Bump onnx from 1.16.0 to 1.21.0 in /python#62285
Bump onnx from 1.16.0 to 1.21.0 in /python#62285dependabot[bot] wants to merge 1 commit intomasterfrom
Conversation
dependabot
bot
added
dependencies
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, have a team admin enable autofix in the Cursor dashboard.
| oauthlib==3.2.2 | ||
| # via requests-oauthlib | ||
| onnx==1.16.0 ; sys_platform != "darwin" or platform_machine != "arm64" | ||
| onnx==1.21.0 ; sys_platform != "darwin" or platform_machine != "arm64" |
There was a problem hiding this comment.
Source requirements file not updated, inconsistent with compiled
High Severity
The compiled requirements files bump onnx to 1.21.0, but the source file python/requirements/ml/rllib-requirements.txt still pins onnx==1.16.0. This inconsistency means the compiled output no longer matches its source. Any recompilation of requirements will revert onnx back to 1.16.0. Additionally, onnxruntime==1.18.0 (kept at its current version) is only compatible with onnx==1.16 per the official ONNX Runtime compatibility matrix, making this version combination potentially broken at runtime.
Additional Locations (1)
ray-gardener
bot
added
rllib
Bumps [onnx](https://github.com/onnx/onnx) from 1.16.0 to 1.21.0. - [Release notes](https://github.com/onnx/onnx/releases) - [Changelog](https://github.com/onnx/onnx/blob/main/docs/Changelog-ml.md) - [Commits](onnx/onnx@v1.16.0...v1.21.0) --- updated-dependencies: - dependency-name: onnx dependency-version: 1.21.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/pip/python/onnx-1.21.0
branch
from
cd8b06e to
3b3d307
Compare
Bumps onnx from 1.16.0 to 1.21.0.
Release notes
Sourced from onnx's releases.
... (truncated)
Commits
be2b5fdUpdate VERSION_NUMBER to final release version (#7772)c751ddbUpdate VERSION_NUMBER to rc4 (#7759)866038e[rel-1.21.0] Cherry-pick bug and security fixes for RC4 (#7737, #7751) (#7758)e6c12c5update version to rc3 (#7743)33afebfCherry pick commit (#7740)a51ac07update release to rc2 (#7732)089fcdafix windows build ; upload (#7727)fbbe45bCherry pick commits into the release branch (#7718)624108eupdate release branch version to 1.21.0rc1 (#7714)b65e6e1[Cherry-Pick] Merge commits from main for security fixes (#7688)