Bump the pip group across 1 directory with 3 updates

[dependabot]

Bumps the pip group with 3 updates in the /python/src/main/python/streaming-llm directory: jinja2, torch and transformers.

Updates jinja2 from 3.1.4 to 3.1.6

Release notes

Sourced from jinja2's releases.

3.1.6

This is the Jinja 3.1.6 security release, which fixes security issues but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.6/ Changes: https://jinja.palletsprojects.com/en/stable/changes/#version-3-1-6

• The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. GHSA-cpwx-vrp4-4pq7

3.1.5

This is the Jinja 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Jinja2/3.1.5/ Changes: https://jinja.palletsprojects.com/changes/#version-3-1-5 Milestone: https://github.com/pallets/jinja/milestone/16?closed=1

• The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. GHSA-q2x7-8rv6-6q7h
• Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. #1792, GHSA-gmj6-6f8f-6699
• Sandbox does not allow clear and pop on known mutable sequence types. #2032
• Calling sync render for an async template uses asyncio.run. #1952
• Avoid unclosed auto_aiter warnings. #1960
• Return an aclose-able AsyncGenerator from Template.generate_async. #1960
• Avoid leaving root_render_func() unclosed in Template.generate_async. #1960
• Avoid leaving async generators unclosed in blocks, includes and extends. #1960
• The runtime uses the correct concat function for the current environment when calling block references. #1701
• Make |unique async-aware, allowing it to be used after another async-aware filter. #1781
• |int filter handles OverflowError from scientific notation. #1921
• Make compiling deterministic for tuple unpacking in a {% set ... %} call. #2021
• Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. #2025
• Fix copy/pickle support for the internal missing object. #2027
• Environment.overlay(enable_async) is applied correctly. #2061
• The error message from FileSystemLoader includes the paths that were searched. #1661
• PackageLoader shows a clearer error message when the package does not contain the templates directory. #1705
• Improve annotations for methods returning copies. #1880
• urlize does not add mailto: to values like @a@b. #1870
• Tests decorated with @pass_context can be used with the |select filter. #1624
• Using set for multiple assignment (a, b = 1, 2) does not fail when the target is a namespace attribute. #1413
• Using set in all branches of {% if %}{% elif %}{% else %} blocks does not cause the variable to be considered initially undefined. #1253

Changelog

Sourced from jinja2's changelog.

Version 3.1.6

Released 2025-03-05

• The |attr filter does not bypass the environment's attribute lookup, allowing the sandbox to apply its checks. :ghsa:cpwx-vrp4-4pq7

Version 3.1.5

Released 2024-12-21

• The sandboxed environment handles indirect calls to str.format, such as by passing a stored reference to a filter that calls its argument. :ghsa:q2x7-8rv6-6q7h
• Escape template name before formatting it into error messages, to avoid issues with names that contain f-string syntax. :issue:1792, :ghsa:gmj6-6f8f-6699
• Sandbox does not allow clear and pop on known mutable sequence types. :issue:2032
• Calling sync render for an async template uses asyncio.run. :pr:1952
• Avoid unclosed auto_aiter warnings. :pr:1960
• Return an aclose-able AsyncGenerator from Template.generate_async. :pr:1960
• Avoid leaving root_render_func() unclosed in Template.generate_async. :pr:1960
• Avoid leaving async generators unclosed in blocks, includes and extends. :pr:1960
• The runtime uses the correct concat function for the current environment when calling block references. :issue:1701
• Make |unique async-aware, allowing it to be used after another async-aware filter. :issue:1781
• |int filter handles OverflowError from scientific notation. :issue:1921
• Make compiling deterministic for tuple unpacking in a {% set ... %} call. :issue:2021
• Fix dunder protocol (copy/pickle/etc) interaction with Undefined objects. :issue:2025
• Fix copy/pickle support for the internal missing object. :issue:2027
• Environment.overlay(enable_async) is applied correctly. :pr:2061
• The error message from FileSystemLoader includes the paths that were searched. :issue:1661
• PackageLoader shows a clearer error message when the package does not contain the templates directory. :issue:1705
• Improve annotations for methods returning copies. :pr:1880
• urlize does not add mailto: to values like @a@b. :pr:1870

... (truncated)

Commits

• 1520688 release version 3.1.6
• 90457bb Merge commit from fork
• 065334d attr filter uses env.getattr
• 033c200 start version 3.1.6
• bc68d4e use global contributing guide (#2070)
• 247de5e use global contributing guide
• ab8218c use project advisory link instead of global
• b4ffc8f release version 3.1.5 (#2066)
• 877f6e5 release version 3.1.5
• 8d58859 remove test pypi
• Additional commits viewable in compare view

Updates torch from 2.2.2 to 2.7.0

Release notes

Sourced from torch's releases.

PyTorch 2.7.0 Release Notes

• Highlights
• Tracked Regressions
• Backwards Incompatible Changes
• Deprecations
• New Features
• Improvements
• Bug fixes
• Performance
• Documentation
• Developers

Highlights

... (truncated)

Commits

• 1341794 Gracefully handle optree less than minimum version, part 2 (#151323)
• 0739127 Gracefully handle optree less than minimum version (#150977)
• 0c236f3 Update triton wheel build, setuptools pin (#150953)
• c7ff78d Fix inplacing with multiple, fused uses (#150892)
• 894909a Revert "[CUDA] Only use vec128 if CUDA version is newer than 12.8" (#150855)
• ef2b139 [Manylinux 2.28] Correct Linux aarch64 cuda binaries wheel name (#150820)
• 3f236f1 [CUDA] Only use vec128 if CUDA version is newer than 12.8 (#150818)
• 35f1e76 Reland of "[ROCm] change preferred blas lib defaults (#150249)"" (#150707)
• a6321d6 Revert "Dont exclude constant_pad_nd in prologue fusion" (#150699)
• 1cc51c6 [CUDA][avgpool2d] Fix backward launch bounds again for sm100, sm120 (#150...
• Additional commits viewable in compare view

Updates transformers from 4.44.2 to 4.50.0

Release notes

Sourced from transformers's releases.

Release v4.50.0

New Model Additions

Model-based releases

Starting with version v4.49.0, we have been doing model-based releases, additionally to our traditional, software-based monthly releases. These model-based releases provide a tag from which models may be installed.

Contrarily to our software-releases; these are not pushed to pypi and are kept on our GitHub. Each release has a tag attributed to it, such as:

• v4.49.0-Gemma-3
• v4.49.0-AyaVision

⚠️ As bugs are identified and fixed on each model, the release tags are updated so that installing from that tag always gives the best experience possible with that model.

Each new model release will always be based on the current state of the main branch at the time of its creation. This ensures that new models start with the latest features and fixes available.

For example, if two models—Gemma-3 and AyaVision—are released from main, and then a fix for gemma3 is merged, it will look something like this:

              o---- v4.49.0-Gemma-3 (includes AyaVision, plus main fixes)
            /                  \  
---o--o--o--o--o-- (fix for gemma3) --o--o--o main
       \          
        o---- v4.49.0-AyaVision

We strive to merge model specific fixes on their respective branches as fast as possible!

Gemma 3

Gemma 3 is heavily referenced in the following model-based release and we recommend reading these if you want all the information relative to that model.

The Gemma 3 model was proposed by Google. It is a vision-language model composed by a SigLIP vision encoder and a Gemma 2 language decoder linked by a multimodal linear projection.

It cuts an image into a fixed number of tokens same way as Siglip if the image does not exceed certain aspect ratio. For images that exceed the given aspect ratio, it crops the image into multiple smaller pacthes and concatenates them with the base image embedding.

One particularity is that the model uses bidirectional attention on all the image tokens. Also, the model interleaves sliding window local attention with full causal attention in the language backbone, where each sixth layer is a full causal attention layer.

• Gemma3 by @​RyanMullins in #36658

Shield Gemma2

ShieldGemma 2 is built on Gemma 3, is a 4 billion (4B) parameter model that checks the safety of both synthetic and natural images against key categories to help you build robust datasets and models. With this addition to the Gemma family of models, researchers and developers can now easily minimize the risk of harmful content in their models across key areas of harm as defined below:

• No Sexually Explicit content: The image shall not contain content that depicts explicit or graphic sexual acts (e.g., pornography, erotic nudity, depictions of rape or sexual assault).
• No Dangerous Content: The image shall not contain content that facilitates or encourages activities that could cause real-world harm (e.g., building firearms and explosive devices, promotion of terrorism, instructions for suicide).
• No Violence/Gore content: The image shall not contain content that depicts shocking, sensational, or gratuitous violence (e.g., excessive blood and gore, gratuitous violence against animals, extreme injury or moment of death).

We recommend using ShieldGemma 2 as an input filter to vision language models, or as an output filter of image generation systems. To train a robust image safety model, we curated training datasets of natural and synthetic images and instruction-tuned Gemma 3 to demonstrate strong performance.

... (truncated)

Commits

• 0b057e6 fix import issue
• 26fbd69 v 4.50.0
• 523f6e7 Fix: dtype cannot be str (#36262)
• 3f9ff19 Minor Gemma 3 fixes (#36884)
• f94b0c5 Use deformable_detr kernel from the Hub (#36853)
• 2638d54 Gemma 3 tests expect greedy decoding (#36882)
• b8aadc3 🔴 🔴 🔴 supersede paligemma forward to shift p...
• 6321876 add eustlb as an actor
• 94f4876 [generate] model defaults being inherited only happens for newer models (#36881)
• f19d018 Revert "Update deprecated Jax calls (#35919)" (#36880)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.