profile
viewpoint

gogopavl/TTDSGA 4

Text Technologies for Data Science Group Assignment

joanna350/GoogleIntelligence 0

GoogleAPI-objectdetection

joanna350/jina 0

An easier way to build neural search in the cloud

push eventhandong1587/handong1587.github.io

handong1587

commit sha ecf4d9ad37aafcf79587fb2f2daeed7bcfb3e40b

add papers

view details

push time in 17 hours

fork ntamas/homebrew-core

🍻 Default formulae for the missing package manager for macOS

https://brew.sh

fork in 5 days

startedijl/orjson

started time in 5 days

PR opened joanna350/test

Bump notebook from 5.5.0 to 6.1.5

Bumps notebook from 5.5.0 to 6.1.5. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/jupyter/jupyterhub/commits">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 11 days

create barnchjoanna350/test

branch : dependabot/pip/notebook-6.1.5

created branch time in 11 days

created repositoryigraph/igraph-java

Experimental Java interface for igraph

created time in 13 days

push eventhandong1587/handong1587.github.io

handong1587

commit sha 984f2c28818155aa31b624d2e7d746534d7af9c8

add papers

view details

push time in 16 days

delete branch joanna350/test

delete branch : dependabot/pip/tensorflow-1.15.4

delete time in 16 days

PR closed joanna350/test

Bump tensorflow from 1.5.1 to 1.15.4 dependencies

Bumps tensorflow from 1.5.1 to 1.15.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tensorflow/tensorflow/releases">tensorflow's releases</a>.</em></p> <blockquote> <h2>TensorFlow 1.15.4</h2> <h1>Release 1.15.4</h1> <h2>Bug Fixes and Other Changes</h2> <ul> <li>Fixes an undefined behavior causing a segfault in <code>tf.raw_ops.Switch</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15190">CVE-2020-15190</a>)</li> <li>Fixes three vulnerabilities in conversion to DLPack format (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15191">CVE-2020-15191</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15192">CVE-2020-15192</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15193">CVE-2020-15193</a>)</li> <li>Fixes two vulnerabilities in <code>SparseFillEmptyRowsGrad</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15194">CVE-2020-15194</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15195">CVE-2020-15195</a>)</li> <li>Fixes an integer truncation vulnerability in code using the work sharder API (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15202">CVE-2020-15202</a>)</li> <li>Fixes a format string vulnerability in <code>tf.strings.as_string</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15203">CVE-2020-15203</a>)</li> <li>Fixes segfault raised by calling session-only ops in eager mode (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15204">CVE-2020-15204</a>)</li> <li>Fixes data leak and potential ASLR violation from <code>tf.raw_ops.StringNGrams</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15205">CVE-2020-15205</a>)</li> <li>Fixes segfaults caused by incomplete <code>SavedModel</code> validation (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15206">CVE-2020-15206</a>)</li> <li>Fixes a data corruption due to a bug in negative indexing support in TFLite (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15207">CVE-2020-15207</a>)</li> <li>Fixes a data corruption due to dimension mismatch in TFLite (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15208">CVE-2020-15208</a>)</li> <li>Fixes several vulnerabilities in TFLite saved model format (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209">CVE-2020-15209</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15210">CVE-2020-15210</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15211">CVE-2020-15211</a>)</li> <li>Updates <code>sqlite3</code> to <code>3.33.00</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9327">CVE-2020-9327</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11655">CVE-2020-11655</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11656">CVE-2020-11656</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13434">CVE-2020-13434</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13435">CVE-2020-13435</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13630">CVE-2020-13630</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13631">CVE-2020-13631</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13871">CVE-2020-13871</a>, and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358">CVE-2020-15358</a>.</li> <li>Fixes <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/41630">#41630</a> by including <code>max_seq_length</code> in CuDNN descriptor cache key</li> <li>Pins <code>numpy</code> to 1.18.5 to prevent ABI breakage when compiling code that uses both NumPy and TensorFlow headers.</li> </ul> <h2>TensorFlow 1.15.3</h2> <h2>Bug Fixes and Other Changes</h2> <ul> <li>Updates <code>sqlite3</code> to <code>3.31.01</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19880">CVE-2019-19880</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244">CVE-2019-19244</a> and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645">CVE-2019-19645</a></li> <li>Updates <code>curl</code> to <code>7.69.1</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15601">CVE-2019-15601</a></li> <li>Updates <code>libjpeg-turbo</code> to <code>2.0.4</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19664">CVE-2018-19664</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20330">CVE-2018-20330</a> and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13960">CVE-2019-13960</a></li> <li>Updates Apache Spark to <code>2.4.5</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10099">CVE-2019-10099</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17190">CVE-2018-17190</a> and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11770">CVE-2018-11770</a></li> </ul> <h2>TensorFlow 1.15.2</h2> <h1>Release 1.15.2</h1> <p>Note that this release no longer has a single pip package for GPU and CPU. Please see <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/36347">#36347</a> for history and details</p> <h2>Bug Fixes and Other Changes</h2> <ul> <li>Fixes a security vulnerability where converting a Python string to a <code>tf.float16</code> value produces a segmentation fault (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5215">CVE-2020-5215</a>)</li> <li>Updates <code>curl</code> to <code>7.66.0</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482">CVE-2019-5482</a> and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481">CVE-2019-5481</a></li> <li>Updates <code>sqlite3</code> to <code>3.30.01</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19646">CVE-2019-19646</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645">CVE-2019-19645</a> and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16168">CVE-2019-16168</a></li> </ul> <h2>TensorFlow 1.15.0</h2> <h1>Release 1.15.0</h1> <p>This is the last 1.x release for TensorFlow. We do not expect to update the 1.x branch with features, although we will issue patch releases to fix vulnerabilities for at least one year.</p> <h2>Major Features and Improvements</h2> <ul> <li>As <a href="https://groups.google.com/a/tensorflow.org/forum/#!topic/developers/iRCt5m4qUz0">announced</a>, <code>tensorflow</code> pip package will by default include GPU support (same as <code>tensorflow-gpu</code> now) for the platforms we currently have GPU support (Linux and Windows). It will work on machines with and without Nvidia GPUs. <code>tensorflow-gpu</code> will still be available, and CPU-only packages can be downloaded at <code>tensorflow-cpu</code> for users who are concerned about package size.</li> <li>TensorFlow 1.15 contains a complete implementation of the 2.0 API in its <code>compat.v2</code> module. It contains a copy of the 1.15 main module (without <code>contrib</code>) in the <code>compat.v1</code> module. TensorFlow 1.15 is able to emulate 2.0 behavior using the <code>enable_v2_behavior()</code> function. This enables writing forward compatible code: by explicitly importing either <code>tensorflow.compat.v1</code> or <code>tensorflow.compat.v2</code>, you can ensure that your code works without modifications against an installation of 1.15 or 2.0.</li> <li><code>EagerTensor</code> now supports numpy buffer interface for tensors.</li> <li>Add toggles <code>tf.enable_control_flow_v2()</code> and <code>tf.disable_control_flow_v2()</code> for enabling/disabling v2 control flow.</li> <li>Enable v2 control flow as part of <code>tf.enable_v2_behavior()</code> and <code>TF2_BEHAVIOR=1</code>.</li> <li>AutoGraph translates Python control flow into TensorFlow expressions, allowing users to write regular Python inside <code>tf.function</code>-decorated functions. AutoGraph is also applied in functions used with <code>tf.data</code>, <code>tf.distribute</code> and <code>tf.keras</code> APIS.</li> <li>Adds <code>enable_tensor_equality()</code>, which switches the behavior such that: <ul> <li>Tensors are no longer hashable.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md">tensorflow's changelog</a>.</em></p> <blockquote> <h1>Release 1.15.4</h1> <h2>Bug Fixes and Other Changes</h2> <ul> <li>Fixes an undefined behavior causing a segfault in <code>tf.raw_ops.Switch</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15190">CVE-2020-15190</a>)</li> <li>Fixes three vulnerabilities in conversion to DLPack format (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15191">CVE-2020-15191</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15192">CVE-2020-15192</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15193">CVE-2020-15193</a>)</li> <li>Fixes two vulnerabilities in <code>SparseFillEmptyRowsGrad</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15194">CVE-2020-15194</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15195">CVE-2020-15195</a>)</li> <li>Fixes an integer truncation vulnerability in code using the work sharder API (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15202">CVE-2020-15202</a>)</li> <li>Fixes a format string vulnerability in <code>tf.strings.as_string</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15203">CVE-2020-15203</a>)</li> <li>Fixes segfault raised by calling session-only ops in eager mode (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15204">CVE-2020-15204</a>)</li> <li>Fixes data leak and potential ASLR violation from <code>tf.raw_ops.StringNGrams</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15205">CVE-2020-15205</a>)</li> <li>Fixes segfaults caused by incomplete <code>SavedModel</code> validation (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15206">CVE-2020-15206</a>)</li> <li>Fixes a data corruption due to a bug in negative indexing support in TFLite (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15207">CVE-2020-15207</a>)</li> <li>Fixes a data corruption due to dimension mismatch in TFLite (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15208">CVE-2020-15208</a>)</li> <li>Fixes several vulnerabilities in TFLite saved model format (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209">CVE-2020-15209</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15210">CVE-2020-15210</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15211">CVE-2020-15211</a>)</li> <li>Updates <code>sqlite3</code> to <code>3.33.00</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9327">CVE-2020-9327</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11655">CVE-2020-11655</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11656">CVE-2020-11656</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13434">CVE-2020-13434</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13435">CVE-2020-13435</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13630">CVE-2020-13630</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13631">CVE-2020-13631</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13871">CVE-2020-13871</a>, and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358">CVE-2020-15358</a>.</li> <li>Fixes <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/41630">#41630</a> by including <code>max_seq_length</code> in CuDNN descriptor cache key</li> <li>Pins <code>numpy</code> to 1.18.5 to prevent ABI breakage when compiling code that uses both NumPy and TensorFlow headers.</li> </ul> <h1>Release 2.3.0</h1> <h2>Major Features and Improvements</h2> <ul> <li><code>tf.data</code> adds two new mechanisms to solve input pipeline bottlenecks and save resources:</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tensorflow/tensorflow/commit/df8c55ce12b5cfc6f29b01889f7773911a75e6ef"><code>df8c55c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/43442">#43442</a> from tensorflow-jenkins/version-numbers-1.15.4-31571</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/0e8cbcb0b1756de4afda8677add8a55355720ab7"><code>0e8cbcb</code></a> Update version numbers to 1.15.4</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/5b65bf202a00f558784e61b7dba5063195cce0f5"><code>5b65bf2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/43437">#43437</a> from tensorflow-jenkins/relnotes-1.15.4-10691</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/814e8d83f5966af55168bc1141dc8ba68561556f"><code>814e8d8</code></a> Update RELEASE.md</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/757085e3e62197ab5ad6a10c667aae08a8929556"><code>757085e</code></a> Insert release notes place-fill</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/e99e53dda53644e49f4b8b4ec16ef92f6399fc3b"><code>e99e53d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/43410">#43410</a> from tensorflow/mm-fix-1.15</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/bad36df000e97cfe0a271e08778a81db4ce8834a"><code>bad36df</code></a> Add missing import</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/f3f1835aed4ab1874c0891c487cd6d0340fed67b"><code>f3f1835</code></a> No <code>disable_tfrt</code> present on this branch</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/7ef5c62a21f2c03483c21566dd6c048218dced26"><code>7ef5c62</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/43406">#43406</a> from tensorflow/mihaimaruseac-patch-1</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/abbf34a5885400f81620df23d9da70f30630e699"><code>abbf34a</code></a> Remove import that is not needed</li> <li>Additional commits viewable in <a href="https://github.com/tensorflow/tensorflow/compare/v1.5.1...v1.15.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

1 comment

1 changed file

dependabot[bot]

pr closed time in 16 days

pull request commentjoanna350/test

Bump tensorflow from 1.5.1 to 1.15.4

Superseded by #10.

dependabot[bot]

comment created time in 16 days

PR opened joanna350/test

Bump tensorflow from 1.5.1 to 2.3.1

Bumps tensorflow from 1.5.1 to 2.3.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tensorflow/tensorflow/releases">tensorflow's releases</a>.</em></p> <blockquote> <h2>TensorFlow 2.3.1</h2> <h1>Release 2.3.1</h1> <h2>Bug Fixes and Other Changes</h2> <ul> <li>Fixes an undefined behavior causing a segfault in <code>tf.raw_ops.Switch</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15190">CVE-2020-15190</a>)</li> <li>Fixes three vulnerabilities in conversion to DLPack format (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15191">CVE-2020-15191</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15192">CVE-2020-15192</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15193">CVE-2020-15193</a>)</li> <li>Fixes two vulnerabilities in <code>SparseFillEmptyRowsGrad</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15194">CVE-2020-15194</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15195">CVE-2020-15195</a>)</li> <li>Fixes several vulnerabilities in <code>RaggedCountSparseOutput</code> and <code>SparseCountSparseOutput</code> operations (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15196">CVE-2020-15196</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15197">CVE-2020-15197</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15198">CVE-2020-15198</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15199">CVE-2020-15199</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15200">CVE-2020-15200</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15201">CVE-2020-15201</a>)</li> <li>Fixes an integer truncation vulnerability in code using the work sharder API (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15202">CVE-2020-15202</a>)</li> <li>Fixes a format string vulnerability in <code>tf.strings.as_string</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15203">CVE-2020-15203</a>)</li> <li>Fixes segfault raised by calling session-only ops in eager mode (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15204">CVE-2020-15204</a>)</li> <li>Fixes data leak and potential ASLR violation from <code>tf.raw_ops.StringNGrams</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15205">CVE-2020-15205</a>)</li> <li>Fixes segfaults caused by incomplete <code>SavedModel</code> validation (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15206">CVE-2020-15206</a>)</li> <li>Fixes a data corruption due to a bug in negative indexing support in TFLite (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15207">CVE-2020-15207</a>)</li> <li>Fixes a data corruption due to dimension mismatch in TFLite (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15208">CVE-2020-15208</a>)</li> <li>Fixes several vulnerabilities in TFLite saved model format (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209">CVE-2020-15209</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15210">CVE-2020-15210</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15211">CVE-2020-15211</a>)</li> <li>Fixes several vulnerabilities in TFLite implementation of segment sum (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15212">CVE-2020-15212</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15213">CVE-2020-15213</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15214">CVE-2020-15214</a>)</li> <li>Updates <code>sqlite3</code> to <code>3.33.00</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358">CVE-2020-15358</a>.</li> <li>Fixes deprecated usage of <code>collections</code> API</li> <li>Removes <code>scipy</code> dependency from <code>setup.py</code> since TensorFlow does not need it to install the pip package</li> </ul> <h2>TensorFlow 2.3.0</h2> <h1>Release 2.3.0</h1> <h2>Major Features and Improvements</h2> <ul> <li><code>tf.data</code> adds two new mechanisms to solve input pipeline bottlenecks and save resources: <ul> <li><a href="https://www.tensorflow.org/api_docs/python/tf/data/experimental/snapshot">snapshot</a></li> <li><a href="https://www.tensorflow.org/api_docs/python/tf/data/experimental/service">tf.data service</a>.</li> </ul> </li> </ul> <p>In addition checkout the detailed <a href="https://www.tensorflow.org/guide/data_performance_analysis">guide</a> for analyzing input pipeline performance with TF Profiler.</p> <ul> <li> <p><a href="https://www.tensorflow.org/api_docs/python/tf/distribute/TPUStrategy"><code>tf.distribute.TPUStrategy</code></a> is now a stable API and no longer considered experimental for TensorFlow. (earlier <code>tf.distribute.experimental.TPUStrategy</code>).</p> </li> <li> <p><a href="https://www.tensorflow.org/guide/profiler">TF Profiler</a> introduces two new tools: a memory profiler to visualize your model’s memory usage over time and a <a href="https://www.tensorflow.org/guide/profiler#events">python tracer</a> which allows you to trace python function calls in your model. Usability improvements include better diagnostic messages and <a href="https://tensorflow.org/guide/profiler#collect_performance_data">profile options</a> to customize the host and device trace verbosity level.</p> </li> <li> <p>Introduces experimental support for Keras Preprocessing Layers API (<a href="https://www.tensorflow.org/api_docs/python/tf/keras/layers/experimental/preprocessing?version=nightly"><code>tf.keras.layers.experimental.preprocessing.*</code></a>) to handle data preprocessing operations, with support for composite tensor inputs. Please see below for additional details on these layers.</p> </li> <li> <p>TFLite now properly supports dynamic shapes during conversion and inference. We’ve also added opt-in support on Android and iOS for <a href="https://github.com/tensorflow/tensorflow/tree/master/tensorflow/lite/delegates/xnnpack">XNNPACK</a>, a highly optimized set of CPU kernels, as well as opt-in support for <a href="https://github.com/tensorflow/tensorflow/blob/master/tensorflow/lite/g3doc/performance/gpu_advanced.md#running-quantized-models-experimental">executing quantized models on the GPU</a>.</p> </li> <li> <p>Libtensorflow packages are available in GCS starting this release. We have also started to <a href="https://github.com/tensorflow/tensorflow#official-builds">release a nightly version of these packages</a>.</p> </li> <li> <p>The experimental Python API <a href="https://www.tensorflow.org/api_docs/python/tf/debugging/experimental/enable_dump_debug_info"><code>tf.debugging.experimental.enable_dump_debug_info()</code></a> now allows you to instrument a TensorFlow program and dump debugging information to a directory on the file system. The directory can be read and visualized by a new interactive dashboard in TensorBoard 2.3 called <a href="https://www.tensorflow.org/tensorboard/debugger_v2">Debugger V2</a>, which reveals the details of the TensorFlow program including graph structures, history of op executions at the Python (eager) and intra-graph levels, the runtime dtype, shape, and numerical composistion of tensors, as well as their code locations.</p> </li> </ul> <h2>Breaking Changes</h2> <ul> <li>Increases the <strong>minimum bazel version</strong> required to build TF to <strong>3.1.0</strong>.</li> <li><code>tf.data</code> <ul> <li>Makes the following (breaking) changes to the <code>tf.data</code>.</li> <li>C++ API: - <code>IteratorBase::RestoreInternal</code>, <code>IteratorBase::SaveInternal</code>, and <code>DatasetBase::CheckExternalState</code> become pure-virtual and subclasses are now expected to provide an implementation.</li> <li>The deprecated <code>DatasetBase::IsStateful</code> method is removed in favor of <code>DatasetBase::CheckExternalState</code>.</li> <li>Deprecated overrides of <code>DatasetBase::MakeIterator</code> and <code>MakeIteratorFromInputElement</code> are removed.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md">tensorflow's changelog</a>.</em></p> <blockquote> <h1>Release 2.3.1</h1> <h2>Bug Fixes and Other Changes</h2> <ul> <li>Fixes an undefined behavior causing a segfault in <code>tf.raw_ops.Switch</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15190">CVE-2020-15190</a>)</li> <li>Fixes three vulnerabilities in conversion to DLPack format (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15191">CVE-2020-15191</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15192">CVE-2020-15192</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15193">CVE-2020-15193</a>)</li> <li>Fixes two vulnerabilities in <code>SparseFillEmptyRowsGrad</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15194">CVE-2020-15194</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15195">CVE-2020-15195</a>)</li> <li>Fixes several vulnerabilities in <code>RaggedCountSparseOutput</code> and <code>SparseCountSparseOutput</code> operations (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15196">CVE-2020-15196</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15197">CVE-2020-15197</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15198">CVE-2020-15198</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15199">CVE-2020-15199</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15200">CVE-2020-15200</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15201">CVE-2020-15201</a>)</li> <li>Fixes an integer truncation vulnerability in code using the work sharder API (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15202">CVE-2020-15202</a>)</li> <li>Fixes a format string vulnerability in <code>tf.strings.as_string</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15203">CVE-2020-15203</a>)</li> <li>Fixes segfault raised by calling session-only ops in eager mode (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15204">CVE-2020-15204</a>)</li> <li>Fixes data leak and potential ASLR violation from <code>tf.raw_ops.StringNGrams</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15205">CVE-2020-15205</a>)</li> <li>Fixes segfaults caused by incomplete <code>SavedModel</code> validation (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15206">CVE-2020-15206</a>)</li> <li>Fixes a data corruption due to a bug in negative indexing support in TFLite (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15207">CVE-2020-15207</a>)</li> <li>Fixes a data corruption due to dimension mismatch in TFLite (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15208">CVE-2020-15208</a>)</li> <li>Fixes several vulnerabilities in TFLite saved model format (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209">CVE-2020-15209</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15210">CVE-2020-15210</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15211">CVE-2020-15211</a>)</li> <li>Fixes several vulnerabilities in TFLite implementation of segment sum (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15212">CVE-2020-15212</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15213">CVE-2020-15213</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15214">CVE-2020-15214</a>)</li> <li>Updates <code>sqlite3</code> to <code>3.33.00</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358">CVE-2020-15358</a>.</li> <li>Fixes deprecated usage of <code>collections</code> API</li> <li>Removes <code>scipy</code> dependency from <code>setup.py</code> since TensorFlow does not need it to install the pip package</li> </ul> <h1>Release 2.2.1</h1> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tensorflow/tensorflow/commit/fcc4b966f1265f466e82617020af93670141b009"><code>fcc4b96</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/43446">#43446</a> from tensorflow-jenkins/version-numbers-2.3.1-16251</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/4cf223069a94c78b208e6c829d5f938a0fae7d07"><code>4cf2230</code></a> Update version numbers to 2.3.1</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/eee82247288e52e9b8a5c2badeb65f871b4da4c4"><code>eee8224</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/43441">#43441</a> from tensorflow-jenkins/relnotes-2.3.1-24672</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/0d41b1dfc97500e1177cb718a0b14b04914df661"><code>0d41b1d</code></a> Update RELEASE.md</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/d99bd631ea9b67ffc39c22b35fbf7deca77ad1f7"><code>d99bd63</code></a> Insert release notes place-fill</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/d71d3ce2520587b752e5d27b2d4a4ba8720e4bd5"><code>d71d3ce</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/43414">#43414</a> from tensorflow/mihaimaruseac-patch-1-1</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/9c91596d4d24bc07b6d36ae48581a2e7b2584edf"><code>9c91596</code></a> Fix missing import</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/f9f12f61867159120ce6eb08fdbd225d454232b5"><code>f9f12f6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/43391">#43391</a> from tensorflow/mihaimaruseac-patch-4</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/3ed271b0b05b4f1dfd5660944c54b5fe8cc3d8dc"><code>3ed271b</code></a> Solve leftover from merge conflict</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/9cf3773b717dfd46b37be2ba8cad4f038a8ff6f7"><code>9cf3773</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/43358">#43358</a> from tensorflow/mm-patch-r2.3</li> <li>Additional commits viewable in <a href="https://github.com/tensorflow/tensorflow/compare/v1.5.1...v2.3.1">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 16 days

create barnchjoanna350/test

branch : dependabot/pip/tensorflow-2.3.1

created branch time in 16 days

push eventhandong1587/handong1587.github.io

handong1587

commit sha 89dc14c526ffdb8f4ed5dcd45cec2160c75a7cba

add paper

view details

push time in 21 days

push eventhandong1587/handong1587.github.io

handong1587

commit sha bbb4d2151ef1660d8a00debb84b2ef4e0d5d7e64

add paper

view details

push time in a month

PR opened joanna350/test

Bump cryptography from 2.6.1 to 3.2

Bumps cryptography from 2.6.1 to 3.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst">cryptography's changelog</a>.</em></p> <blockquote> <p>3.2 - 2020-10-25</p> <pre><code>

  • SECURITY ISSUE: Attempted to make RSA PKCS#1v1.5 decryption more constant time, to protect against Bleichenbacher vulnerabilities. Due to limitations imposed by our API, we cannot completely mitigate this vulnerability and a future release will contain a new API which is designed to be resilient to these for contexts where it is required. Credit to Hubert Kario for reporting the issue. CVE-2020-25659
  • Support for OpenSSL 1.0.2 has been removed. Users on older version of OpenSSL will need to upgrade.
  • Added basic support for PKCS7 signing (including SMIME) via :class:~cryptography.hazmat.primitives.serialization.pkcs7.PKCS7SignatureBuilder. <p>.. _v3-1-1:</p> <p>3.1.1 - 2020-09-22 </code></pre></p> <ul> <li>Updated Windows, macOS, and <code>manylinux</code> wheels to be compiled with OpenSSL 1.1.1h.</li> </ul> <p>.. _v3-1:</p> <p>3.1 - 2020-08-26</p> <pre><code>
  • BACKWARDS INCOMPATIBLE: Removed support for idna based :term:U-label parsing in various X.509 classes. This support was originally deprecated in version 2.1 and moved to an extra in 2.5.
  • Deprecated OpenSSL 1.0.2 support. OpenSSL 1.0.2 is no longer supported by the OpenSSL project. The next version of cryptography will drop support for it.
  • Deprecated support for Python 3.5. This version sees very little use and will be removed in the next release.
  • backend arguments to functions are no longer required and the default backend will automatically be selected if no backend is provided.
  • Added initial support for parsing certificates from PKCS7 files with :func:~cryptography.hazmat.primitives.serialization.pkcs7.load_pem_pkcs7_certificates and :func:~cryptography.hazmat.primitives.serialization.pkcs7.load_der_pkcs7_certificates .
  • Calling update or update_into on :class:~cryptography.hazmat.primitives.ciphers.CipherContext with data longer than 2\ :sup:31 bytes no longer raises an OverflowError. This also resolves the same issue in :doc:/fernet. <p>.. _v3-0:</p> <p>3.0 - 2020-07-20 </tr></table> </code></pre></p> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pyca/cryptography/commit/c9e65222c91df8b6f61650a3460e30232962c1e0"><code>c9e6522</code></a> 3.2 release (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/5508">#5508</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/58494b41d6ecb0f56b7c5f05d5f5e3ca0320d494"><code>58494b4</code></a> Attempt to mitigate Bleichenbacher attacks on RSA decryption (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/5507">#5507</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/cf9bd6a36bc7b05abca114b76e216598d9ad9b16"><code>cf9bd6a</code></a> move blinding to <strong>init</strong> on both RSA public and private (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/5506">#5506</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/bf4b962f4b92a1633835b2d17974f18de2d61620"><code>bf4b962</code></a> be more verbose in the 102 deprecation notice (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/5505">#5505</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/ada53e7ca0f04a33711c330a130d34376e5ecc2b"><code>ada53e7</code></a> make the regexes for branches more strict (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/5504">#5504</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/8be1d4b1113eabea306dd60ab64e7f00815d6a52"><code>8be1d4b</code></a> Stop using <a href="https://github.com/master">@master</a> for GH actions (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/5503">#5503</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/08a97cca715ca0842d6792d0079e351efbb48ec9"><code>08a97cc</code></a> Bump actions/upload-artifact from v1 to v2.2.0 (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/5502">#5502</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/52a0e44e97dd6e150509b14c9b1f76a261f12786"><code>52a0e44</code></a> Add a dependabot configuration to bump our github actions (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/5501">#5501</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/611c4a340f6c53a7e28a9695a3248bd4e9f8558d"><code>611c4a3</code></a> PKCS7SignatureBuilder now supports new option NoCerts when signing (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/5500">#5500</a>)</li> <li><a href="https://github.com/pyca/cryptography/commit/836a92a28fbe9df8c37121e340b91ed9cd519ddd"><code>836a92a</code></a> chunking didn't actually work (<a href="https://github-redirect.dependabot.com/pyca/cryptography/issues/5499">#5499</a>)</li> <li>Additional commits viewable in <a href="https://github.com/pyca/cryptography/compare/2.6.1...3.2">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in a month

create barnchjoanna350/test

branch : dependabot/pip/cryptography-3.2

created branch time in a month

push eventhandong1587/handong1587.github.io

handong1587

commit sha 785bf1c4ab2013151f51484cb2cbacd4304c44b6

add paper

view details

push time in a month

startedvouch/vouch-proxy

started time in a month

push eventhandong1587/handong1587.github.io

handong1587

commit sha 6d9ac666b5bad10a89e68448cdd8aec6375343f2

update trimap-free matting

view details

push time in a month

push eventhandong1587/handong1587.github.io

handong1587

commit sha 971e701ce0abb99d30ab552369932a99cf217a58

add trimap-free matting

view details

push time in a month

push eventhandong1587/handong1587.github.io

handong1587

commit sha c3ef565adeb1dd3b08e0bd8bbceb59775d2f4227

add trimap-free matting

view details

push time in a month

push eventhandong1587/handong1587.github.io

handong1587

commit sha f382d5b4fe66190bff2fd9ef2b3f4d10085f1a1b

add papers

view details

push time in a month

push eventhandong1587/handong1587.github.io

handong1587

commit sha 10e8a58620562935d55d0089e5e0e36f136e5c50

add papers

view details

push time in 2 months

startedcodemirror/CodeMirror

started time in 2 months

push eventhandong1587/handong1587.github.io

handong1587

commit sha 77eafe8b9a989ab309aff1ffb8d7d640d2af760e

add papers

view details

push time in 2 months

delete branch joanna350/test

delete branch : dependabot/pip/tensorflow-1.15.2

delete time in 2 months

PR closed joanna350/test

Bump tensorflow from 1.5.1 to 1.15.2 dependencies

Bumps tensorflow from 1.5.1 to 1.15.2. <details> <summary>Release notes</summary>

Sourced from tensorflow's releases.

TensorFlow 1.15.2

Release 1.15.2

Bug Fixes and Other Changes

TensorFlow 1.15.0

Release 1.15.0

This is the last 1.x release for TensorFlow. We do not expect to update the 1.x branch with features, although we will issue patch releases to fix vulnerabilities for at least one year.

Major Features and Improvements

  • As announced, tensorflow pip package will by default include GPU support (same as tensorflow-gpu now) for the platforms we currently have GPU support (Linux and Windows). It will work on machines with and without Nvidia GPUs. tensorflow-gpu will still be available, and CPU-only packages can be downloaded at tensorflow-cpu for users who are concerned about package size.
  • TensorFlow 1.15 contains a complete implementation of the 2.0 API in its compat.v2 module. It contains a copy of the 1.15 main module (without contrib) in the compat.v1 module. TensorFlow 1.15 is able to emulate 2.0 behavior using the enable_v2_behavior() function. This enables writing forward compatible code: by explicitly importing either tensorflow.compat.v1 or tensorflow.compat.v2, you can ensure that your code works without modifications against an installation of 1.15 or 2.0.
  • EagerTensor now supports numpy buffer interface for tensors.
  • Add toggles tf.enable_control_flow_v2() and tf.disable_control_flow_v2() for enabling/disabling v2 control flow.
  • Enable v2 control flow as part of tf.enable_v2_behavior() and TF2_BEHAVIOR=1.
  • AutoGraph translates Python control flow into TensorFlow expressions, allowing users to write regular Python inside tf.function-decorated functions. AutoGraph is also applied in functions used with tf.data, tf.distribute and tf.keras APIS.
  • Adds enable_tensor_equality(), which switches the behavior such that:
    • Tensors are no longer hashable.
    • Tensors can be compared with == and !=, yielding a Boolean Tensor with element-wise comparison results. This will be the default behavior in 2.0.
  • Auto Mixed-Precision graph optimizer simplifies converting models to float16 for acceleration on Volta and Turing Tensor Cores. This feature can be enabled by wrapping an optimizer class with tf.train.experimental.enable_mixed_precision_graph_rewrite().
  • Add environment variable TF_CUDNN_DETERMINISTIC. Setting to "true" or "1" forces the selection of deterministic cuDNN convolution and max-pooling algorithms. When this is enabled, the algorithm selection procedure itself is also deterministic.
  • TensorRT
    • Migrate TensorRT conversion sources from contrib to compiler directory in preparation for TF 2.0.
    • Add additional, user friendly TrtGraphConverter API for TensorRT conversion.
    • Expand support for TensorFlow operators in TensorRT conversion (e.g. Gather, Slice, Pack, Unpack, ArgMin, ArgMax,DepthSpaceShuffle).
    • Support TensorFlow operator CombinedNonMaxSuppression in TensorRT conversion which significantly accelerates object detection models.

Breaking Changes

  • Tensorflow code now produces 2 different pip packages: tensorflow_core containing all the code (in the future it will contain only the private implementation) and tensorflow which is a virtual pip package doing forwarding to tensorflow_core (and in the future will contain only the public API of tensorflow). We don't expect this to be breaking, unless you were importing directly from the implementation.
  • TensorFlow 1.15 is built using devtoolset7 (GCC7) on Ubuntu 16. This may lead to ABI incompatibilities with extensions built against earlier versions of TensorFlow.
  • Deprecated the use of constraint= and .constraint with ResourceVariable.
  • tf.keras:
    • OMP_NUM_THREADS is no longer used by the default Keras config. To configure the number of threads, use tf.config.threading APIs.
    • tf.keras.model.save_model and model.save now defaults to saving a TensorFlow SavedModel.
    • keras.backend.resize_images (and consequently, keras.layers.Upsampling2D) behavior has changed, a bug in the resizing implementation was fixed.
    • Layers now default to float32, and automatically cast their inputs to the layer's dtype. If you had a model that used float64, it will probably silently use float32 in TensorFlow2, and a warning will be issued that starts with Layer "layer-name" is casting an input tensor from dtype float64 to the layer's dtype of float32. To fix, either set the default dtype to float64 with tf.keras.backend.set_floatx('float64'), or pass dtype='float64' to each of the Layer constructors. See tf.keras.layers.Layer for more information.
    • Some tf.assert_* methods now raise assertions at operation creation time (i.e. when this Python line executes) if the input tensors' values are known at that time, not during the session.run(). When this happens, a noop is returned and the input tensors are marked non-feedable. In other words, if they are used as keys in feed_dict argument to session.run(), an error will be raised. Also, because some assert ops don't make it into the graph, the graph structure changes. A different graph can result in different per-op random seeds when they are not given explicitly (most often).

Bug Fixes and Other Changes

  • tf.estimator:
    • tf.keras.estimator.model_to_estimator now supports exporting to tf.train.Checkpoint format, which allows the saved checkpoints to be compatible with model.load_weights.
    • Fix tests in canned estimators.
    • Expose Head as public API.
    • Fixes critical bugs that help with DenseFeatures usability in TF2 </tr></table> ... (truncated) </details> <details> <summary>Changelog</summary>

Sourced from tensorflow's changelog.

Release 1.15.2

Bug Fixes and Other Changes

Release 2.1.0

TensorFlow 2.1 will be the last TF release supporting Python 2. Python 2 support officially ends an January 1, 2020. As announced earlier, TensorFlow will also stop supporting Python 2 starting January 1, 2020, and no more releases are expected in 2019.

Major Features and Improvements

  • The tensorflow pip package now includes GPU support by default (same as tensorflow-gpu) for both Linux and Windows. This runs on machines with and without NVIDIA GPUs. tensorflow-gpu is still available, and CPU-only packages can be downloaded at tensorflow-cpu for users who are concerned about package size.
  • Windows users: Officially-released tensorflow Pip packages are now built with Visual Studio 2019 version 16.4 in order to take advantage of the new /d2ReducedOptimizeHugeFunctions compiler flag. To use these new packages, you must install "Microsoft Visual C++ Redistributable for Visual Studio 2015, 2017 and 2019", available from Microsoft's website here.
    • This does not change the minimum required version for building TensorFlow from source on Windows, but builds enabling EIGEN_STRONG_INLINE can take over 48 hours to compile without this flag. Refer to configure.py for more information about EIGEN_STRONG_INLINE and /d2ReducedOptimizeHugeFunctions.
    • If either of the required DLLs, msvcp140.dll (old) or msvcp140_1.dll (new), are missing on your machine, import tensorflow will print a warning message.
  • The tensorflow pip package is built with CUDA 10.1 and cuDNN 7.6.
  • tf.keras
    • Experimental support for mixed precision is available on GPUs and Cloud TPUs. See usage guide.
    • Introduced the TextVectorization layer, which takes as input raw strings and takes care of text standardization, tokenization, n-gram generation, and vocabulary indexing. See this end-to-end text classification example.
    • Keras .compile .fit .evaluate and .predict are allowed to be outside of the DistributionStrategy scope, as long as the model was constructed inside of a scope.
    • Experimental support for Keras .compile, .fit, .evaluate, and .predict is available for Cloud TPUs, Cloud TPU, for all types of Keras models (sequential, functional and subclassing models).
    • Automatic outside compilation is now enabled for Cloud TPUs. This allows tf.summary to be used more conveniently with Cloud TPUs.
    • Dynamic batch sizes with DistributionStrategy and Keras are supported on Cloud TPUs.
    • Support for .fit, .evaluate, .predict on TPU using numpy data, in addition to tf.data.Dataset.
    • Keras reference implementations for many popular models are available in the TensorFlow Model Garden.
  • tf.data
    • Changes rebatching for tf.data datasets + DistributionStrategy for better performance. Note that the dataset also behaves slightly differently, in that the rebatched dataset cardinality will always be a multiple of the number of replicas.
    • tf.data.Dataset now supports automatic data distribution and sharding in distributed environments, including on TPU pods.
    • Distribution policies for tf.data.Dataset can now be tuned with 1. tf.data.experimental.AutoShardPolicy(OFF, AUTO, FILE, DATA) 2. tf.data.experimental.ExternalStatePolicy(WARN, IGNORE, FAIL)
  • tf.debugging
    • Add tf.debugging.enable_check_numerics() and tf.debugging.disable_check_numerics() to help debugging the root causes of issues involving infinities and NaNs.
  • tf.distribute
    • Custom training loop support on TPUs and TPU pods is avaiable through strategy.experimental_distribute_dataset, strategy.experimental_distribute_datasets_from_function, strategy.experimental_run_v2, strategy.reduce.
    • Support for a global distribution strategy through tf.distribute.experimental_set_strategy(), in addition to strategy.scope().
  • TensorRT
    • TensorRT 6.0 is now supported and enabled by default. This adds support for more TensorFlow ops including Conv3D, Conv3DBackpropInputV2, AvgPool3D, MaxPool3D, ResizeBilinear, and ResizeNearestNeighbor. In addition, the TensorFlow-TensorRT python conversion API is exported as tf.experimental.tensorrt.Converter.
  • Environment variable TF_DETERMINISTIC_OPS has been added. When set to "true" or "1", this environment variable makes tf.nn.bias_add operate deterministically (i.e. reproducibly), but currently only when XLA JIT compilation is not enabled. Setting TF_DETERMINISTIC_OPS to "true" or "1" also makes cuDNN convolution and max-pooling operate deterministically. This makes Keras Conv*D and MaxPool*D layers operate deterministically in both the forward and backward directions when running on a CUDA-enabled GPU.

Breaking Changes

  • Deletes Operation.traceback_with_start_lines for which we know of no usages.
  • Removed id from tf.Tensor.__repr__() as id is not useful other than internal debugging.
  • Some tf.assert_* methods now raise assertions at operation creation time if the input tensors' values are known at that time, not during the session.run(). This only changes behavior when the graph execution would have resulted in an error. When this happens, a noop is returned and the input tensors are marked non-feedable. In other words, if they are used as keys in feed_dict argument to session.run(), an error will be raised. Also, because some assert ops don't make it into the graph, the graph structure changes. A different graph can result in different per-op random seeds when they are not given explicitly (most often).
  • The following APIs are not longer experimental: tf.config.list_logical_devices, tf.config.list_physical_devices, tf.config.get_visible_devices, tf.config.set_visible_devices, tf.config.get_logical_device_configuration, tf.config.set_logical_device_configuration.
  • tf.config.experimentalVirtualDeviceConfiguration has been renamed to tf.config.LogicalDeviceConfiguration.
  • tf.config.experimental_list_devices has been removed, please use tf.config.list_logical_devices.

Bug Fixes and Other Changes

</tr></table> ... (truncated) </details> <details> <summary>Commits</summary>

  • 5d80e1e Merge pull request #36215 from tensorflow-jenkins/version-numbers-1.15.2-8214
  • 71e9d8f Update version numbers to 1.15.2
  • e50120e Merge pull request #36214 from tensorflow-jenkins/relnotes-1.15.2-2203
  • 1a7e9fb Releasing 1.15.2 instead of 1.15.1
  • 85f7aab Insert release notes place-fill
  • e75a6d6 Merge pull request #36190 from tensorflow/mm-r1.15-fix-v2-build
  • a6d8973 Use config=v1 as this is r1.15 branch.
  • fdb8589 Merge pull request #35912 from tensorflow-jenkins/relnotes-1.15.1-31298
  • a6051e8 Add CVE number for main patch
  • 360b2e3 Merge pull request #34532 from ROCmSoftwarePlatform/r1.15-rccl-upstream-patch
  • Additional commits viewable in compare view </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

1 comment

1 changed file

dependabot[bot]

pr closed time in 2 months

pull request commentjoanna350/test

Bump tensorflow from 1.5.1 to 1.15.2

Superseded by #8.

dependabot[bot]

comment created time in 2 months

PR opened joanna350/test

Bump tensorflow from 1.5.1 to 1.15.4

Bumps tensorflow from 1.5.1 to 1.15.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/tensorflow/tensorflow/releases">tensorflow's releases</a>.</em></p> <blockquote> <h2>TensorFlow 1.15.4</h2> <h1>Release 1.15.4</h1> <h2>Bug Fixes and Other Changes</h2> <ul> <li>Fixes an undefined behavior causing a segfault in <code>tf.raw_ops.Switch</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15190">CVE-2020-15190</a>)</li> <li>Fixes three vulnerabilities in conversion to DLPack format (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15191">CVE-2020-15191</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15192">CVE-2020-15192</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15193">CVE-2020-15193</a>)</li> <li>Fixes two vulnerabilities in <code>SparseFillEmptyRowsGrad</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15194">CVE-2020-15194</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15195">CVE-2020-15195</a>)</li> <li>Fixes an integer truncation vulnerability in code using the work sharder API (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15202">CVE-2020-15202</a>)</li> <li>Fixes a format string vulnerability in <code>tf.strings.as_string</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15203">CVE-2020-15203</a>)</li> <li>Fixes segfault raised by calling session-only ops in eager mode (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15204">CVE-2020-15204</a>)</li> <li>Fixes data leak and potential ASLR violation from <code>tf.raw_ops.StringNGrams</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15205">CVE-2020-15205</a>)</li> <li>Fixes segfaults caused by incomplete <code>SavedModel</code> validation (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15206">CVE-2020-15206</a>)</li> <li>Fixes a data corruption due to a bug in negative indexing support in TFLite (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15207">CVE-2020-15207</a>)</li> <li>Fixes a data corruption due to dimension mismatch in TFLite (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15208">CVE-2020-15208</a>)</li> <li>Fixes several vulnerabilities in TFLite saved model format (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209">CVE-2020-15209</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15210">CVE-2020-15210</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15211">CVE-2020-15211</a>)</li> <li>Updates <code>sqlite3</code> to <code>3.33.00</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9327">CVE-2020-9327</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11655">CVE-2020-11655</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11656">CVE-2020-11656</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13434">CVE-2020-13434</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13435">CVE-2020-13435</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13630">CVE-2020-13630</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13631">CVE-2020-13631</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13871">CVE-2020-13871</a>, and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358">CVE-2020-15358</a>.</li> <li>Fixes <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/41630">#41630</a> by including <code>max_seq_length</code> in CuDNN descriptor cache key</li> <li>Pins <code>numpy</code> to 1.18.5 to prevent ABI breakage when compiling code that uses both NumPy and TensorFlow headers.</li> </ul> <h2>TensorFlow 1.15.3</h2> <h2>Bug Fixes and Other Changes</h2> <ul> <li>Updates <code>sqlite3</code> to <code>3.31.01</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19880">CVE-2019-19880</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244">CVE-2019-19244</a> and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645">CVE-2019-19645</a></li> <li>Updates <code>curl</code> to <code>7.69.1</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15601">CVE-2019-15601</a></li> <li>Updates <code>libjpeg-turbo</code> to <code>2.0.4</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19664">CVE-2018-19664</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20330">CVE-2018-20330</a> and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13960">CVE-2019-13960</a></li> <li>Updates Apache Spark to <code>2.4.5</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10099">CVE-2019-10099</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17190">CVE-2018-17190</a> and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11770">CVE-2018-11770</a></li> </ul> <h2>TensorFlow 1.15.2</h2> <h1>Release 1.15.2</h1> <p>Note that this release no longer has a single pip package for GPU and CPU. Please see <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/36347">#36347</a> for history and details</p> <h2>Bug Fixes and Other Changes</h2> <ul> <li>Fixes a security vulnerability where converting a Python string to a <code>tf.float16</code> value produces a segmentation fault (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-5215">CVE-2020-5215</a>)</li> <li>Updates <code>curl</code> to <code>7.66.0</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482">CVE-2019-5482</a> and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5481">CVE-2019-5481</a></li> <li>Updates <code>sqlite3</code> to <code>3.30.01</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19646">CVE-2019-19646</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19645">CVE-2019-19645</a> and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16168">CVE-2019-16168</a></li> </ul> <h2>TensorFlow 1.15.0</h2> <h1>Release 1.15.0</h1> <p>This is the last 1.x release for TensorFlow. We do not expect to update the 1.x branch with features, although we will issue patch releases to fix vulnerabilities for at least one year.</p> <h2>Major Features and Improvements</h2> <ul> <li>As <a href="https://groups.google.com/a/tensorflow.org/forum/#!topic/developers/iRCt5m4qUz0">announced</a>, <code>tensorflow</code> pip package will by default include GPU support (same as <code>tensorflow-gpu</code> now) for the platforms we currently have GPU support (Linux and Windows). It will work on machines with and without Nvidia GPUs. <code>tensorflow-gpu</code> will still be available, and CPU-only packages can be downloaded at <code>tensorflow-cpu</code> for users who are concerned about package size.</li> <li>TensorFlow 1.15 contains a complete implementation of the 2.0 API in its <code>compat.v2</code> module. It contains a copy of the 1.15 main module (without <code>contrib</code>) in the <code>compat.v1</code> module. TensorFlow 1.15 is able to emulate 2.0 behavior using the <code>enable_v2_behavior()</code> function. This enables writing forward compatible code: by explicitly importing either <code>tensorflow.compat.v1</code> or <code>tensorflow.compat.v2</code>, you can ensure that your code works without modifications against an installation of 1.15 or 2.0.</li> <li><code>EagerTensor</code> now supports numpy buffer interface for tensors.</li> <li>Add toggles <code>tf.enable_control_flow_v2()</code> and <code>tf.disable_control_flow_v2()</code> for enabling/disabling v2 control flow.</li> <li>Enable v2 control flow as part of <code>tf.enable_v2_behavior()</code> and <code>TF2_BEHAVIOR=1</code>.</li> <li>AutoGraph translates Python control flow into TensorFlow expressions, allowing users to write regular Python inside <code>tf.function</code>-decorated functions. AutoGraph is also applied in functions used with <code>tf.data</code>, <code>tf.distribute</code> and <code>tf.keras</code> APIS.</li> <li>Adds <code>enable_tensor_equality()</code>, which switches the behavior such that: <ul> <li>Tensors are no longer hashable.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/tensorflow/tensorflow/blob/master/RELEASE.md">tensorflow's changelog</a>.</em></p> <blockquote> <h1>Release 1.15.4</h1> <h2>Bug Fixes and Other Changes</h2> <ul> <li>Fixes an undefined behavior causing a segfault in <code>tf.raw_ops.Switch</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15190">CVE-2020-15190</a>)</li> <li>Fixes three vulnerabilities in conversion to DLPack format (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15191">CVE-2020-15191</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15192">CVE-2020-15192</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15193">CVE-2020-15193</a>)</li> <li>Fixes two vulnerabilities in <code>SparseFillEmptyRowsGrad</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15194">CVE-2020-15194</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15195">CVE-2020-15195</a>)</li> <li>Fixes an integer truncation vulnerability in code using the work sharder API (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15202">CVE-2020-15202</a>)</li> <li>Fixes a format string vulnerability in <code>tf.strings.as_string</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15203">CVE-2020-15203</a>)</li> <li>Fixes segfault raised by calling session-only ops in eager mode (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15204">CVE-2020-15204</a>)</li> <li>Fixes data leak and potential ASLR violation from <code>tf.raw_ops.StringNGrams</code> (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15205">CVE-2020-15205</a>)</li> <li>Fixes segfaults caused by incomplete <code>SavedModel</code> validation (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15206">CVE-2020-15206</a>)</li> <li>Fixes a data corruption due to a bug in negative indexing support in TFLite (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15207">CVE-2020-15207</a>)</li> <li>Fixes a data corruption due to dimension mismatch in TFLite (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15208">CVE-2020-15208</a>)</li> <li>Fixes several vulnerabilities in TFLite saved model format (<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15209">CVE-2020-15209</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15210">CVE-2020-15210</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15211">CVE-2020-15211</a>)</li> <li>Updates <code>sqlite3</code> to <code>3.33.00</code> to handle <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9327">CVE-2020-9327</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11655">CVE-2020-11655</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11656">CVE-2020-11656</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13434">CVE-2020-13434</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13435">CVE-2020-13435</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13630">CVE-2020-13630</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13631">CVE-2020-13631</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13871">CVE-2020-13871</a>, and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358">CVE-2020-15358</a>.</li> <li>Fixes <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/41630">#41630</a> by including <code>max_seq_length</code> in CuDNN descriptor cache key</li> <li>Pins <code>numpy</code> to 1.18.5 to prevent ABI breakage when compiling code that uses both NumPy and TensorFlow headers.</li> </ul> <h1>Release 2.3.0</h1> <h2>Major Features and Improvements</h2> <ul> <li><code>tf.data</code> adds two new mechanisms to solve input pipeline bottlenecks and save resources:</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/tensorflow/tensorflow/commit/df8c55ce12b5cfc6f29b01889f7773911a75e6ef"><code>df8c55c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/43442">#43442</a> from tensorflow-jenkins/version-numbers-1.15.4-31571</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/0e8cbcb0b1756de4afda8677add8a55355720ab7"><code>0e8cbcb</code></a> Update version numbers to 1.15.4</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/5b65bf202a00f558784e61b7dba5063195cce0f5"><code>5b65bf2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/43437">#43437</a> from tensorflow-jenkins/relnotes-1.15.4-10691</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/814e8d83f5966af55168bc1141dc8ba68561556f"><code>814e8d8</code></a> Update RELEASE.md</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/757085e3e62197ab5ad6a10c667aae08a8929556"><code>757085e</code></a> Insert release notes place-fill</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/e99e53dda53644e49f4b8b4ec16ef92f6399fc3b"><code>e99e53d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/43410">#43410</a> from tensorflow/mm-fix-1.15</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/bad36df000e97cfe0a271e08778a81db4ce8834a"><code>bad36df</code></a> Add missing import</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/f3f1835aed4ab1874c0891c487cd6d0340fed67b"><code>f3f1835</code></a> No <code>disable_tfrt</code> present on this branch</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/7ef5c62a21f2c03483c21566dd6c048218dced26"><code>7ef5c62</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/tensorflow/tensorflow/issues/43406">#43406</a> from tensorflow/mihaimaruseac-patch-1</li> <li><a href="https://github.com/tensorflow/tensorflow/commit/abbf34a5885400f81620df23d9da70f30630e699"><code>abbf34a</code></a> Remove import that is not needed</li> <li>Additional commits viewable in <a href="https://github.com/tensorflow/tensorflow/compare/v1.5.1...v1.15.4">compare view</a></li> </ul> </details> <br />

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


<details> <summary>Dependabot commands and options</summary> <br />

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

</details>

+1 -1

0 comment

1 changed file

pr created time in 2 months

create barnchjoanna350/test

branch : dependabot/pip/tensorflow-1.15.4

created branch time in 2 months

more