Bump the pip group across 1 directory with 4 updates

[dependabot]

Bumps the pip group with 4 updates in the / directory: deepspeed, gradio, lightning and onnx.

Updates deepspeed from 0.14.2 to 0.15.1

Release notes

Sourced from deepspeed's releases.

v0.15.1 Patch release

What's Changed

• Update version.txt after 0.15.0 release by @​loadams in microsoft/DeepSpeed#6403
• Fix Type Mismatch by @​jomayeri in microsoft/DeepSpeed#6410
• Fix redundant seq data parallel grp argument in Z3/MiCS by @​samadejacobs in microsoft/DeepSpeed#5352
• add Huawei Ascend NPU setup guide by @​xuedinge233 in microsoft/DeepSpeed#6445
• Add documentation for launcher without SSH by @​dogacancolak-kensho in microsoft/DeepSpeed#6455
• Dtype support check for accelerator in UTs by @​raza-sikander in microsoft/DeepSpeed#6360
• Store/Load CIFAR from local/offline by @​raza-sikander in microsoft/DeepSpeed#6390
• Add the accelerator setup guide link in Getting Started page by @​rogerxfeng8 in microsoft/DeepSpeed#6452
• Allow triton==3.0.x for fp_quantizer by @​siddartha-RE in microsoft/DeepSpeed#6447
• Change GDS to 1 AIO thread by @​jomayeri in microsoft/DeepSpeed#6459
• [CCL] fix condition issue in ccl.py by @​YizhouZ in microsoft/DeepSpeed#6443
• Avoid gds build errors on ROCm by @​rraminen in microsoft/DeepSpeed#6456
• TestLowCpuMemUsage UT get device by device_name by @​raza-sikander in microsoft/DeepSpeed#6397
• Add workflow to build DS without torch to better test before releases by @​loadams in microsoft/DeepSpeed#6450
• Fix patch for parameter partitioning in zero.Init() by @​tohtana in microsoft/DeepSpeed#6388
• Add default value to "checkpoint_folder" in "load_state_dict" of bf16_optimizer by @​ljcc0930 in microsoft/DeepSpeed#6446
• DeepNVMe tutorial by @​tjruwase in microsoft/DeepSpeed#6449
• bf16_optimizer: fixes to different grad acc dtype by @​nelyahu in microsoft/DeepSpeed#6485
• print warning if actual triton cache dir is on NFS, not just for default by @​jrandall in microsoft/DeepSpeed#6487
• DS_BUILD_OPS should build only compatible ops by @​tjruwase in microsoft/DeepSpeed#6489
• Safe usage of popen by @​tjruwase in microsoft/DeepSpeed#6490
• Handle an edge case where CUDA_HOME is not defined on ROCm systems by @​amorehead in microsoft/DeepSpeed#6488

New Contributors

• @​xuedinge233 made their first contribution in microsoft/DeepSpeed#6445
• @​siddartha-RE made their first contribution in microsoft/DeepSpeed#6447
• @​ljcc0930 made their first contribution in microsoft/DeepSpeed#6446
• @​jrandall made their first contribution in microsoft/DeepSpeed#6487
• @​amorehead made their first contribution in microsoft/DeepSpeed#6488

Full Changelog: deepspeedai/DeepSpeed@v0.15.0...v0.15.1

DeepSpeed v0.15.0

What's Changed

• Update version.txt after 0.14.5 release by @​loadams in microsoft/DeepSpeed#5982
• move pynvml install to setup.py by @​Rohan138 in microsoft/DeepSpeed#5840
• add moe topk(k>2) gate support by @​inkcherry in microsoft/DeepSpeed#5881
• Move inf_or_nan_tracker to cpu for cpu offload by @​BacharL in microsoft/DeepSpeed#5826
• Enable dynamic shapes for pipeline parallel engine inputs by @​tohtana in microsoft/DeepSpeed#5481
• Add and Remove ZeRO 3 Hooks by @​jomayeri in microsoft/DeepSpeed#5658
• DeepNVMe GDS by @​jomayeri in microsoft/DeepSpeed#5852
• Pin transformers version on nv-nightly by @​loadams in microsoft/DeepSpeed#6002
• DeepSpeed on Window blog by @​tjruwase in microsoft/DeepSpeed#6364
• Bug Fix 5880 by @​jomayeri in microsoft/DeepSpeed#6378
• Update linear.py compatible with torch 2.4.0 by @​terry-for-github in microsoft/DeepSpeed#5811
• GDS Swapping Fix by @​jomayeri in microsoft/DeepSpeed#6386
• Long sequence parallelism (Ulysses) integration with HuggingFace by @​samadejacobs in microsoft/DeepSpeed#5774
• reduce cpu host overhead when using moe by @​ranzhejiang in microsoft/DeepSpeed#5578

... (truncated)

Commits

• 10ba3dd Handle an edge case where CUDA_HOME is not defined on ROCm systems (#6488)
• 662a421 Safe usage of popen (#6490)
• ddd3571 Add default value to "checkpoint_folder" in "load_state_dict" of bf16_optimiz...
• 5d1a30c DS_BUILD_OPS should build only compatible ops (#6489)
• ddeb0c1 Fix patch for parameter partitioning in zero.Init() (#6388)
• 9d17116 print warning if actual triton cache dir is on NFS, not just for default (#6487)
• 5df12a4 DeepNVMe tutorial (#6449)
• cfc6ed3 bf16_optimizer: fixes to different grad acc dtype (#6485)
• 9b7fc54 Add workflow to build DS without torch to better test before releases (#6450)
• 89c4d9f TestLowCpuMemUsage UT get device by device_name (#6397)
• Additional commits viewable in compare view

Updates gradio from 4.32.2 to 5.5.0

Changelog

Sourced from gradio's changelog.

5.5.0

Features

• #9875 8305ff8 - Adds .expand() and .collapse() events to gr.Accordion. Thanks @​abidlabs!
• #9424 a1582a6 - Lite worker refactoring. Thanks @​whitphx!
• #9891 fc12496 - Allow uploading more files in gr.File. Thanks @​hannahblair!
• #9898 dcfa7ad - Enforce meta key present during preprocess in FileData payloads. Thanks @​freddyaboulton!
• #9887 d407c00 - Add .download() event to gr.File. Thanks @​abidlabs!
• #9726 b6725cf - Lite auto-load imported modules with pyodide.loadPackagesFromImports. Thanks @​whitphx!
• #9786 f109497 - Fix frontend errors on ApiDocs and RecordingSnippet. Thanks @​whitphx!
• #9800 d1cfe1e - Allow plot tooltip to show extra columns. Thanks @​aliabid94!

Fixes

• #9835 4d90883 - Allows selection of directories in File Explorer. Thanks @​aliabid94!
• #9883 e10bbd2 - Fix live interfaces for audio/image streaming. Thanks @​freddyaboulton!
• #9804 458a38c - Fixes for ChatInterface Examples when additional inputs are provided. Thanks @​dawoodkhan82!
• #9827 7ed8d02 - Fix Loading SSR'd apps via gr.load. Thanks @​freddyaboulton!
• #9882 6c8a064 - Ensure non-form elements are correctly positioned when scale is applied. Thanks @​hannahblair!
• #9880 120198f - Fixes LoginButton for SSR. Thanks @​dawoodkhan82!
• #9881 6866a54 - Ensure gallery share button is positioned correctly. Thanks @​hannahblair!
• #9826 69acfeb - Make sure the Tool accordion is closed if it is not the last message. Thanks @​freddyaboulton!
• #9892 7d77024 - Fix dataframe height increasing on scroll. Thanks @​abidlabs!
• #9859 c1cb5be - Fix: Resolve copy button visibility issue in Textbox component. Thanks @​rahulsamant37!
• #9886 fa5d433 - Do not load code in gr.NO_RELOAD in the reload mode watch thread. Thanks @​freddyaboulton!

5.4.0

Features

• #9834 febbed6 - Pin multipart version to fix issues with yanking. Thanks @​aliabd!
• #9792 d2b56a4 - more fix. Thanks @​pngwn!
• #9795 ff5be45 - Use safehttpx.get() instead of async_get_with_secure_transport(). Thanks @​abidlabs!
• #9807 5e89b6d - Allow accepting user-provided-tokens in gr.load. Thanks @​abidlabs!
• #9819 160b27c - Update requirements.txt to allow pillow 11.x. Thanks @​bob-jones-cs!
• #9649 b1b81c9 - Hide option to add row/col when count is fixed in dataframe. Thanks @​hannahblair!
• #9805 78e3b51 - Allow setting plotly margins. Thanks @​aliabid94!

Fixes

• #9831 767643f - Fix a bug in example textbox rendering when it is initially invisible. Thanks @​cornzz!
• #9836 a4e70f3 - Fix Tabs in Rows. Thanks @​aliabid94!
• #9769 3b9ed29 - Fix avatar image placement in Chatbot. Thanks @​hannahblair!
• #9757 f971ca6 - added audioop-lts module to support pydub for python3.13+. Thanks @​samy-FERGUI!
• #9651 1163a37 - Fixes component info font size. Thanks @​dawoodkhan82!
• #9814 6505d42 - support gradio apps on spaces served on subpaths. Thanks @​pngwn!
• #9806 b538bda - update docstring for the the "variant" parameter in gr.Button. Thanks @​fadingNA!
• #9815 90d9d14 - use different env var for node port range. Thanks @​pngwn!
• #9825 f15808e - fix: use system timezone in gr.DateTime with include_time=False. Thanks @​lcian!

... (truncated)

Commits

• b5eaba1 chore: update versions (#9874)
• fa5d433 Do not load code in gr.NO_RELOAD in the reload mode watch thread (#9886)
• b6725cf Lite auto-load imported modules with pyodide.loadPackagesFromImports (#9726)
• e10bbd2 Fix live interfaces for audio/image streaming (#9883)
• dcfa7ad Enforce meta key present during preprocess in FileData payloads (#9898)
• 7d77024 Fix dataframe height increasing on scroll (#9892)
• 4d90883 Allows selection of directories in File Explorer (#9835)
• 6c8a064 Ensure non-form elements are correctly positioned when scale is applied (#9882)
• a1582a6 Lite worker refactoring (#9424)
• f109497 Fix frontend errors on ApiDocs and RecordingSnippet (#9786)
• Additional commits viewable in compare view

Updates lightning from 2.2.4 to 2.3.3

Release notes

Sourced from lightning's releases.

Patch release v2.3.3

This release removes the code from the main lightning package that was reported in CVE-2024-5980.

Patch release v2.3.2

Includes a minor bugfix that avoids a conflict with the entrypoint command with another package #20041.

Patch release v2.3.1

Includes minor bugfixes and stability improvements.

Full Changelog: Lightning-AI/pytorch-lightning@2.3.0...2.3.1

Lightning v2.3: Tensor Parallelism and 2D Parallelism

Lightning AI is excited to announce the release of Lightning 2.3 ⚡

Did you know? The Lightning philosophy extends beyond a boilerplate-free deep learning framework: We've been hard at work bringing you Lightning Studio. Code together, prototype, train, deploy, host AI web apps. All from your browser, with zero setup.

This release introduces experimental support for Tensor Parallelism and 2D Parallelism, PyTorch 2.3 support, and several bugfixes and stability improvements.

• Highlights
  • Tensor Parallelism (beta)
  • 2D Parallelism (beta)
  • Training Mode in Model Summary
  • Special Forward Methods in Fabric
• Notable Changes
• Full Changelog
  • PyTorch Lightning
  • Lightning Fabric
• Contributors

Highlights

Tensor Parallelism (beta)

Tensor parallelism (TP) is a technique that splits up the computation of selected layers across GPUs to save memory and speed up distributed models. To enable TP as well as other forms of parallelism, we introduce a ModelParallelStrategy for both Lightning Trainer and Fabric. Under the hood, TP is enabled through new experimental PyTorch APIs like DTensor and torch.distributed.tensor.parallel.

PyTorch Lightning

Enabling TP in a model with PyTorch Lightning requires you to implement the LightningModule.configure_model() method where you convert selected layers of a model to paralellized layers. This is an advanced feature, because it requires a deep understanding of the model architecture. Open the tutorial Studio to learn the basics of Tensor Parallelism.

 

... (truncated)

Commits

• cf34867 [pre-commit.ci] auto fixes from pre-commit.com hooks
• cc457fe enable import lightning.app if it is installed (#20059)
• 249230a Release 2.3.3
• 23bdeda CI: replace macOS-11 with macOS-14 (#20029)
• 3e5fbdc build(deps): bump Lightning-AI/utilities from 0.11.2 to 0.11.3 (#20031)
• de3fb57 Remove the lightning app code (#20039)
• 056bb08 Avoid overwriting the lightning_app entry point (#20041)
• 8b69285 Patch release 2.3.1 (#20021)
• a42484c Fix failing app tests (#19971)
• f6fd046 Release 2.3.0 (#19954)
• Additional commits viewable in compare view

Updates onnx from 1.16.0 to 1.17.0

Release notes

Sourced from onnx's releases.

v1.17.0

ONNX v1.17.0 is now available with exciting new features! We would like to thank everyone who contributed to this release! Please visit onnx.ai to learn more about ONNX and associated projects.

Key Updates

ai.onnx Opset 22

• Update to support bfloat16:
  • Acos, Acosh, Asin, Asinh, Atan, Atanh, AveragePool, Bernoulli, Conv, ConvTranspose, Cos, Cosh, DeformConv, Det, Dropout, Elu, EyeLike, GRU, GlobalAveragePool, GlobalLpPool, GlobalMaxPool, GridSample, HardSigmoid, HardSwish, InstanceNormalization, LSTM, LpNormalization, LpPool, MaxPool, MaxRoiPool, MaxUnpool, Mish, Multinomial, NegativeLogLikelihoodLoss, RNN, RandomNormal, RandomNormalLike, RandomUniform, RandomUniformLike, RoiAlign, Round, Selu, Sin, Sinh, Softplus, Softsign, Tan, ThresholdedRelu

Python Changes

• Support for numpy >= 2.0

Bug fixes and infrastructure improvements

• Fix Check URLs errors 5972
• Use CMAKE_PREFIX_PATH in finding libprotobuf 5975
• Bump main VERSION_NUMBER to 1.17.0 5968
• Fix source and pip tar.gz builds on s390x systems 5984
• Fix unique_name 5992
• Fix SegFault bug in shape inference 5990
• Fix onnx.compose when connecting subgraphs 5991
• Fix conversion from split 11 to split 18 6020
• Update error messages for NegativeLogLikelihoodLoss inference function 6021
• Generalize input/output number check in shape inference 6005
• Replace rank inference with shape inference for Einsum op 6010
• build from source instruction with latest cmake change 6038
• Handle OneHot's depth value during shape inference 5963
• Not to install cmake in pyproject.toml on Windows 6045
• fix a skipped shape infer code 6049
• Include the ".onnxtext" extension in supported serialization format 6051
• Allow ReferenceEvaluator to return intermediate results 6066
• Fix 1 typo in numpy_helper.py 6041
• Remove benchmarking code 6076
• Prevent crash on import after GCC 8 builds 6048
• Check graph outputs are defined 6083
• Enable additional ruff rules 6032
• Add missing shape inference check for DequantizeLinear 6080
• Add bfloat16 to all relevant ops 6099
• fix(ci): install python dependencies with --only-binary :all: in manylinux 6120
• fix: install google-re2 with --only-binary option 6129
• Specify axis parameter for DequantizeLinear when input rank is 1 6095
• Pin onnxruntime to 1.17.3 for release CIs 6143
• Fix INT4 TensorProto byte size is 5x larger than expected with negative values 6161
• Mitigate tarball directory traversal risks 6164
• Fix reference implementation for ScatterND with 4D tensors 6174
• Addition of group > 1 in test and in backend for ConvTranspose 6175
• Support for bfloat16 for binary, unary operators in reference implementation 6166
• Refactor windows workflow to work on standard windows 6190
• Fix a few crashes while running shape inference 6195
• Update onnx to work with numpy>=2.0 6196
• Use sets to improve performance of dfs search 6213

... (truncated)

Commits

• b8baa84 Set version 1.17.0 for official release (#6405)
• 6d77b80 [Cherry-Pick] Fix main url checks (#6312) (#6327)
• 174938d [Cherry-Pick] Fix protobuf pkg 5.28.0 failing on Windows (#6342) (#6347)
• f18d593 [Cherry-Pick] Remove unused variables (#6303) (#6324)
• c588905 Set version in rel-1.17.0 to 1.17.0rc1 (#6317)
• 4392c2c Prepare for rel-1.17.0 (#6281)
• cb54169 Update ort filter to 1.20.0 to skip tests known to fail with ort 1.19.0 (#6306)
• 99e1fd3 Bump reviewdog/action-misspell from 1.21.0 to 1.23.0 (#6268)
• 1920565 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (#6273)
• 2e8f228 Bump mypy from 1.10.1 to 1.11.1 (#6275)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.