other libraries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23691\"\u003e#23691\u003c/a\u003e np.float16 support.\u003c/li\u003e\n\u003cli\u003ePython bindings for RotatedRect, CV_MAKETYPE, CV_8UC(n).\u003c/li\u003e\n\u003cli\u003eSeveral build fixes for OpenCV-Python package\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0.72\u003c/h2\u003e\n\u003cp\u003eOpenCV 4.7.0 with various distribution bug fixes.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMac OS 11 support.\u003c/li\u003e\n\u003cli\u003eOld Linux support with zlib version older than 1.9.\u003c/li\u003e\n\u003cli\u003ePackage build fixes for Python 11 on Musl C based system (Alpine).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0.70\u003c/h2\u003e\n\u003cp\u003eOpenCV 4.7.0 with various distribution bug fixes.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMac OS 11 support.\u003c/li\u003e\n\u003cli\u003eOld Linux support with zlib version older than 1.9.\u003c/li\u003e\n\u003cli\u003ePackage build fixes for Python 11 on Musl C based system (Alpine).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0.68\u003c/h2\u003e\n\u003cp\u003eopencv-python: \u003ca href=\"https://pypi.org/project/opencv-python/\"\u003ehttps://pypi.org/project/opencv-python/\u003c/a\u003e\nopencv-contrib-python: \u003ca href=\"https://pypi.org/project/opencv-contrib-python/\"\u003ehttps://pypi.org/project/opencv-contrib-python/\u003c/a\u003e\nopencv-python-headless: \u003ca href=\"https://pypi.org/project/opencv-python-headless/\"\u003ehttps://pypi.org/project/opencv-python-headless/\u003c/a\u003e\nopencv-contrib-python-headless: \u003ca href=\"https://pypi.org/project/opencv-contrib-python-headless/\"\u003ehttps://pypi.org/project/opencv-contrib-python-headless/\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/opencv/opencv/releases/tag/4.7.0\"\u003eOpenCV 4.7.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated third-party libraries to fix potential vulnerabilities.\u003c/li\u003e\n\u003cli\u003eDropped Python 3.6 support.\u003c/li\u003e\n\u003cli\u003eAdded Python 3.11 support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.6.0.66\u003c/h2\u003e\n\u003cp\u003eopencv-python: \u003ca href=\"https://pypi.org/project/opencv-python/\"\u003ehttps://pypi.org/project/opencv-python/\u003c/a\u003e\nopencv-contrib-python: \u003ca href=\"https://pypi.org/project/opencv-contrib-python/\"\u003ehttps://pypi.org/project/opencv-contrib-python/\u003c/a\u003e\nopencv-python-headless: \u003ca href=\"https://pypi.org/project/opencv-python-headless/\"\u003ehttps://pypi.org/project/opencv-python-headless/\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/opencv/opencv-python/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `urllib3` from 1.24.3 to 2.7.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/releases\"\u003eurllib3's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.7.0\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cp\u003eAddressed high-severity security issues. Impact was limited to specific use cases detailed in the accompanying advisories; overall user exposure was estimated to be marginal.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDecompression-bomb safeguards of the streaming API were bypassed:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eWhen \u003ccode\u003eHTTPResponse.drain_conn()\u003c/code\u003e was called after the response had been read and decompressed partially. (Reported by \u003ca href=\"https://github.com/Cycloctane\"\u003e\u003ccode\u003e@​Cycloctane\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDuring the second \u003ccode\u003eHTTPResponse.read(amt=N)\u003c/code\u003e or \u003ccode\u003eHTTPResponse.stream(amt=N)\u003c/code\u003e call when the response was decompressed using the official \u003ca href=\"https://pypi.org/project/brotli/\"\u003eBrotli\u003c/a\u003e library. (Reported by \u003ca href=\"https://github.com/kimkou2024\"\u003e\u003ccode\u003e@​kimkou2024\u003c/code\u003e\u003c/a\u003e)\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eSee GHSA-mf9v-mfxr-j63j for details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTTP pools created using \u003ccode\u003eProxyManager.connection_from_url\u003c/code\u003e did not strip sensitive headers specified in \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e when redirecting to a different host. (GHSA-qccp-gfcp-xxvc reported by \u003ca href=\"https://github.com/christos-spearbit\"\u003e\u003ccode\u003e@​christos-spearbit\u003c/code\u003e\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUsed \u003ccode\u003eFutureWarning\u003c/code\u003e instead of \u003ccode\u003eDeprecationWarning\u003c/code\u003e for better visibility of existing deprecation notices. Rescheduled the removal of deprecated features to version 3.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3763\"\u003eurllib3/urllib3#3763\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life Python 3.9. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3720\"\u003eurllib3/urllib3#3720\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life PyPy3.10. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4979\"\u003eurllib3/urllib3#4979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBumped the minimum supported pyOpenSSL version to 19.0.0. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3777\"\u003eurllib3/urllib3#3777\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read(amt=None)\u003c/code\u003e was ignoring decompressed data buffered from previous partial reads. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3636\"\u003eurllib3/urllib3#3636\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read()\u003c/code\u003e could cache only part of the response after a partial read when \u003ccode\u003ecache_content=True\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4967\"\u003eurllib3/urllib3#4967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eHTTPResponse.stream()\u003c/code\u003e and \u003ccode\u003eHTTPResponse.read_chunked()\u003c/code\u003e to handle \u003ccode\u003eamt=0\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3793\"\u003eurllib3/urllib3#3793\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpdated \u003ccode\u003e_TYPE_BODY\u003c/code\u003e type alias to include missing \u003ccode\u003eIterable[str]\u003c/code\u003e, matching the documented and runtime behavior of chunked request bodies. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3798\"\u003eurllib3/urllib3#3798\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eLocationParseError\u003c/code\u003e when paths resembling schemeless URIs were passed to \u003ccode\u003eHTTPConnectionPool.urlopen()\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3352\"\u003eurllib3/urllib3#3352\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eBaseHTTPResponse.readinto()\u003c/code\u003e type annotation to accept \u003ccode\u003ememoryview\u003c/code\u003e in addition to \u003ccode\u003ebytearray\u003c/code\u003e, matching the \u003ccode\u003eio.RawIOBase.readinto\u003c/code\u003e contract and enabling use with \u003ccode\u003eio.BufferedReader\u003c/code\u003e without type errors. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3764\"\u003eurllib3/urllib3#3764\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.3\u003c/h2\u003e\n\u003ch2\u003e🚀 urllib3 is fundraising for HTTP/2 support\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://sethmlarson.dev/urllib3-is-fundraising-for-http2-support\"\u003eurllib3 is raising ~$40,000 USD\u003c/a\u003e to release HTTP/2 support and ensure long-term sustainable maintenance of the project after a sharp decline in financial support. If your company or organization uses Python and would benefit from HTTP/2 support in Requests, pip, cloud SDKs, and thousands of other projects \u003ca href=\"https://opencollective.com/urllib3\"\u003eplease consider contributing financially\u003c/a\u003e to ensure HTTP/2 support is developed sustainably and maintained for the long-haul.\u003c/p\u003e\n\u003cp\u003eThank you for your support.\u003c/p\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a security issue where decompression-bomb safeguards of the streaming API were bypassed when HTTP redirects were followed. (CVE-2026-21441 reported by \u003ca href=\"https://github.com/D47A\"\u003e\u003ccode\u003e@​D47A\u003c/code\u003e\u003c/a\u003e, 8.9 High, GHSA-38jv-5279-wg99)\u003c/li\u003e\n\u003cli\u003eStarted treating \u003ccode\u003eRetry-After\u003c/code\u003e times greater than 6 hours as 6 hours by default. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3743\"\u003eurllib3/urllib3#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed \u003ccode\u003eurllib3.connection.VerifiedHTTPSConnection\u003c/code\u003e on Emscripten. (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/3752\"\u003eurllib3/urllib3#3752\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.6.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/urllib3/urllib3/blob/main/CHANGES.rst\"\u003eurllib3's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e2.7.0 (2026-05-07)\u003c/h1\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cp\u003eAddressed high-severity security issues.\nImpact was limited to specific use cases detailed in the accompanying\nadvisories; overall user exposure was estimated to be marginal.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eDecompression-bomb safeguards of the streaming API were bypassed:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eWhen \u003ccode\u003eHTTPResponse.drain_conn()\u003c/code\u003e was called after the response had been\nread and decompressed partially.\u003c/li\u003e\n\u003cli\u003eDuring the second \u003ccode\u003eHTTPResponse.read(amt=N)\u003c/code\u003e or\n\u003ccode\u003eHTTPResponse.stream(amt=N)\u003c/code\u003e call when the response was decompressed\nusing the official \u003ccode\u003eBrotli \u0026lt;https://pypi.org/project/brotli/\u0026gt;\u003c/code\u003e__ library.\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eSee \u003ccode\u003eGHSA-mf9v-mfxr-j63j \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-mf9v-mfxr-j63j\u0026gt;\u003c/code\u003e__\nfor details.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eHTTP pools created using \u003ccode\u003eProxyManager.connection_from_url\u003c/code\u003e did not strip\nsensitive headers specified in \u003ccode\u003eRetry.remove_headers_on_redirect\u003c/code\u003e when\nredirecting to a different host.\n(\u003ccode\u003eGHSA-qccp-gfcp-xxvc \u0026lt;https://github.com/urllib3/urllib3/security/advisories/GHSA-qccp-gfcp-xxvc\u0026gt;\u003c/code\u003e__)\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDeprecations and Removals\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUsed \u003ccode\u003eFutureWarning\u003c/code\u003e instead of \u003ccode\u003eDeprecationWarning\u003c/code\u003e for better\nvisibility of existing deprecation notices. Rescheduled the removal of\ndeprecated features to version 3.0.\n(\u003ccode\u003e[#3763](https://github.com/urllib3/urllib3/issues/3763) \u0026lt;https://github.com/urllib3/urllib3/issues/3763\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life Python 3.9.\n(\u003ccode\u003e[#3720](https://github.com/urllib3/urllib3/issues/3720) \u0026lt;https://github.com/urllib3/urllib3/issues/3720\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eRemoved support for end-of-life PyPy3.10.\n(\u003ccode\u003e[#4979](https://github.com/urllib3/urllib3/issues/4979) \u0026lt;https://github.com/urllib3/urllib3/issues/4979\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eBumped the minimum supported pyOpenSSL version to 19.0.0.\n(\u003ccode\u003e[#3777](https://github.com/urllib3/urllib3/issues/3777) \u0026lt;https://github.com/urllib3/urllib3/issues/3777\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBugfixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read(amt=None)\u003c/code\u003e was ignoring decompressed\ndata buffered from previous partial reads.\n(\u003ccode\u003e[#3636](https://github.com/urllib3/urllib3/issues/3636) \u0026lt;https://github.com/urllib3/urllib3/issues/3636\u0026gt;\u003c/code\u003e__)\u003c/li\u003e\n\u003cli\u003eFixed a bug where \u003ccode\u003eHTTPResponse.read()\u003c/code\u003e could cache only part of the\nresponse after a partial read when \u003ccode\u003ecache_content=True\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/9a950b92d999f906b6020bb2d1076ee56cddd5d2\"\u003e\u003ccode\u003e9a950b9\u003c/code\u003e\u003c/a\u003e Release 2.7.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/5ec0de499b9166ca71c65ab04f2a7e4eb0d66fcc\"\u003e\u003ccode\u003e5ec0de4\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2bdcc44d1e163fb5cc48a8662425e35e15adfe6a\"\u003e\u003ccode\u003e2bdcc44\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/f45b0df09d8620ac6ed0491eb9362c8c87b7bc2c\"\u003e\u003ccode\u003ef45b0df\u003c/code\u003e\u003c/a\u003e Fix a misleading example for \u003ccode\u003eProxyManager\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4970\"\u003e#4970\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/577193ca029872384f82c133449e0935f6d8a64b\"\u003e\u003ccode\u003e577193c\u003c/code\u003e\u003c/a\u003e Switch to nightly PyPy3.11 in CI for now (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4984\"\u003e#4984\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/e90af45bb006c3a452a3a21644a2681523f5c7fc\"\u003e\u003ccode\u003ee90af45\u003c/code\u003e\u003c/a\u003e Avoid infinite loop in \u003ccode\u003eHTTPResponse.read_chunked\u003c/code\u003e when \u003ccode\u003eamt=0\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4974\"\u003e#4974\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/67ed74fdaec6659a6534621ec8e3aaaa6f976210\"\u003e\u003ccode\u003e67ed74f\u003c/code\u003e\u003c/a\u003e Bump dev dependencies (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4972\"\u003e#4972\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/3abd481097b54d87b574ac7ea593c3f40938a84d\"\u003e\u003ccode\u003e3abd481\u003c/code\u003e\u003c/a\u003e Upgrade mypy to version 1.20.2 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4978\"\u003e#4978\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2b8725dfcac4f21d4d93cc0cc3a64a33af08f890\"\u003e\u003ccode\u003e2b8725d\u003c/code\u003e\u003c/a\u003e Drop support for EOL PyPy3.10 (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4979\"\u003e#4979\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/urllib3/urllib3/commit/2944b2a0a6c573f5548a39cfd17196f98ee21b33\"\u003e\u003ccode\u003e2944b2a\u003c/code\u003e\u003c/a\u003e Upgrade \u003ccode\u003esetup-chrome\u003c/code\u003e and \u003ccode\u003esetup-firefox\u003c/code\u003e to fix warnings (\u003ca href=\"https://redirect.github.com/urllib3/urllib3/issues/4973\"\u003e#4973\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/urllib3/urllib3/compare/1.24.3...2.7.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `opencv-contrib-python` from 4.5.5.64 to 4.8.1.78\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/opencv/opencv-python/releases\"\u003eopencv-contrib-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.8.1.78\u003c/h2\u003e\n\u003cp\u003eOpenCV 4.8.1 release.\u003c/p\u003e\n\u003cp\u003eImportant changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eWebP security update for \u003ca href=\"https://nvd.nist.gov/vuln/detail/CVE-2023-4863\"\u003eCVE-2023-4863\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.8.0.76\u003c/h2\u003e\n\u003cp\u003eAdds cv2.typing to package. Close \u003ca href=\"https://redirect.github.com/opencv/opencv-python/issues/869\"\u003e#869\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.8.0.74\u003c/h2\u003e\n\u003cp\u003eImportant changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/20370\"\u003e#20370\u003c/a\u003e Python typing stubs.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23350\"\u003e#23350\u003c/a\u003e Fix reference counting errors in registerNewType.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23399\"\u003e#23399\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23436\"\u003e#23436\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23138\"\u003e#23138\u003c/a\u003e Fixed ChAruco and diamond boards detector bindings.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23371\"\u003e#23371\u003c/a\u003e Added bindings to allow GpuMat and Stream objects to be initialized from memory initialized in other libraries\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/opencv/opencv/pull/23691\"\u003e#23691\u003c/a\u003e np.float16 support.\u003c/li\u003e\n\u003cli\u003ePython bindings for RotatedRect, CV_MAKETYPE, CV_8UC(n).\u003c/li\u003e\n\u003cli\u003eSeveral build fixes for OpenCV-Python package\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0.72\u003c/h2\u003e\n\u003cp\u003eOpenCV 4.7.0 with various distribution bug fixes.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMac OS 11 support.\u003c/li\u003e\n\u003cli\u003eOld Linux support with zlib version older than 1.9.\u003c/li\u003e\n\u003cli\u003ePackage build fixes for Python 11 on Musl C based system (Alpine).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0.70\u003c/h2\u003e\n\u003cp\u003eOpenCV 4.7.0 with various distribution bug fixes.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMac OS 11 support.\u003c/li\u003e\n\u003cli\u003eOld Linux support with zlib version older than 1.9.\u003c/li\u003e\n\u003cli\u003ePackage build fixes for Python 11 on Musl C based system (Alpine).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.7.0.68\u003c/h2\u003e\n\u003cp\u003eopencv-python: \u003ca href=\"https://pypi.org/project/opencv-python/\"\u003ehttps://pypi.org/project/opencv-python/\u003c/a\u003e\nopencv-contrib-python: \u003ca href=\"https://pypi.org/project/opencv-contrib-python/\"\u003ehttps://pypi.org/project/opencv-contrib-python/\u003c/a\u003e\nopencv-python-headless: \u003ca href=\"https://pypi.org/project/opencv-python-headless/\"\u003ehttps://pypi.org/project/opencv-python-headless/\u003c/a\u003e\nopencv-contrib-python-headless: \u003ca href=\"https://pypi.org/project/opencv-contrib-python-headless/\"\u003ehttps://pypi.org/project/opencv-contrib-python-headless/\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/opencv/opencv/releases/tag/4.7.0\"\u003eOpenCV 4.7.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eChanges:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated third-party libraries to fix potential vulnerabilities.\u003c/li\u003e\n\u003cli\u003eDropped Python 3.6 support.\u003c/li\u003e\n\u003cli\u003eAdded Python 3.11 support.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.6.0.66\u003c/h2\u003e\n\u003cp\u003eopencv-python: \u003ca href=\"https://pypi.org/project/opencv-python/\"\u003ehttps://pypi.org/project/opencv-python/\u003c/a\u003e\nopencv-contrib-python: \u003ca href=\"https://pypi.org/project/opencv-contrib-python/\"\u003ehttps://pypi.org/project/opencv-contrib-python/\u003c/a\u003e\nopencv-python-headless: \u003ca href=\"https://pypi.org/project/opencv-python-headless/\"\u003ehttps://pypi.org/project/opencv-python-headless/\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/opencv/opencv-python/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `fonttools` from 4.33.3 to 4.60.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fonttools/fonttools/releases\"\u003efonttools's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.60.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBackport release\u003c/strong\u003e Same as 4.61.0 but without \u0026quot;Drop support for EOL Python 3.9\u0026quot; change to allow downstream projects still on Python 3.9 to avail of the security fix for CVE-2025-66034 (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3994\"\u003e#3994\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3999\"\u003e#3999\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[ufoLib] Reverted accidental method name change in \u003ccode\u003eUFOReader.getKerningGroupConversionRenameMaps\u003c/code\u003e\nthat broke compatibility with downstream projects like defcon (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3948\"\u003e#3948\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3947\"\u003e#3947\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/robotools/defcon/issues/478\"\u003erobotools/defcon#478\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[ufoLib] Added test coverage for \u003ccode\u003egetKerningGroupConversionRenameMaps\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3950\"\u003e#3950\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Don't try to subset BASE table; pass it through by default instead (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3949\"\u003e#3949\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Remove empty BaseRecord entries in MarkBasePos lookups (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3897\"\u003e#3897\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3892\"\u003e#3892\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Add pruning for MarkLigPos and MarkMarkPos lookups (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3946\"\u003e#3946\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Remove duplicate features when subsetting (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3945\"\u003e#3945\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[Docs] Added documentation for the visitor module (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3944\"\u003e#3944\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e[pointPen] Allow \u003ccode\u003ereverseFlipped\u003c/code\u003e parameter of \u003ccode\u003eDecomposingPointPen\u003c/code\u003e to take a \u003ccode\u003eReverseFlipped\u003c/code\u003e enum value to control whether/how to reverse contour direction of flipped components, in addition to the existing True/False. This allows to set \u003ccode\u003eReverseFlipped.ON_CURVE_FIRST\u003c/code\u003e to ensure that the decomposed outline starts with an on-curve point before being reversed, for better consistency with other segment-oriented contour transformations. The change is backward compatible, and the default behavior hasn't changed (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3934\"\u003e#3934\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[filterPen] Added \u003ccode\u003eContourFilterPointPen\u003c/code\u003e, base pen for buffered contour operations, and \u003ccode\u003eOnCurveStartPointPen\u003c/code\u003e filter to ensure contours start with an on-curve point (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3934\"\u003e#3934\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[cu2qu] Fixed difference in cython vs pure-python complex division by real number (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3930\"\u003e#3930\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[varLib.avar] Refactored and added some new sub-modules and scripts (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3926\"\u003e#3926\u003c/a\u003e).\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003evarLib.avar.build\u003c/code\u003e module to build avar (and a missing fvar) binaries into a possibly empty TTFont,\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003evarLib.avar.unbuild\u003c/code\u003e module to print a .designspace snippet that would generate the same avar binary,\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003evarLib.avar.map\u003c/code\u003e module to take TTFont and do the mapping, in user/normalized space,\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003evarLib.avar.plan\u003c/code\u003e module moved from \u003ccode\u003evarLib.avarPlanner\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThe bare \u003ccode\u003efonttools varLib.avar\u003c/code\u003e script is deprecated, in favour of \u003ccode\u003efonttools varLib.avar.build\u003c/code\u003e (or \u003ccode\u003eunbuild\u003c/code\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[interpolatable] Clarify \u003ccode\u003elinear_sum_assignment\u003c/code\u003e backend options and minimal dependency usage (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3927\"\u003e#3927\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[post] Speed up \u003ccode\u003ebuild_psNameMapping\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3923\"\u003e#3923\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e[ufoLib] Added typing annotations to fontTools.ufoLib (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3875\"\u003e#3875\u003c/a\u003e).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.59.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[varLib] Clear \u003ccode\u003eUSE_MY_METRICS\u003c/code\u003e component flags when inconsistent across masters (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3912\"\u003e#3912\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[varLib.instancer] Avoid negative advance width/height values when instatiating HVAR/VVAR, (unlikely in well-behaved fonts) (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3918\"\u003e#3918\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Fix shaping behaviour when pruning empty mark sets (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3915\"\u003e#3915\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/harfbuzz/harfbuzz/issues/5499\"\u003eharfbuzz/harfbuzz#5499\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[cu2qu] Fixed \u003ccode\u003edot()\u003c/code\u003e product of perpendicular vectors not always returning exactly 0.0 in all Python implementations (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3911\"\u003e#3911\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[varLib.instancer] Implemented fully-instantiating \u003ccode\u003eavar2\u003c/code\u003e fonts (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3909\"\u003e#3909\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[feaLib] Allow float values in \u003ccode\u003eVariableScalar\u003c/code\u003e's axis locations (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3906\"\u003e#3906\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3907\"\u003e#3907\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[cu2qu] Handle special case in \u003ccode\u003ecalc_intersect\u003c/code\u003e for degenerate cubic curves where 3 to 4 control points are equal (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3904\"\u003e#3904\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.59.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[featureVars] Update OS/2.usMaxContext if possible after addFeatureVariationsRaw (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3894\"\u003e#3894\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[vhmtx] raise TTLibError('not enough data...') when hmtx/vmtx are truncated (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3843\"\u003e#3843\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3901\"\u003e#3901\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[feaLib] Combine duplicate features that have the same set of lookups regardless of the order in which those lookups are added to the feature (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3895\"\u003e#3895\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[varLib] Deprecate \u003ccode\u003evarLib.mutator\u003c/code\u003e in favor of \u003ccode\u003evarLib.instancer\u003c/code\u003e. The latter provides equivalent full (static font) instancing in addition to partial VF instancing.\u003cbr /\u003e\nCLI users should replace \u003ccode\u003efonttools varLib.mutator\u003c/code\u003e with \u003ccode\u003efonttools varLib.instancer\u003c/code\u003e. API users should migrate to \u003ccode\u003efontTools.varLib.instancer.instantiateVariableFont\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/2680\"\u003e#2680\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.59.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved hard-dependency on pyfilesystem2 (\u003ccode\u003efs\u003c/code\u003e package) from \u003ccode\u003efonttools[ufo]\u003c/code\u003e extra. This is replaced by the \u003ccode\u003efontTools.misc.filesystem\u003c/code\u003e package, a stdlib-only, drop-in replacement for the subset of the pyfilesystem2's API used by \u003ccode\u003efontTools.ufoLib\u003c/code\u003e. The latter should continue to work with the upstream \u003ccode\u003efs\u003c/code\u003e (we even test with/without). However, clients who wish to continue using \u003ccode\u003efs\u003c/code\u003e can do so by depending on it directly instead of via the \u003ccode\u003efonttools[ufo]\u003c/code\u003e extra (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3885\"\u003e#3885\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3620\"\u003e#3620\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[xmlWriter] Replace illegal XML characters (e.g. control or non-characters) with \u0026quot;?\u0026quot; when dumping to ttx (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3868\"\u003e#3868\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/71\"\u003e#71\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[varLib.hvar] Fixed vertical metrics fields copy/pasta error (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3884\"\u003e#3884\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eMicro optimizations in ttLib and sstruct modules (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3878\"\u003e#3878\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3879\"\u003e#3879\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[unicodedata] Add Garay script to RTL_SCRIPTS (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3882\"\u003e#3882\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/fonttools/fonttools/blob/main/NEWS.rst\"\u003efonttools's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.60.2 (released 2025-12-09)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eBackport release\u003c/strong\u003e Same as 4.61.0 but without \u0026quot;Drop support for EOL Python 3.9\u0026quot; change to allow\ndownstream projects still on Python 3.9 to avail of the security fix for CVE-2025-66034 (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3994\"\u003e#3994\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3999\"\u003e#3999\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.61.0 (released 2025-11-28)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[varLib.main]: \u003cstrong\u003eSECURITY\u003c/strong\u003e Only use basename(vf.filename) to prevent path traversal attacks when\nrunning \u003ccode\u003efonttools varLib\u003c/code\u003e command, or code which invokes \u003ccode\u003efonttools.varLib.main()\u003c/code\u003e.\nFixes CVE-2025-66034, see:\n\u003ca href=\"https://github.com/fonttools/fonttools/security/advisories/GHSA-768j-98cg-p3fv\"\u003ehttps://github.com/fonttools/fonttools/security/advisories/GHSA-768j-98cg-p3fv\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003e[feaLib] Sort BaseLangSysRecords by tag (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3986\"\u003e#3986\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003eDrop support for EOL Python 3.9 (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3982\"\u003e#3982\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[instancer] Support --remove-overlaps for fonts with CFF2 table (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3975\"\u003e#3975\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[CFF2ToCFF] Add --remove-overlaps option (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3976\"\u003e#3976\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[feaLib] Raise an error for rsub with NULL target (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3979\"\u003e#3979\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[bezierTools] Fix logic bug in curveCurveIntersections (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3963\"\u003e#3963\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[feaLib] Error when condition sets have the same name (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3958\"\u003e#3958\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[cu2qu.ufo] skip processing empty glyphs to support sparse kerning masters (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3956\"\u003e#3956\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[unicodedata] Update to Unicode 17. Require \u003ccode\u003eunicodedata2 \u0026gt;= 17.0.0\u003c/code\u003e when installed with 'unicode' extra.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.1 (released 2025-09-29)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[ufoLib] Reverted accidental method name change in \u003ccode\u003eUFOReader.getKerningGroupConversionRenameMaps\u003c/code\u003e\nthat broke compatibility with downstream projects like defcon (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3948\"\u003e#3948\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3947\"\u003e#3947\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/robotools/defcon/issues/478\"\u003erobotools/defcon#478\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[ufoLib] Added test coverage for \u003ccode\u003egetKerningGroupConversionRenameMaps\u003c/code\u003e method (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3950\"\u003e#3950\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Don't try to subset BASE table; pass it through by default instead (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3949\"\u003e#3949\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Remove empty BaseRecord entries in MarkBasePos lookups (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3897\"\u003e#3897\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3892\"\u003e#3892\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Add pruning for MarkLigPos and MarkMarkPos lookups (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3946\"\u003e#3946\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[subset] Remove duplicate features when subsetting (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3945\"\u003e#3945\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[Docs] Added documentation for the visitor module (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3944\"\u003e#3944\u003c/a\u003e).\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.60.0 (released 2025-09-17)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[pointPen] Allow \u003ccode\u003ereverseFlipped\u003c/code\u003e parameter of \u003ccode\u003eDecomposingPointPen\u003c/code\u003e to take a \u003ccode\u003eReverseFlipped\u003c/code\u003e\nenum value to control whether/how to reverse contour direction of flipped components, in addition to\nthe existing True/False. This allows to set \u003ccode\u003eReverseFlipped.ON_CURVE_FIRST\u003c/code\u003e to ensure that\nthe decomposed outline starts with an on-curve point before being reversed, for better consistency\nwith other segment-oriented contour transformations. The change is backward compatible, and the\ndefault behavior hasn't changed (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3934\"\u003e#3934\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[filterPen] Added \u003ccode\u003eContourFilterPointPen\u003c/code\u003e, base pen for buffered contour operations, and\n\u003ccode\u003eOnCurveStartPointPen\u003c/code\u003e filter to ensure contours start with an on-curve point (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3934\"\u003e#3934\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[cu2qu] Fixed difference in cython vs pure-python complex division by real number (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3930\"\u003e#3930\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e[varLib.avar] Refactored and added some new sub-modules and scripts (\u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3926\"\u003e#3926\u003c/a\u003e).\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003evarLib.avar.build\u003c/code\u003e module to build avar (and a missing fvar) binaries into a possibly empty TTFont,\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003evarLib.avar.unbuild\u003c/code\u003e module to print a .designspace snippet that would generate the same avar binary,\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/78ba5e8bb4ccf65ef8077d81bc48450ccacf1728\"\u003e\u003ccode\u003e78ba5e8\u003c/code\u003e\u003c/a\u003e Release 4.60.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/c3f9979dbf278baf82beba675dda40c94f78c48e\"\u003e\u003ccode\u003ec3f9979\u003c/code\u003e\u003c/a\u003e macos-13 runner is no more, use macos-15-intel\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/8016403e0ad4b7de00c0b48d30afa4de9d7a29e4\"\u003e\u003ccode\u003e8016403\u003c/code\u003e\u003c/a\u003e Revert \u0026quot;Merge pull request \u003ca href=\"https://redirect.github.com/fonttools/fonttools/issues/3982\"\u003e#3982\u003c/a\u003e from fonttools/drop-py39\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/e691e3bef9fc4e8096e4023ccacbc327d2569905\"\u003e\u003ccode\u003ee691e3b\u003c/code\u003e\u003c/a\u003e Release 4.61.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/c2d540f4ada946ea1ef97f898e0daa9601bc1019\"\u003e\u003ccode\u003ec2d540f\u003c/code\u003e\u003c/a\u003e Update NEWS.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/3859753a0511efc568d4d71c4933219c11b6207b\"\u003e\u003ccode\u003e3859753\u003c/code\u003e\u003c/a\u003e Update NEWS.rst\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/26eb070a55c731d9828dddf5cb022e0d79e9af45\"\u003e\u003ccode\u003e26eb070\u003c/code\u003e\u003c/a\u003e black\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/5ff73af3265e0b5207c3a2870c9f0ccc8ee19d0f\"\u003e\u003ccode\u003e5ff73af\u003c/code\u003e\u003c/a\u003e Merge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/a696d5ba93270d5954f98e7cab5ddca8a02c1e32\"\u003e\u003ccode\u003ea696d5b\u003c/code\u003e\u003c/a\u003e varLib: only use the basename(vf.filename)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/fonttools/fonttools/commit/b00bc459efac4d9d52a1eafa2cdd2c7ff503ced7\"\u003e\u003ccode\u003eb00bc45\u003c/code\u003e\u003c/a\u003e varLib_test: test path traversal in variable-font filename\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/fonttools/fonttools/compare/4.33.3...4.60.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pillow` from 9.1.0 to 12.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/releases\"\u003epillow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e12.2.0\u003c/h2\u003e\n\u003cp\u003e\u003ca href=\"https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html\"\u003ehttps://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDocumentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate 12.2.0 release notes \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9522\"\u003e#9522\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd loader plugins: AMOS abk, Atari Degas, 40+ more obscure formats via Netpbm \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9482\"\u003e#9482\u003c/a\u003e [\u003ca href=\"https://github.com/bitplane\"\u003e\u003ccode\u003e@​bitplane\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate Python versions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9515\"\u003e#9515\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eJeffrey A. Clark -\u0026gt; Jeffrey 'Alex' Clark \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9513\"\u003e#9513\u003c/a\u003e [\u003ca href=\"https://github.com/aclark4life\"\u003e\u003ccode\u003e@​aclark4life\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd release notes for \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9394\"\u003e#9394\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9419\"\u003e#9419\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9456\"\u003e#9456\u003c/a\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9467\"\u003e#9467\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd Amiga Workbench .info loader to 3rd party plugins list \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9459\"\u003e#9459\u003c/a\u003e [\u003ca href=\"https://github.com/bitplane\"\u003e\u003ccode\u003e@​bitplane\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eMerge PFM documentation into PPM \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9434\"\u003e#9434\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate macOS tested Pillow versions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9431\"\u003e#9431\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eFix CVE number \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9430\"\u003e#9430\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDependencies\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate xz to 5.8.3 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9523\"\u003e#9523\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate libjpeg-turbo to 3.1.4.1 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9507\"\u003e#9507\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate libpng to 1.6.56 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9499\"\u003e#9499\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate freetype to 2.14.3 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9485\"\u003e#9485\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdated libavif to 1.4.1 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9479\"\u003e#9479\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdated harfbuzz to 13.2.1 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9461\"\u003e#9461\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate Ghostscript to 10.7.0 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9469\"\u003e#9469\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate harfbuzz to 13.0.1 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9453\"\u003e#9453\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate libavif to 1.4.0 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9460\"\u003e#9460\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate freetype to 2.14.2 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9449\"\u003e#9449\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate actions/download-artifact action to v8 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9451\"\u003e#9451\u003c/a\u003e [@\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdated libpng to 1.6.55 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9425\"\u003e#9425\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eTesting\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCleanup .spider extension in the same test where it is added \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9517\"\u003e#9517\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eRun tests in parallel via tox for 3.5x speedup \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9516\"\u003e#9516\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eEnable colour in CI logs \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9486\"\u003e#9486\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate Ghostscript to 10.7.0 \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9469\"\u003e#9469\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eSimplify TGA test code \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9477\"\u003e#9477\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate tests to check for ValueError when encoding an empty image \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9464\"\u003e#9464\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpgrade CI from \u003ccode\u003emacos-15-intel\u003c/code\u003e to \u003ccode\u003emacos-26-intel\u003c/code\u003e \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9454\"\u003e#9454\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eAdd check-case-conflict hook \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9446\"\u003e#9446\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eSpecify platform when pulling docker image \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9440\"\u003e#9440\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eGHA: Cache libavif and webp builds for Ubuntu \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9437\"\u003e#9437\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eUpdate macOS tested Pillow versions \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9431\"\u003e#9431\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eOther changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck calloc return value \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9527\"\u003e#9527\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eCheck all allocs in the Arrow tree \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9488\"\u003e#9488\u003c/a\u003e [\u003ca href=\"https://github.com/wiredfool\"\u003e\u003ccode\u003e@​wiredfool\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eReject non-numeric elements inside list coords \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9526\"\u003e#9526\u003c/a\u003e [\u003ca href=\"https://github.com/hugovk\"\u003e\u003ccode\u003e@​hugovk\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003cli\u003eMove variable declaration inside define \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9525\"\u003e#9525\u003c/a\u003e [\u003ca href=\"https://github.com/radarhere\"\u003e\u003ccode\u003e@​radarhere\u003c/code\u003e\u003c/a\u003e]\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst\"\u003epillow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog (Pillow)\u003c/h1\u003e\n\u003ch2\u003e11.1.0 and newer\u003c/h2\u003e\n\u003cp\u003eSee GitHub Releases:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/releases\"\u003ehttps://github.com/python-pillow/Pillow/releases\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e11.0.0 (2024-10-15)\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpdate licence to MIT-CMU \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8460\"\u003e#8460\u003c/a\u003e\n[hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eConditionally define ImageCms type hint to avoid requiring core \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8197\"\u003e#8197\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport writing LONG8 offsets in AppendingTiffWriter \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8417\"\u003e#8417\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse ImageFile.MAXBLOCK when saving TIFF images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8461\"\u003e#8461\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eDo not close provided file handles with libtiff when saving \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8458\"\u003e#8458\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport ImageFilter.BuiltinFilter for I;16* images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8438\"\u003e#8438\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse ImagingCore.ptr instead of ImagingCore.id \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8341\"\u003e#8341\u003c/a\u003e\n[homm, radarhere, hugovk]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpdated EPS mode when opening images without transparency \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8281\"\u003e#8281\u003c/a\u003e\n[Yay295, radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUse transparency when combining P frames from APNGs \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8443\"\u003e#8443\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eSupport all resampling filters when resizing I;16* images \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8422\"\u003e#8422\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFree memory on early return \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8413\"\u003e#8413\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eCast int before potentially exceeding INT_MAX \u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/8402\"\u003e#8402\u003c/a\u003e\n[radarhere]\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/3c41c095064200a02672d89cc5ff629eaf4b0d4f\"\u003e\u003ccode\u003e3c41c09\u003c/code\u003e\u003c/a\u003e 12.2.0 version bump\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/cdaa29eb520291c4f1fb50fb71ae46502d41e460\"\u003e\u003ccode\u003ecdaa29e\u003c/code\u003e\u003c/a\u003e Check calloc return value (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9527\"\u003e#9527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/585b2f5a780722c8a5bfffb3a40f7f42e8a205be\"\u003e\u003ccode\u003e585b2f5\u003c/code\u003e\u003c/a\u003e Check calloc return value\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/ecf011ea15991d4cebacd946e58270cc30b0f2c1\"\u003e\u003ccode\u003eecf011e\u003c/code\u003e\u003c/a\u003e Check all allocs in the Arrow tree (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9488\"\u003e#9488\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/cf6de8ca9b23e714aa5310e1c791eda66fc0b670\"\u003e\u003ccode\u003ecf6de8c\u003c/code\u003e\u003c/a\u003e Reject non-numeric elements inside list coords (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9526\"\u003e#9526\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/ffdcede6516b28d9667c92929854023d17048b64\"\u003e\u003ccode\u003effdcede\u003c/code\u003e\u003c/a\u003e Update 12.2.0 release notes (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9522\"\u003e#9522\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/7929d7760fe5a307ba5ae6eabdf70ae4486b147c\"\u003e\u003ccode\u003e7929d77\u003c/code\u003e\u003c/a\u003e Added security release notes (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/149\"\u003e#149\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/c4f7aa5dfb4dbd1242978ac235e01b9934ec6d3c\"\u003e\u003ccode\u003ec4f7aa5\u003c/code\u003e\u003c/a\u003e Added security release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/22cdb5f2e4b15250c06563b1124ac1667342712f\"\u003e\u003ccode\u003e22cdb5f\u003c/code\u003e\u003c/a\u003e Move variable declaration inside define (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9525\"\u003e#9525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/python-pillow/Pillow/commit/fc15b3b01899408ec989d7804c5283e13802d057\"\u003e\u003ccode\u003efc15b3b\u003c/code\u003e\u003c/a\u003e Resize tall images vertically first (\u003ca href=\"https://redirect.github.com/python-pillow/Pillow/issues/9524\"\u003e#9524\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/python-pillow/Pillow/compare/9.1.0...12.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `protobuf` from 3.20.1 to 5.29.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/protocolbuffers/protobuf/releases\"\u003eprotobuf's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eProtocol Buffers v34.0-rc1\u003c/h2\u003e\n\u003ch1\u003eAnnouncements\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eThis version includes breaking changes to: C++, Objective-C, PHP, Python.\u003c/strong\u003e\u003c/li\u003e\n\u003cli\u003e[Bazel] Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/0a5c2f6b633c1e5259f566cb42d30fe347b8aadb\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Make generator headers private (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/3a2af3510f0d454dbe3e4dc281674b61c4d20b9e\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/3a2af3510f0d454dbe3e4dc281674b61c4d20b9e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Add a debug check that the target of CopyFrom is not a descendant of the source. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/7a7589823d2cfaaf7994b050e98d5d553bc9b1c1\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/7a7589823d2cfaaf7994b050e98d5d553bc9b1c1\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Add [[nodiscard]] to many APIs. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/a70115f33f9af2c4b2202c800b84837e7fe0d738\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/a70115f33f9af2c4b2202c800b84837e7fe0d738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Make the arena-enabled constructors of \u003ccode\u003eRepeatedField\u003c/code\u003e, \u003ccode\u003eRepeatedPtrField\u003c/code\u003e, and \u003ccode\u003eMap\u003c/code\u003e private. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/ef890c3d0c79398c70e047fe5dd893f460ba2336\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/ef890c3d0c79398c70e047fe5dd893f460ba2336\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/b76faa921fdd244f374c7be0bddd4050fc42c292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Removes proto2::util::MessageDifferencer::AddIgnoreCriteria that takes a raw pointer as an argument in favor of the overload that takes a unique_ptr. Remove macro PROTOBUF_FUTURE_REMOVE_ADD_IGNORE_CRITERIA (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/b115358c64127896fed88b8b5ef5d91d86d8cbae\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/b115358c64127896fed88b8b5ef5d91d86d8cbae\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated FieldDescriptor::has_optional_keyword() in OSS. Use is_repeated() or has_presence() instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/68346ec9348e932664e58c3ecdcd1478f95233a8\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/68346ec9348e932664e58c3ecdcd1478f95233a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove AddUnusedImportTrackFile() and ClearUnusedImportTrackFiles(). Remove PROTOBUF_FUTURE_RENAME_ADD_UNUSED_IMPORT (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/837a2cd1d6c75402b2503ffe7cd8aeaf25868536\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/837a2cd1d6c75402b2503ffe7cd8aeaf25868536\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated FieldDescriptor::is_optional() in OSS. Use (!is_required() \u0026amp;\u0026amp; !is_repeated()) instead (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/9dbc5d479a8e453921485d8d3de47fb3c005f1af\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/9dbc5d479a8e453921485d8d3de47fb3c005f1af\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/c301c2ca286327a21c50c0c4cd877afc9c655b00\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[C++] All entity names have length limit (2afb0dc)\u003c/li\u003e\n\u003cli\u003e[ObjC] Remove \u003ccode\u003egenerate_minimal_imports\u003c/code\u003e generation option warning (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/45b1297fdaad5a9436d0e207422168c38dc45ac4\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/45b1297fdaad5a9436d0e207422168c38dc45ac4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[ObjC] Fix nullability annotations on some \u003ccode\u003eGPB*Dictionary\u003c/code\u003e types. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/ea67d6d26a48478a567c404679e3bb99cf230d50\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/ea67d6d26a48478a567c404679e3bb99cf230d50\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[ObjC] Remove \u003ccode\u003e-[GPBFieldDescriptor optional]\u003c/code\u003e (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/3414dc151eb4dcbdb2ca952e2589993bf7af75c4\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/3414dc151eb4dcbdb2ca952e2589993bf7af75c4\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[Other] Remove deprecated flag for enabling MSVC support (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/97c979be6e0907e1051bee62584dac4594e73fa7\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/97c979be6e0907e1051bee62584dac4594e73fa7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP] Remove deprecated PHP APIs (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/9c45014099a4f7004fab6dd1278de2f4f2a393c5\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/9c45014099a4f7004fab6dd1278de2f4f2a393c5\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP] Remove deprecated PHP APIs FieldDescriptor getLabel, use IsRepeated or isRequired instead. (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\u003c/a\u003e, \u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/cd76e675b14d00dda5623b30835d2bc7105fccc6\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/cd76e675b14d00dda5623b30835d2bc7105fccc6\u003c/a\u003e, \u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/42081219920c6fad17ba6ddd1e28d111bcfb3345\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP]  Add PHP typehints for setters and remove redundant GPBUtil checks (\u003ca href=\"https://redirect.github.com/protocolbuffers/protobuf/pull/25296\"\u003eprotocolbuffers/protobuf#25296\u003c/a\u003e) (\u003ca href=\"https://github.com/protocolbuffers/protobuf/commit/aee03b78929c02461a5f9d8e136a2a016359b0cd\"\u003ehttps://github.com/protocolbuffers/protobuf/commit/aee03b78929c02461a5f9d8e136a2a016359b0cd\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[PHP]  support default values for editions/proto2 (\u003ca href=\"https://redirect.github.com/protocolbuffer...\n\n_Description has been truncated_\n\n\u003c!-- This is an auto-generated description by cubic. --\u003e\n---\n## Summary by cubic\nUpgrade key dependencies in `video-classification-and-human-activity-recognition` and `zoom-gestures` to pick up security fixes and modern Python support. Biggest changes: `tensorflow` to 2.12.1 and `opencv-contrib-python` to 4.8.1.78.\n\n- **Dependencies**\n  - `/video-classification-and-human-activity-recognition`: `tensorflow` 2.4.1 → 2.12.1, `opencv-contrib-python` 4.1.2.30 → 4.8.1.78, `urllib3` 1.24.3 → 2.7.0\n  - `/zoom-gestures`: `opencv-contrib-python` 4.5.5.64 → 4.8.1.78, `fonttools` 4.33.3 → 4.60.2, `Pillow` 9.1.0 → 12.2.0, `protobuf` 3.20.1 → 5.29.6\n\n- **Migration**\n  - Use Python 3.10+ (due to `urllib3` 2.7) and not 3.7 (dropped by `tensorflow` 2.12).\n  - Verify `numpy` pin meets `tensorflow` 2.12 requirements; update if needed.\n  - Recreate venv and reinstall deps; test training/inference and gesture pipeline for API changes.\n\n\u003csup\u003eWritten for commit 5a13bace6abf604f79fb1422899a04f8555998b1. Summary will update on new commits.\u003c/sup\u003e\n\n\u003ca href=\"https://cubic.dev/pr/EmilynnJ/learnopencv/pull/1?utm_source=github\" target=\"_blank\" rel=\"noopener noreferrer\" data-no-image-dialog=\"true\"\u003e\u003cpicture\u003e\u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003csource media=\"(prefers-color-scheme: light)\" srcset=\"https://cubic.dev/buttons/review-in-cubic-light.svg\"\u003e\u003cimg alt=\"Review in cubic\" src=\"https://cubic.dev/buttons/review-in-cubic-dark.svg\"\u003e\u003c/picture\u003e\u003c/a\u003e\n\n\u003c!-- End of auto-generated description by cubic. --\u003e\n\n\n\n\u003c!-- Macroscope's pull request summary starts here --\u003e\n\u003c!-- Macroscope will only edit the content between these invisible markers, and the markers themselves will not be visible in the GitHub rendered markdown. --\u003e\n\u003c!-- If you delete either of the start / end markers from your PR's description, Macroscope will append its summary at the bottom of the description. --\u003e\n\u003e [!NOTE]\n\u003e ### Bump pip dependencies in video-classification and zoom-gestures projects\n\u003e - Updates [video-classification requirements](https://github.com/EmilynnJ/learnopencv/pull/1/files#diff-dd98c7a537bd3d9c2b899c36cb5a9ef59f71d552353709b755e3a2846d0ef4c4): `tensorflow` 2.4.1→2.12.1, `opencv-contrib-python` 4.1.2.30→4.8.1.78, `urllib3` 1.24.3→2.7.0\n\u003e - Updates [zoom-gestures requirements](https://github.com/EmilynnJ/learnopencv/pull/1/files#diff-44626a878ca157683a7f70cc3375ca97e388cc8241f1b1911cb85e2b984bd449): `fonttools` 4.33.3→4.60.2, `opencv-contrib-python` 4.5.5.64→4.8.1.78, `Pillow` 9.1.0→12.2.0, `protobuf` 3.20.1→5.29.6\n\u003e - Risk: `tensorflow` and `protobuf` are major version bumps and may introduce breaking API changes\n\u003e\n\u003e \u003c!-- Macroscope's review summary starts here --\u003e\n\u003e\n\u003e \u003csup\u003e\u003ca href=\"https://app.macroscope.com\"\u003eMacroscope\u003c/a\u003e summarized 5a13bac.\u003c/sup\u003e\n\u003e \u003c!-- Macroscope's review summary ends here --\u003e\n\u003e\n\u003c!-- macroscope-ui-refresh --\u003e\n\u003c!-- Macroscope's pull request summary ends here --\u003e","html_url":"https://github.com/EmilynnJ/learnopencv/pull/1","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EmilynnJ%2Flearnopencv/issues/1","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1/packages"}},{"old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","update_type":"minor","path":null,"pr_created_at":"2026-05-25T04:57:10.000Z","version_change":"\u003e=2.0.0 → \u003e=2.20.0","issue":{"uuid":"4514375707","node_id":"PR_kwDOPUoCBs7e6QSD","number":14,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T04:57:10.000Z","updated_at":"2026-05-25T04:57:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Scorbinwen/SODO/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Scorbinwen%2FSODO/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"}},{"old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","update_type":"minor","path":null,"pr_created_at":"2026-05-25T04:56:49.000Z","version_change":"\u003e=2.0.0 → \u003e=2.20.0","issue":{"uuid":"4514374384","node_id":"PR_kwDOO8P66c7e6QAQ","number":25,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T04:56:49.000Z","updated_at":"2026-05-25T04:57:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/DDy0193/ImproveYolo/pull/25","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/DDy0193%2FImproveYolo/issues/25","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/25/packages"}},{"old_version":"\u003c2.21.0,\u003e=2.5","new_version":"\u003e=2.5,\u003c2.22.0","update_type":"patch","path":"/tests","pr_created_at":"2026-05-23T02:34:46.000Z","version_change":"\u003c2.21.0,\u003e=2.5 → \u003e=2.5,\u003c2.22.0","issue":{"uuid":"4506566511","node_id":"PR_kwDOSlaxQ87eis5f","number":22,"state":"open","title":"Update tensorflow requirement from \u003c2.21.0,\u003e=2.5 to \u003e=2.5,\u003c2.22.0 in /tests","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T02:34:46.000Z","updated_at":"2026-05-23T02:34:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c2.21.0,\u003e=2.5","new_version":"\u003e=2.5,\u003c2.22.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":"/tests","ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.21.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a481b10260dfdf833a1b16007eead49c1d7febf3\"\u003e\u003ccode\u003ea481b10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111627\"\u003e#111627\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.21.0-25481\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a8f642e88e001734075133f9576ffd253b9eacc3\"\u003e\u003ccode\u003ea8f642e\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/3c51664da546f2e7741ad27e98f8dd22dbbf86f9\"\u003e\u003ccode\u003e3c51664\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111517\"\u003e#111517\u003c/a\u003e from tejaswin432/r2.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/460d178dda3124806d534ec0fb5e3d0830319628\"\u003e\u003ccode\u003e460d178\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9e2628c11188f4b1f4361ff08e1de198d13cadb1\"\u003e\u003ccode\u003e9e2628c\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/00a1ba7b4fd31bf1c75482bfff620a1cf21c5815\"\u003e\u003ccode\u003e00a1ba7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111234\"\u003e#111234\u003c/a\u003e from psamanoelton/remove_tb_nigthly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/41beecf3ee272e928c59e53edfcd5d8b40bf7f2b\"\u003e\u003ccode\u003e41beecf\u003c/code\u003e\u003c/a\u003e Remove tb-nigthly and replace it with protobuf.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/01dec748b0d0daa3eb60a386b857519644fe15e2\"\u003e\u003ccode\u003e01dec74\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111216\"\u003e#111216\u003c/a\u003e from psamanoelton/remove_tb_dependency_partial_rol...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9657881d9689a4c06d334645932abff9d3481698\"\u003e\u003ccode\u003e9657881\u003c/code\u003e\u003c/a\u003e Partial rollback to resolve breakage.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/78d130aec00f8b4dbee85d3757ce32032ec7cbdd\"\u003e\u003ccode\u003e78d130a\u003c/code\u003e\u003c/a\u003e Remove TensorBoard dependency from TensorFlow build\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.5.0...v2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/nludd25/openvino/pull/22","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/nludd25%2Fopenvino/issues/22","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/22/packages"}},{"old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","update_type":null,"path":null,"pr_created_at":"2026-05-23T01:50:51.000Z","version_change":"\u003c=2.19.0,\u003e=2.0.0 → \u003e=2.0.0,\u003c=2.20.0","issue":{"uuid":"4506458677","node_id":"PR_kwDOSlZemc7eiXvW","number":6,"state":"open","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T01:50:51.000Z","updated_at":"2026-05-23T01:50:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"\u003e [!WARNING]\n\u003e Dependabot will stop supporting `python v3.9`!\n\u003e \n\u003e Please upgrade to one of the following versions: `v3.9`, `v3.10`, `v3.11`, `v3.12`, `v3.13`, or `v3.14`.\n\u003e\n\nUpdates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/farhan-hafizh/yolov26-mod/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/farhan-hafizh%2Fyolov26-mod/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","update_type":"minor","path":null,"pr_created_at":"2026-05-20T06:04:57.000Z","version_change":"\u003e=2.0.0 → \u003e=2.20.0","issue":{"uuid":"4483636341","node_id":"PR_kwDOSikqRs7dYcFg","number":6,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T06:04:57.000Z","updated_at":"2026-05-20T06:04:58.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/xuxuhanhanzi/Edge-symbol-obb/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/xuxuhanhanzi%2FEdge-symbol-obb/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","update_type":null,"path":null,"pr_created_at":"2026-05-19T03:17:18.000Z","version_change":"\u003c=2.19.0,\u003e=2.0.0 → \u003e=2.0.0,\u003c=2.20.0","issue":{"uuid":"4474126173","node_id":"PR_kwDOShe6sM7c5vyg","number":7,"state":"open","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-19T03:17:18.000Z","updated_at":"2026-05-19T03:17:18.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/zhangyinuo0430/Helmet/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/zhangyinuo0430%2FHelmet/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"}},{"old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","update_type":null,"path":null,"pr_created_at":"2026-05-17T10:38:39.000Z","version_change":"\u003c=2.19.0,\u003e=2.0.0 → \u003e=2.0.0,\u003c=2.20.0","issue":{"uuid":"4463193550","node_id":"PR_kwDOSf4owM7cXFK1","number":4,"state":"open","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-17T10:38:39.000Z","updated_at":"2026-05-17T10:38:40.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/myp-super/Boat_YOLO/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/myp-super%2FBoat_YOLO/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","update_type":null,"path":null,"pr_created_at":"2026-05-16T07:47:07.000Z","version_change":"\u003c=2.19.0,\u003e=2.0.0 → \u003e=2.0.0,\u003c=2.20.0","issue":{"uuid":"4459158364","node_id":"PR_kwDOSfBqOs7cLQio","number":7,"state":"open","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-16T07:47:07.000Z","updated_at":"2026-05-16T07:47:07.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/CyanLimerence/ultralytics-main/pull/7","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyanLimerence%2Fultralytics-main/issues/7","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7/packages"}},{"old_version":"\u003e=2.0.0","new_version":"\u003e=2.21.0","update_type":"minor","path":null,"pr_created_at":"2026-05-16T04:04:26.000Z","version_change":"\u003e=2.0.0 → \u003e=2.21.0","issue":{"uuid":"4458451033","node_id":"PR_kwDOSYtL2s7cJGTL","number":17,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.21.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-16T04:04:26.000Z","updated_at":"2026-05-16T04:04:26.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.21.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.21.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a481b10260dfdf833a1b16007eead49c1d7febf3\"\u003e\u003ccode\u003ea481b10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111627\"\u003e#111627\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.21.0-25481\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a8f642e88e001734075133f9576ffd253b9eacc3\"\u003e\u003ccode\u003ea8f642e\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/3c51664da546f2e7741ad27e98f8dd22dbbf86f9\"\u003e\u003ccode\u003e3c51664\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111517\"\u003e#111517\u003c/a\u003e from tejaswin432/r2.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/460d178dda3124806d534ec0fb5e3d0830319628\"\u003e\u003ccode\u003e460d178\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9e2628c11188f4b1f4361ff08e1de198d13cadb1\"\u003e\u003ccode\u003e9e2628c\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/00a1ba7b4fd31bf1c75482bfff620a1cf21c5815\"\u003e\u003ccode\u003e00a1ba7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111234\"\u003e#111234\u003c/a\u003e from psamanoelton/remove_tb_nigthly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/41beecf3ee272e928c59e53edfcd5d8b40bf7f2b\"\u003e\u003ccode\u003e41beecf\u003c/code\u003e\u003c/a\u003e Remove tb-nigthly and replace it with protobuf.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/01dec748b0d0daa3eb60a386b857519644fe15e2\"\u003e\u003ccode\u003e01dec74\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111216\"\u003e#111216\u003c/a\u003e from psamanoelton/remove_tb_dependency_partial_rol...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9657881d9689a4c06d334645932abff9d3481698\"\u003e\u003ccode\u003e9657881\u003c/code\u003e\u003c/a\u003e Partial rollback to resolve breakage.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/78d130aec00f8b4dbee85d3757ce32032ec7cbdd\"\u003e\u003ccode\u003e78d130a\u003c/code\u003e\u003c/a\u003e Remove TensorBoard dependency from TensorFlow build\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/MuhRaflyArj/ultralytics-fhd/pull/17","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/MuhRaflyArj%2Fultralytics-fhd/issues/17","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/17/packages"}},{"old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","update_type":null,"path":null,"pr_created_at":"2026-05-15T00:37:29.000Z","version_change":"\u003c=2.19.0,\u003e=2.0.0 → \u003e=2.0.0,\u003c=2.20.0","issue":{"uuid":"4450327130","node_id":"PR_kwDOSd4TzM7bvDvA","number":4,"state":"open","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-15T00:37:29.000Z","updated_at":"2026-05-15T00:37:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/3313679467mm-hue/ultralytics/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/3313679467mm-hue%2Fultralytics/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","update_type":"minor","path":null,"pr_created_at":"2026-05-11T00:30:38.000Z","version_change":"\u003e=2.0.0 → \u003e=2.20.0","issue":{"uuid":"4417288619","node_id":"PR_kwDOSZeo7M7aEcA7","number":11,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T00:30:38.000Z","updated_at":"2026-05-11T00:30:39.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/nixiankaide1/yolov11-pose-recognition/pull/11","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/nixiankaide1%2Fyolov11-pose-recognition/issues/11","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/11/packages"}},{"old_version":"2.15.0","new_version":"2.21.0","update_type":"minor","path":null,"pr_created_at":"2026-05-03T00:28:16.000Z","version_change":"2.15.0 → 2.21.0","issue":{"uuid":"4370446770","node_id":"PR_kwDOCFMVp87XtaLt","number":412,"state":"closed","title":"chore(deps): Bump the ml group across 1 directory with 3 updates","user":"dependabot[bot]","labels":["dependencies","python"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-03T05:38:45.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-03T00:28:16.000Z","updated_at":"2026-05-03T05:38:46.000Z","time_to_close":18629,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","group_name":"ml","update_count":3,"packages":[{"name":"tensorflow","old_version":"2.15.0","new_version":"2.21.0","repository_url":"https://github.com/tensorflow/tensorflow"},{"name":"torch","old_version":"2.8.0","new_version":"2.11.0","repository_url":"https://github.com/pytorch/pytorch"},{"name":"torchvision","old_version":"0.17.1","new_version":"0.26.0","repository_url":"https://github.com/pytorch/vision"}],"path":null,"ecosystem":"pip"},"body":"Bumps the ml group with 3 updates in the /tests directory: [tensorflow](https://github.com/tensorflow/tensorflow), [torch](https://github.com/pytorch/pytorch) and [torchvision](https://github.com/pytorch/vision).\n\nUpdates `tensorflow` from 2.15.0 to 2.21.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.21.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003ch2\u003eTensorFlow 2.21.0-rc1\u003c/h2\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a481b10260dfdf833a1b16007eead49c1d7febf3\"\u003e\u003ccode\u003ea481b10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111627\"\u003e#111627\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.21.0-25481\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a8f642e88e001734075133f9576ffd253b9eacc3\"\u003e\u003ccode\u003ea8f642e\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/3c51664da546f2e7741ad27e98f8dd22dbbf86f9\"\u003e\u003ccode\u003e3c51664\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111517\"\u003e#111517\u003c/a\u003e from tejaswin432/r2.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/460d178dda3124806d534ec0fb5e3d0830319628\"\u003e\u003ccode\u003e460d178\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9e2628c11188f4b1f4361ff08e1de198d13cadb1\"\u003e\u003ccode\u003e9e2628c\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/00a1ba7b4fd31bf1c75482bfff620a1cf21c5815\"\u003e\u003ccode\u003e00a1ba7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111234\"\u003e#111234\u003c/a\u003e from psamanoelton/remove_tb_nigthly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/41beecf3ee272e928c59e53edfcd5d8b40bf7f2b\"\u003e\u003ccode\u003e41beecf\u003c/code\u003e\u003c/a\u003e Remove tb-nigthly and replace it with protobuf.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/01dec748b0d0daa3eb60a386b857519644fe15e2\"\u003e\u003ccode\u003e01dec74\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111216\"\u003e#111216\u003c/a\u003e from psamanoelton/remove_tb_dependency_partial_rol...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9657881d9689a4c06d334645932abff9d3481698\"\u003e\u003ccode\u003e9657881\u003c/code\u003e\u003c/a\u003e Partial rollback to resolve breakage.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/78d130aec00f8b4dbee85d3757ce32032ec7cbdd\"\u003e\u003ccode\u003e78d130a\u003c/code\u003e\u003c/a\u003e Remove TensorBoard dependency from TensorFlow build\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.15.0...v2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `torch` from 2.8.0 to 2.11.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytorch/pytorch/releases\"\u003etorch's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003ePyTorch 2.11.0 Release Notes\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#highlights\"\u003eHighlights\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#backwards-incompatible-changes\"\u003eBackwards Incompatible Changes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#deprecations\"\u003eDeprecations\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#new-features\"\u003eNew Features\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#improvements\"\u003eImprovements\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#bug-fixes\"\u003eBug fixes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#performance\"\u003ePerformance\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#documentation\"\u003eDocumentation\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#developers\"\u003eDevelopers\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/blob/HEAD/#security\"\u003eSecurity\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eHighlights\u003c/h1\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003eFor more details about these highlighted features, you can look at the \u003ca href=\"https://pytorch.org/blog/pytorch-2-11-release-blog/\"\u003erelease blogpost\u003c/a\u003e. Below are the full release notes for this release.\u003c/p\u003e\n\u003ch1\u003eBackwards Incompatible Changes\u003c/h1\u003e\n\u003ch2\u003eRelease Engineering\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/70d99e998b4955e0049d13a98d77ae1b14db1f45\"\u003e\u003ccode\u003e70d99e9\u003c/code\u003e\u003c/a\u003e [release only] Increase timeout for rocm libtorch and manywheel builds (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/178006\"\u003e#178006\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/3e05c5a9ca8aacd0d137541876f8bf4cfca7e940\"\u003e\u003ccode\u003e3e05c5a\u003c/code\u003e\u003c/a\u003e [MPS] Properly handle conjugated tensors in bmm (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/178010\"\u003e#178010\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/db741c72097871e384b22ee6fff1d6083adf23cc\"\u003e\u003ccode\u003edb741c7\u003c/code\u003e\u003c/a\u003e [MPS] fix compiling of SDPA producing nan results (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/178009\"\u003e#178009\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/483b55d84c74b92b3c2c67be4b9b7c7359ec2bbc\"\u003e\u003ccode\u003e483b55d\u003c/code\u003e\u003c/a\u003e Update pytorch_sphinx_theme2 version to 0.4.6 (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/177616\"\u003e#177616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/7f2cdeb75b76bf07bb73776444bbb94456adbfa0\"\u003e\u003ccode\u003e7f2cdeb\u003c/code\u003e\u003c/a\u003e [windows][smoke test] Add an option to install cuda if required cuda/cudnn on...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/76fd07897dd9126df160e9723d97511b79888087\"\u003e\u003ccode\u003e76fd078\u003c/code\u003e\u003c/a\u003e [release-only] Fix libtorch builds. Fix lint (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/177299\"\u003e#177299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/fa384de31efe6548e694758d47ff295f2c2edb57\"\u003e\u003ccode\u003efa384de\u003c/code\u003e\u003c/a\u003e [Inductor][MPS] Fix half-precision type mismatches in Metal shader codegen (#...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/036b25f5a29dc58cbc62e7b976efb860ff128c3f\"\u003e\u003ccode\u003e036b25f\u003c/code\u003e\u003c/a\u003e Let stable::from_blob accept a lambda as deleter (cherry-pick) (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/176440\"\u003e#176440\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/41f8e3e0381395e1669ca4bc6e36a7872d25cdcd\"\u003e\u003ccode\u003e41f8e3e\u003c/code\u003e\u003c/a\u003e [CI] Stop using G3 runners (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/177161\"\u003e#177161\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/pytorch/commit/e2fa2953033020ad7e0f823ec534044fac15a3c7\"\u003e\u003ccode\u003ee2fa295\u003c/code\u003e\u003c/a\u003e [CD] Unpin cuda-bindings dependencies (\u003ca href=\"https://redirect.github.com/pytorch/pytorch/issues/177159\"\u003e#177159\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytorch/pytorch/compare/v2.8.0...v2.11.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `torchvision` from 0.17.1 to 0.26.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pytorch/vision/releases\"\u003etorchvision's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTorchVision 0.26 Release\u003c/h2\u003e\n\u003cp\u003eTorchVision 0.26 is out! It is compatible with torch 2.11. It's a small release that comes with the following changes:\u003c/p\u003e\n\u003ch2\u003eBreaking changes and deprecations\u003c/h2\u003e\n\u003cp\u003eThe \u003cstrong\u003evideo decoding and encoding\u003c/strong\u003e utilities of TorchVision, which have been deprecate for a long time, are now removed. This includes \u003ccode\u003etorchvision.io.video.*\u003c/code\u003e, \u003ccode\u003eread_video\u003c/code\u003e, \u003ccode\u003ewrite_video\u003c/code\u003e, the \u003ccode\u003eVideoReader\u003c/code\u003e class, etc. Users are encouraged to switch to \u003ca href=\"https://github.com/meta-pytorch/torchcodec\"\u003eTorchCodec\u003c/a\u003e, which is faster and more stable.\u003c/p\u003e\n\u003cp\u003eThe rare torchvision utilities that were still relying on video decoding (like the video datasets) have been transparently migrated to TorchCodec.\u003c/p\u003e\n\u003cp\u003eNote: the \u003cstrong\u003eimage\u003c/strong\u003e decoders and encoders are staying in TorchVision.\u003c/p\u003e\n\u003cp\u003e(\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9341\"\u003e#9341\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9421\"\u003e#9421\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9370\"\u003e#9370\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9366\"\u003e#9366\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003eImprovements\u003c/h2\u003e\n\u003cp\u003e[ops] Speed up  masks_to_boxes on CPU and GPU (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9358\"\u003e#9358\u003c/a\u003e)\n[ops] Improve runtime complexity of roi_align on MPS (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9100\"\u003e#9100\u003c/a\u003e)\u003c/p\u003e\n\u003cp\u003eVarious code quality improvements (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/8760\"\u003e#8760\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9364\"\u003e#9364\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9317\"\u003e#9317\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9359\"\u003e#9359\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9334\"\u003e#9334\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9286\"\u003e#9286\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9327\"\u003e#9327\u003c/a\u003e)\nVarious documentation improvements (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9339\"\u003e#9339\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9374\"\u003e#9374\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9323\"\u003e#9323\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9324\"\u003e#9324\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/8879\"\u003e#8879\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9350\"\u003e#9350\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cp\u003e[transforms] Fix edge case conversion from CXCYWH to XYXY for integer bounding boxes in F.convert_bounding_box_format  (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9322\"\u003e#9322\u003c/a\u003e)\n[transforms] Fix tv_tensors.wrap to preserve subclass types for BoundingBoxes and KeyPoints (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9332\"\u003e#9332\u003c/a\u003e)\n[transforms] Fix incorrect normalization axis in v2.ElasticTransform (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9300\"\u003e#9300\u003c/a\u003e)\n[ops] Fix masks_to_boxes for empty masks (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9357\"\u003e#9357\u003c/a\u003e)\n[io] Fix CPU jpeg and png decoder/encoder  error-path leak on malformed inputs  (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9434\"\u003e#9434\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003eContributors\u003c/h2\u003e\n\u003cp\u003e🎉 We're grateful for our community, which helps us improve Torchvision by submitting issues and PRs, and providing feedback and suggestions. The following persons have contributed patches for this release:\u003c/p\u003e\n\u003cp\u003eAdam J. Stewart, Andrey Talman, Jaebeom, MPSFuzz , Murat Raimbekov, Nicolas Hug, ribbon-otter , Roy Hvaara, Salman Chishti, Scott Todd, Zhitao Yu\u003c/p\u003e\n\u003ch2\u003eTorchVision 0.25 Release\u003c/h2\u003e\n\u003cp\u003eTorchVision 0.25 is out! It is compatible with torch 2.10. It's a small release that comes with the following improvements:\u003c/p\u003e\n\u003ch2\u003eEnhancement\u003c/h2\u003e\n\u003cp\u003e[transforms] KeyPoints aren't clamped by default anymore after a transform. This is a bug-fix that comes with a change of behavior. We also added the \u003ccode\u003eSanitizeKeyPoints\u003c/code\u003e transform to remove keypoints outside of the image area (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9236\"\u003e#9236\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9235\"\u003e#9235\u003c/a\u003e)\n[utils] \u003ccode\u003edraw_bounding_boxes\u003c/code\u003e now supports a \u003ccode\u003elabel_background_colors\u003c/code\u003e parameter (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9204\"\u003e#9204\u003c/a\u003e)\n[io] Fixed an issue in the GIF decoder (\u003ccode\u003edecode_gif\u003c/code\u003e, \u003ccode\u003edecode_image\u003c/code\u003e) which affected some (not all) animated GIFs. (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9241\"\u003e#9241\u003c/a\u003e)\n[misc] Various code-quality and docs improvements (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9218\"\u003e#9218\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9270\"\u003e#9270\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9250\"\u003e#9250\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9247\"\u003e#9247\u003c/a\u003e)\u003c/p\u003e\n\u003ch2\u003eContributors\u003c/h2\u003e\n\u003cp\u003e🎉 We're grateful for our community, which helps us improve Torchvision by submitting issues and PRs, and providing feedback and suggestions. The following persons have contributed patches for this release:\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/336d36e8db990a905498c73933e35231876e28bc\"\u003e\u003ccode\u003e336d36e\u003c/code\u003e\u003c/a\u003e [Cherry-pick for 0.26] Fix CPU decode_jpeg error-path leak on malformed JPEGs...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/4fe736f90794280bf7f31a7867463c9bce9cf3d9\"\u003e\u003ccode\u003e4fe736f\u003c/code\u003e\u003c/a\u003e [Cherry-pick for 0.26] Remove rest of video decoder APIs (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9421\"\u003e#9421\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/31d3aa3548bd6bd04c082d37dc8f82b1689e9441\"\u003e\u003ccode\u003e31d3aa3\u003c/code\u003e\u003c/a\u003e [Release 0.26] update test-infra refs and version (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9390\"\u003e#9390\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/186879a420a0779efff50205f7778883a97b42b6\"\u003e\u003ccode\u003e186879a\u003c/code\u003e\u003c/a\u003e [Release 0.26] remove CVCUDA stuff - not yet ready for release (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9389\"\u003e#9389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/b29ac894e25d0b799c0ed00b7620a86dac802d09\"\u003e\u003ccode\u003eb29ac89\u003c/code\u003e\u003c/a\u003e [Release 0.26] remove prototype (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9388\"\u003e#9388\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/0f6d91d9fe514e6de2f5519114cbeb389d498b2d\"\u003e\u003ccode\u003e0f6d91d\u003c/code\u003e\u003c/a\u003e Vectorize masks_to_boxes for performance (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9358\"\u003e#9358\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/326a11d48a97b14b7b65e11afe0f34cd7981efd4\"\u003e\u003ccode\u003e326a11d\u003c/code\u003e\u003c/a\u003e ElasticTransform docs: fix issue#8879 (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9350\"\u003e#9350\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/74d128539ddf17c58a955468abe85e062c293ed9\"\u003e\u003ccode\u003e74d1285\u003c/code\u003e\u003c/a\u003e Fix CXCYWH to XYXY conversion for integer bounding boxes (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9322\"\u003e#9322\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/6940e19087cecb5108370703e207f7a33d9b478d\"\u003e\u003ccode\u003e6940e19\u003c/code\u003e\u003c/a\u003e add warning for CelebA bbox data (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9339\"\u003e#9339\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pytorch/vision/commit/4b0a90c3616a348ee0cc9ce7fb36eb1b0e40ce54\"\u003e\u003ccode\u003e4b0a90c\u003c/code\u003e\u003c/a\u003e Update version to 0.26.0a0 (\u003ca href=\"https://redirect.github.com/pytorch/vision/issues/9376\"\u003e#9376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pytorch/vision/compare/v0.17.1...v0.26.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e","html_url":"https://github.com/kangwonlee/nmisp/pull/412","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/kangwonlee%2Fnmisp/issues/412","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/412/packages"}},{"old_version":"\u003e=2.13.0","new_version":"\u003e=2.21.0","update_type":"minor","path":null,"pr_created_at":"2026-04-28T05:11:02.000Z","version_change":"\u003e=2.13.0 → \u003e=2.21.0","issue":{"uuid":"4340745294","node_id":"PR_kwDORGasNs7WNaCt","number":48,"state":"open","title":"Update tensorflow requirement from \u003e=2.13.0 to \u003e=2.21.0","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-28T05:11:02.000Z","updated_at":"2026-04-28T05:11:02.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.13.0","new_version":"\u003e=2.21.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.21.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a481b10260dfdf833a1b16007eead49c1d7febf3\"\u003e\u003ccode\u003ea481b10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111627\"\u003e#111627\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.21.0-25481\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a8f642e88e001734075133f9576ffd253b9eacc3\"\u003e\u003ccode\u003ea8f642e\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/3c51664da546f2e7741ad27e98f8dd22dbbf86f9\"\u003e\u003ccode\u003e3c51664\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111517\"\u003e#111517\u003c/a\u003e from tejaswin432/r2.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/460d178dda3124806d534ec0fb5e3d0830319628\"\u003e\u003ccode\u003e460d178\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9e2628c11188f4b1f4361ff08e1de198d13cadb1\"\u003e\u003ccode\u003e9e2628c\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/00a1ba7b4fd31bf1c75482bfff620a1cf21c5815\"\u003e\u003ccode\u003e00a1ba7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111234\"\u003e#111234\u003c/a\u003e from psamanoelton/remove_tb_nigthly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/41beecf3ee272e928c59e53edfcd5d8b40bf7f2b\"\u003e\u003ccode\u003e41beecf\u003c/code\u003e\u003c/a\u003e Remove tb-nigthly and replace it with protobuf.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/01dec748b0d0daa3eb60a386b857519644fe15e2\"\u003e\u003ccode\u003e01dec74\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111216\"\u003e#111216\u003c/a\u003e from psamanoelton/remove_tb_dependency_partial_rol...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9657881d9689a4c06d334645932abff9d3481698\"\u003e\u003ccode\u003e9657881\u003c/code\u003e\u003c/a\u003e Partial rollback to resolve breakage.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/78d130aec00f8b4dbee85d3757ce32032ec7cbdd\"\u003e\u003ccode\u003e78d130a\u003c/code\u003e\u003c/a\u003e Remove TensorBoard dependency from TensorFlow build\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.13.0...v2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/pedrotescaro/redisus/pull/48","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pedrotescaro%2Fredisus/issues/48","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/48/packages"}},{"old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","update_type":null,"path":null,"pr_created_at":"2026-04-28T03:58:21.000Z","version_change":"\u003c=2.19.0,\u003e=2.0.0 → \u003e=2.0.0,\u003c=2.20.0","issue":{"uuid":"4340487813","node_id":"PR_kwDOSOez487WMm1Z","number":6,"state":"open","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-28T03:58:21.000Z","updated_at":"2026-04-28T04:02:33.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Sihang-Geng/CDP-train/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sihang-Geng%2FCDP-train/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","update_type":"minor","path":null,"pr_created_at":"2026-04-26T07:56:22.000Z","version_change":"\u003e=2.0.0 → \u003e=2.20.0","issue":{"uuid":"4330360072","node_id":"PR_kwDOSM2lHs7Vsl4K","number":4,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-26T07:56:22.000Z","updated_at":"2026-04-26T07:56:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/VisaiCyber/Cambodia-Smart-Traffic-Light-Management-System-/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/VisaiCyber%2FCambodia-Smart-Traffic-Light-Management-System-/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","update_type":null,"path":null,"pr_created_at":"2026-04-22T02:22:57.000Z","version_change":"\u003c=2.19.0,\u003e=2.0.0 → \u003e=2.0.0,\u003c=2.20.0","issue":{"uuid":"4306357764","node_id":"PR_kwDOSJJ87c7UfKA_","number":3,"state":"closed","title":"Update tensorflow requirement from \u003c=2.19.0,\u003e=2.0.0 to \u003e=2.0.0,\u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-04-22T02:23:59.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-22T02:22:57.000Z","updated_at":"2026-04-22T02:24:01.000Z","time_to_close":62,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.19.0,\u003e=2.0.0","new_version":"\u003e=2.0.0,\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mmccyyaa/CMSNet/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mmccyyaa%2FCMSNet/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"\u003c=2.13.1","new_version":"\u003c=2.20.0","update_type":"minor","path":null,"pr_created_at":"2026-04-22T00:50:48.000Z","version_change":"\u003c=2.13.1 → \u003c=2.20.0","issue":{"uuid":"4306069088","node_id":"PR_kwDOSJHAm87UePth","number":13,"state":"open","title":"Update tensorflow requirement from \u003c=2.13.1 to \u003c=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-22T00:50:48.000Z","updated_at":"2026-04-29T02:02:56.410Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c=2.13.1","new_version":"\u003c=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/tflite-v0.1.7...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/paklgym/YOLOv8/pull/13","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/paklgym%2FYOLOv8/issues/13","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/13/packages"}},{"old_version":"\u003c2.17.0,\u003e=2.5","new_version":"\u003e=2.5,\u003c2.22.0","update_type":"patch","path":"/tests","pr_created_at":"2026-04-17T07:06:51.000Z","version_change":"\u003c2.17.0,\u003e=2.5 → \u003e=2.5,\u003c2.22.0","issue":{"uuid":"4280799784","node_id":"PR_kwDOFFVbCc7TOJ2o","number":257,"state":"closed","title":"Update tensorflow requirement from \u003c2.17.0,\u003e=2.5 to \u003e=2.5,\u003c2.22.0 in /tests","user":"dependabot[bot]","labels":["dependencies","python","category: dependency_changes","Stale"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":"2026-05-09T03:45:31.000Z","author_association":null,"state_reason":null,"created_at":"2026-04-17T07:06:51.000Z","updated_at":"2026-05-09T03:45:39.000Z","time_to_close":1888720,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003c2.17.0,\u003e=2.5","new_version":"\u003e=2.5,\u003c2.22.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":"/tests","ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.21.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.21.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for Python 3.9 has been removed starting with TF 2.21.\u003c/li\u003e\n\u003cli\u003eThe TensorBoard (TB) dependency has been removed starting with TF 2.21.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.lite\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds int8 and int16x8 support for SQRT operator.\u003c/li\u003e\n\u003cli\u003eAdds int16x8 support for EQUAL and NOT_EQUAL operators.\u003c/li\u003e\n\u003cli\u003eAdds support for int2 type.\u003c/li\u003e\n\u003cli\u003eAdds support for int2/int4 in tfl.cast .\u003c/li\u003e\n\u003cli\u003eAdds support for SRQ int2 in tfl.fully_connected.\u003c/li\u003e\n\u003cli\u003eAdds support for int4 in tfl.slice.\u003c/li\u003e\n\u003cli\u003eAdds support for uint4 type.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ccode\u003etf.image\u003c/code\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdds JPEG XL support in decode_image.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eNoneTensorSpec\u003c/code\u003e to the public API so that \u003ccode\u003eNone\u003c/code\u003es in \u003ccode\u003eelement_spec\u003c/code\u003e\ncan be identified via \u003ccode\u003eisinstance(..., tf.NoneTensorSpec)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003eAaraviitkgp, Abhijeet, Abhinav Gunjal, Abhishek, Adam Paszke, Aditya Gupta, Aditya Jha, Aditya Sharma, Adrian Kuegel, Aiden Grossman, Akarsh, Akhil Goel, Alan Kelly, Aleksa Arsic, Aleksei, Aleksei Nurmukhametov, Alex, Alexander Belyaev, Alexander Grund, Alexander Lyashuk, Alexander Shaposhnikov, Alex Pivovarov, Aliia Khasanova, Alina Sbirlea, Allan Renucci, Amelia Thurdekoos, Amit Sabne, Andrei Ivanov, Andrew Dame, Andrey Portnoy, Anish Nair, Anlun Xu, Antonio Sanchez, anuj chincholikar, Anuj Chincholikar, Aravindh Balaji, aravindhbalaji1985, Arian Arfaian, Armin Felder, Artem Belevich, Ashish Rao, Ashitesh Singh, A. Unique TensorFlower, Bart Chrzaszcz, benediktjohannes, Benjamin Chetioui, Benjamin Kramer, Berkin Ilbeyi, Bhatu, Bhavani Subramanian, Bhupendra Dubey, Bill Varcho, Bixia Zheng, Blake Hechtman, Bodhi Silberling, BruceXinXin, Bryan Massoth, Buddh Prakash, Byungchul Kim, Ce Zheng, Changhui Lin, Chao, Charles Alaras, Chase Riley Roberts, Chenhao Jiang, Chris Ashton, Chris Jones, Chris Kennelly, Christian Sigg, Chuan He, Chunlei Niu, Chun-nien Chan, Chunyu Jin, Clive Verghese, Cong Liu, Corentin Kerisit, Daniel Chen, Daniel Kuts, Daniel Ng, Daniel Sosa, Daniel Suo, Danila Malyutin, David Dunleavy, David Majnemer, David Pizzuto, Deepika Rajani, deeptanshusekhri, dependabot[bot], Deqiang Chen, Derek Murray, Dillon Sharlet, Dimitar (Mitko) Asenov, Dimitris Vardoulakis, Dirk Hornung, DottsGit, Dragan Mladjenovic, Eetu Sjöblom, Elen Kalda, Emilio Cota, Emily Fertig, Eugene Zhulenev, Eusebio Durán Montaña, Evan Brown, Ezekiel Calubaquib, Faijul Amin, Felix Wang, Fengwu Yao, Fergus Henderson, Frederic Rechtenstein, Frederik Gossen, Gabriel Gerlero, Gagan Nagaraj, gaikwadrahul8, garry00107, gaurides, George Pawelczak, Georg Stefan Schmid, gns, Goran Flegar, Graham, Grant Jensen, Greg Olechwierowicz, Gregory Pataky, Grzegorz Gawryał, Gunhyun Park, guozhong.zhuang, Haibo Huang, Hana Joo, Hariprasad Ravishankar, Harsha H S, Harshit Monish, Henning Becker, Hittanshu, Hoeseong (Hayden) Kim, Hugo Mano, Hyeontaek Lim, Ibrahim Umit Akgun, ILCSFNO, Ilia Sergachev, Ilya Tikhonovskiy, Iman Hosseini, Ionel Gog, Isha Arkatkar, isharif168, Ivo Ristovski List, Jacques Pienaar, Jae H. Yoo, Jaeyoon Jung, Jake Harmon, James Hilliard, jameslovespancakes, James Spooner, Jane Liu, Jaroslav Sevcik, Jeff Parker, Jeffrey A. Dean, Jeremy Meredith, Jialei Chen, Jian Cai, Jian Li, Jie Luo, Jim Lin, Jing Pu, Jinliang Wei, Jiya Zhang, Joel Wee, Johannes Buchner, Johannes Reifferscheid, Johnny, Jorge Gorbe Moya, Joshua Lang, Joshua Wang, Joss Briody, jparkerh, Juanli Shen, Juhyun Lee, Jun Jiang, Junwhan Ahn, Kadir Barut, Kanglan Tang, Kanish Anand, Kanvi Khanna, Karlo Basioli, Ken Franko, Kevin Chen, Kevin Gleason, Kingston Mandisodza, Koki Ibukuro, Kostiantyn Liepieshov, Krishna Haridasan, Krishna Somani, Krzysztof Kosiński, Kuy Mainwaring, lambert, Larry Lansing, Lin Chai, Lord ε Rebel, Luke Baumann, Luke Hutton, madhavmadupu, Majid Dadashi, Mani Ananth, Manjunath Gaonkar, Marcello Maggioni, Marcin Radomski, Maria Lyubimtseva, Marissa Ikonomidis, Mark Daoust, Mason Chang, Matej Aleksandrov, Mateusz Sokół, Matthias Guenther, Matthias Kramm, Matt Hurd, Matt Kreileder, Maxime France-Pillois, Maxim Ermilov, Mehrdad Khani, Melissa Weber Mendonça, MERT-CKR, Michael Goldfarb, Michael Green, Michael Kuperstein, Michael Voznesensky, Michael Whittaker, Mihai Maruseac, Mikhail Goncharov, Ming-Xu Huang, Mircea Trofin, Misha Gutman, misterBart, mmakevic-amd, Mohamed AbdElmoneim, Mohamed Amine Zghal, Mohammadreza Heydary, Mohammed Anany, mraunak, Mudit Gokhale, Nayana Thorat, Nevi, nhatle, Nhat Le, Nihar0071, Nikhil, Nikita Putikhin, Niklas Vangerow, Nitin Srinivasan, Oleg Shyshkov, Olli Lupton, Om Thakkar, Pankaj Kanwar, Parker Schuh, Paul Ganssle, Pauline Sho, Pavithra Eswaramoorthy, Pedro Gonnet, pemeliya, Penporn Koanantakool, Perry Gibson, Peter Buchlovsky, Peter Gavin, Peter Hawkins, Pham Binh, Phani Paladugula, Philipp Hack, Praneeth Mandala, Praveen Batra, psinfinity, Qingwei Zhang, Quentin Khan, Quoc Truong, QZero, Rachel Han, Raffi Khatchadourian, Ram Rachum, RasheedAli-Shaik, Raviteja Gorijala, Reed Wanderman-Milne, Reilly Grant, Renjie Wu, Richard Levasseur, Robert David, Ryan M. Lefever, Sachin M, Sagun Bajra, Sai Ganesh Muthuraman, Saksham Singh Rathore, Sannidhya Chauhan, Sayan Saha, Sean Talts, Seher Ellis, Sergei Lebedev, Sergey Kozub, Sevin Fide Varoglu, Shahriar Rouf, Shanbin Ke, Shaogang Wang, Sharad Vikram, Shawn Lu, Siddhartha Menon, Siqiao Wu, skill, Smit Hinsu, snadampal, Sohaib Iftikhar, Soowon Jeong, spiao, Srijan Upadhyay, stevemcgregory, Subham Soni, Subhankar Shah, Swachhand Lokhande, Tai Ly, TensorFlower Gardener, Terry Heo, Terry Sun, Terry Tao, Theotime Combes, Thomas Joerg, Thomas Köppe, Tiago Quelhas, TJ Xu, Toli Yevtushenko, Tomás Longeri, Tom Hennigan, Tommy Chiang, Tom Natan, Tongfei Guo, Tori Baker, Uwe L. Korn, Vadym Matsishevskyi, Vamsi Manchala, Venkat6871, Victor Stone, Ville Vesilehto, Vitalii Dziuba, Vladimir Belitskiy, Vlad Sytchenko, Volodymyr Kysenko, Wai Hon Law, wan3x, Weiyi Wang, Will Froom, William S. Moses, wondertx, Xuefei Jiang, Yang Chen, Yash Katariya, Yasir Ashfaq, yasiribmcon, Yeou Chiou, Yicheng Luo, Yi Kong, Yimei Sun, Yin Zhang, Yuchen Yao, Yue Sheng, Yulia Baturina, Yunjie Xu, Yunlong Liu, Yun Peng, Yurii Topin, Zac Cranko, Zac Mustin, Zenong Zhang, Zeyu Wang, Zhanyong Wan, Zixuan Jiang, Ziyin Huang, Zviki Nozadze\u003c/p\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a481b10260dfdf833a1b16007eead49c1d7febf3\"\u003e\u003ccode\u003ea481b10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111627\"\u003e#111627\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.21.0-25481\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a8f642e88e001734075133f9576ffd253b9eacc3\"\u003e\u003ccode\u003ea8f642e\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/3c51664da546f2e7741ad27e98f8dd22dbbf86f9\"\u003e\u003ccode\u003e3c51664\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111517\"\u003e#111517\u003c/a\u003e from tejaswin432/r2.21\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/460d178dda3124806d534ec0fb5e3d0830319628\"\u003e\u003ccode\u003e460d178\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9e2628c11188f4b1f4361ff08e1de198d13cadb1\"\u003e\u003ccode\u003e9e2628c\u003c/code\u003e\u003c/a\u003e Update RELEASE.md with removal of TB dependency.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/00a1ba7b4fd31bf1c75482bfff620a1cf21c5815\"\u003e\u003ccode\u003e00a1ba7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111234\"\u003e#111234\u003c/a\u003e from psamanoelton/remove_tb_nigthly\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/41beecf3ee272e928c59e53edfcd5d8b40bf7f2b\"\u003e\u003ccode\u003e41beecf\u003c/code\u003e\u003c/a\u003e Remove tb-nigthly and replace it with protobuf.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/01dec748b0d0daa3eb60a386b857519644fe15e2\"\u003e\u003ccode\u003e01dec74\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/111216\"\u003e#111216\u003c/a\u003e from psamanoelton/remove_tb_dependency_partial_rol...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/9657881d9689a4c06d334645932abff9d3481698\"\u003e\u003ccode\u003e9657881\u003c/code\u003e\u003c/a\u003e Partial rollback to resolve breakage.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/78d130aec00f8b4dbee85d3757ce32032ec7cbdd\"\u003e\u003ccode\u003e78d130a\u003c/code\u003e\u003c/a\u003e Remove TensorBoard dependency from TensorFlow build\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.5.0...v2.21.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/sungeunk/openvino/pull/257","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sungeunk%2Fopenvino/issues/257","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/257/packages"}},{"old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","update_type":"minor","path":null,"pr_created_at":"2026-04-17T04:28:46.000Z","version_change":"\u003e=2.0.0 → \u003e=2.20.0","issue":{"uuid":"4280110727","node_id":"PR_kwDORsLFE87TL7ca","number":8,"state":"open","title":"Update tensorflow requirement from \u003e=2.0.0 to \u003e=2.20.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-04-17T04:28:46.000Z","updated_at":"2026-04-17T04:28:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Update","packages":[{"name":"tensorflow","old_version":"\u003e=2.0.0","new_version":"\u003e=2.20.0","repository_url":"https://github.com/tensorflow/tensorflow"}],"path":null,"ecosystem":"pip"},"body":"Updates the requirements on [tensorflow](https://github.com/tensorflow/tensorflow) to permit the latest version.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/releases\"\u003etensorflow's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eTensorFlow 2.20.0\u003c/h2\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003etf.lite will be deprecated, in favor of the new repo \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eThe duplicated source will also be removed from the TF repo.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md\"\u003etensorflow's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eRelease 2.20.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ccode\u003etensorflow-io-gcs-filesystem\u003c/code\u003e package is now optional, due its uncertain, and limited support. To install it alongside \u003ccode\u003etensorflow\u003c/code\u003e, run \u003ccode\u003epip install \u0026quot;tensorflow[gcs-filesystem]\u0026quot;\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMajor Features and Improvements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.data\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eAdds \u003ccode\u003eautotune.min_parallelism\u003c/code\u003e to \u003ccode\u003etf.data.Options\u003c/code\u003e to enable faster input pipeline warm up.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etf.lite\u003c/code\u003e\n\u003cul\u003e\n\u003cli\u003eLiteRT announced a \u003ca href=\"https://developers.googleblog.com/en/litert-maximum-performance-simplified/\"\u003enew release\u003c/a\u003e at Google IO ‘25 that improves upon TFLite, particularly in terms of NPU and GPU hardware acceleration and performance for on-device ML and AI applications. The APIs are available in Kotlin and C++.\u003c/li\u003e\n\u003cli\u003eAdditionally, LiteRT code base will decouple from TensorFlow repository, and \u003ccode\u003etf.lite\u003c/code\u003e will be removed in future TensorFlow Python package. More details to follow in future release notes.\u003c/li\u003e\n\u003cli\u003eMigrate to LiteRT for continued updates; the new repo can be found at \u003ca href=\"https://github.com/google-ai-edge/LiteRT\"\u003ehttps://github.com/google-ai-edge/LiteRT\u003c/a\u003e.  For more information and NPU EAP signup, reach out to the team at: \u003ca href=\"https://g.co/ai/LiteRT-NPU-EAP\"\u003eg.co/ai/LiteRT-NPU-EAP\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eThanks to our Contributors\u003c/h2\u003e\n\u003cp\u003eThis release contains contributions from many people at Google, as well as:\u003c/p\u003e\n\u003cp\u003e1ndig0, 372046933, abhinav, afzpatel, Akhil Goel, Alain Carlucci, Aleksei, Alen Huang, Alex, Amrinfathima-Mcw, Aravindh Balaji, Armand Picard, Aseem Athale, Ashiq Imran, Assoap, Chao, Chase Riley Roberts, Chenhao Jiang, chunhsue, chuntl, Chunyu Jin, Corentin Kerisit, Crefeda Rodrigues, dependabot[bot], Dragan Mladjenovic, Elen Kalda, Felix Thomasmathibalan, gabeweisz, Gauri Deshpande, Georg Stefan Schmid, Guozhong Zhuang, Harsha H S, Harshith_N, Hugo Mano, Ian Tayler Lessa, Jack Wolfard, James Ward, Jane Liu, Jaroslav Sevcik, JD, Jerry-Ge, Jian Li, Jinzhe Zeng, jiunkaiy, Johannes Reifferscheid, johnnkp, junweifu, Kanvi Khanna, Kasper Nielsen, Linzb-Xyz, Luke Hutton, Mahmoud Abuzaina, Mathew Odden, Michael Platings, misterBart, Mitchell Ludwig, Mmakevic-Amd, mraunak, NamanAgarwal0905, Namrata-Ibm, Neuropilot-Captain, nhatle, Nicholas Wilson, Nikhil Shinde, Olli Lupton, Patrick J. Lopresti, Pavel Emeliyanenko, Pearu Peterson, pemeliya, Peng Sun, Philipp Hack, Pratham-Mcw, RahulSudarMCW, RakshithGB, Rakshithgb-Fujitsu, RuslanSemchenko, Ruturaj Vaidya, Sachin Muradi, sandeepgupta12, SaoirseARM, Sergey Kozub, Sevin Fide Varoglu, Shanbin Ke, Shaogang Wang, Shraiysh Vaishay, Siddhartha Menon, spiao, Swatheesh Muralidharan, Tai Ly, Terry Sun, Thibaut Goetghebuer-Planchon, Thomas Dickerson, Tilak, Tj Xu, Trevor Morris, tyb0807, vfdev, Wei Wang, wokron, wondertx, Xuefei Jiang, Yaowei Zhou, Zentrik, Ziyun Cheng, Zoranjovanovic-Ns\u003c/p\u003e\n\u003ch1\u003eRelease 2.19.1\u003c/h1\u003e\n\u003ch3\u003eBug Fixes and Other Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix save_model.save for Serving embedding and add SparseCore Reshard.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eRelease 2.19.0\u003c/h1\u003e\n\u003ch2\u003eTensorFlow\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eLiteRT\u003c/code\u003e, a.k.a. \u003ccode\u003etf.lite\u003c/code\u003e:\n\u003cul\u003e\n\u003cli\u003eC++ API:\n\u003cul\u003e\n\u003cli\u003eThe public constants \u003ccode\u003etflite::Interpreter:kTensorsReservedCapacity\u003c/code\u003e\nand \u003ccode\u003etflite::Interpreter:kTensorsCapacityHeadroom\u003c/code\u003e are now const\nreferences, rather than \u003ccode\u003econstexpr\u003c/code\u003e compile-time constants.\n(This is to enable better API compatibility for TFLite in Play services\nwhile preserving the implementation flexibility to change the values of\nthese constants in the future.)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003ePython API:\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e gives deprecation warning redirecting to its new\nlocation at \u003ccode\u003eai_edge_litert.interpreter\u003c/code\u003e, as the API\n\u003ccode\u003etf.lite.Interpreter\u003c/code\u003e will be deleted in TF 2.20. See the\n\u003ca href=\"https://ai.google.dev/edge/litert/migration\"\u003emigration guide\u003c/a\u003e for\ndetails.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/72fbba3d20f4616d7312b5e2b7f79daf6e82f2fa\"\u003e\u003ccode\u003e72fbba3\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/98438\"\u003e#98438\u003c/a\u003e from tensorflow-jenkins/version-numbers-2.20.0-17429\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/bf5899deaf70fa45173c5c7b8dc9ace8824dc980\"\u003e\u003ccode\u003ebf5899d\u003c/code\u003e\u003c/a\u003e Update version numbers to 2.20.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/a80fbfe0eb3d71986a6ba06c6275180761d549e6\"\u003e\u003ccode\u003ea80fbfe\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97728\"\u003e#97728\u003c/a\u003e from tensorflow/r2.20-b0b73e1d3b4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/b2eeb62c6bc5e93f57140690d5f5dab132fd6dc7\"\u003e\u003ccode\u003eb2eeb62\u003c/code\u003e\u003c/a\u003e Fix release wheels build.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2272fa9f3573d54674c9fcfd1185943b6d11ebe5\"\u003e\u003ccode\u003e2272fa9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97519\"\u003e#97519\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/2cbf40e81cdbe77245062fc1e0bd9e45af648402\"\u003e\u003ccode\u003e2cbf40e\u003c/code\u003e\u003c/a\u003e Refresh lock files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/89106da7a82e3415e5b12ec36238b9882bb513f5\"\u003e\u003ccode\u003e89106da\u003c/code\u003e\u003c/a\u003e Update keras in requirements.in and setup.py.tpl\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/ea85f434bce2ab4a1334ad552de13c537a55dd29\"\u003e\u003ccode\u003eea85f43\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97305\"\u003e#97305\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/58d26a9207e4147cb8b7e70d01775a03b9f1c106\"\u003e\u003ccode\u003e58d26a9\u003c/code\u003e\u003c/a\u003e Update BUILD files with dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tensorflow/tensorflow/commit/de4ccfbc3aae6914401afa3d255e90bb6dac53c0\"\u003e\u003ccode\u003ede4ccfb\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/tensorflow/tensorflow/issues/97302\"\u003e#97302\u003c/a\u003e from rtg0795/r2.20\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/tensorflow/tensorflow/compare/v2.0.0...v2.20.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/rashvii/sample/pull/8","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rashvii%2Fsample/issues/8","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/8/packages"}}]}