Bump the pip group across 1 directory with 2 updates

[dependabot[bot]]

Updates the requirements on torch and transformers to permit the latest version. Updates torch to 2.7.1

Release notes

Sourced from torch's releases.

PyTorch 2.7.1 Release, bug fix release

This release is meant to fix the following issues (regressions / silent correctness):

Torch.compile

Fix Excessive cudagraph re-recording for HF LLM models (#152287) Fix torch.compile on some HuggingFace models (#151154) Fix crash due to Exception raised inside torch.autocast (#152503) Improve Error logging in torch.compile (#149831) Mark mutable custom operators as cacheable in torch.compile (#151194) Implement workaround for a graph break with older version einops (#153925) Fix an issue with tensor.view(dtype).copy_(...) (#151598)

Flex Attention

Fix assertion error due to inductor permuting inputs to flex attention (#151959) Fix performance regression on nanogpt speedrun (#152641)

Distributed

Fix extra CUDA context created by barrier (#149144) Fix an issue related to Distributed Fused Adam in Rocm/APEX when using nccl_ub feature (#150010) Add a workaround random hang in non-blocking API mode in NCCL 2.26 (#154055)

MacOS

Fix MacOS compilation error with Clang 17 (#151316) Fix binary kernels produce incorrect results when one of the tensor arguments is from a wrapped scalar on MPS devices (#152997)

Other

Improve PyTorch Wheel size due to introduction of addition of 128 bit vectorization (#148320) (#152396) Fix fmsub function definition (#152075) Fix Floating point exception in torch.mkldnn_max_pool2d (#151848) Fix abnormal inference output with XPU:1 device (#153067) Fix Illegal Instruction Caused by grid_sample on Windows (#152613) Fix ONNX decomposition does not preserve custom CompositeImplicitAutograd ops (#151826) Fix error with dynamic linking of libgomp library (#150084) Fix segfault in profiler with Python 3.13 (#153848)

Changelog

Sourced from torch's changelog.

Releasing PyTorch

• Release Compatibility Matrix
• Release Cadence
• General Overview
  • Frequently Asked Questions
• Cutting a release branch preparations
• Cutting release branches
  • pytorch/pytorch
  • PyTorch ecosystem libraries
  • Making release branch specific changes for PyTorch
  • Making release branch specific changes for ecosystem libraries
• Running Launch Execution team Core XFN sync
• Drafting RCs (https://github.com/pytorch/pytorch/blob/main/Release Candidates) for PyTorch and domain libraries
  • Release Candidate Storage
  • Release Candidate health validation
  • Cherry Picking Fixes
    • How to do Cherry Picking
  • Cherry Picking Reverts
• Preparing and Creating Final Release Candidate
• Promoting RCs to Stable
• Additional Steps to prepare for release day
  • Modify release matrix
  • Open Google Colab issue
• Patch Releases
  • Patch Release Criteria
  • Patch Release Process
    • Patch Release Process Description
    • Triage
    • Issue Tracker for Patch releases
    • Building a release schedule / cherry picking
    • Building Binaries / Promotion to Stable
• Hardware / Software Support in Binary Build Matrix
  • Python
  • Accelerator Software
    • Special support cases
  • Operating Systems
• Submitting Tutorials
• Special Topics
  • Updating submodules for a release
  • Triton dependency for the release

Release Compatibility Matrix

Following is the Release Compatibility Matrix for PyTorch releases:

... (truncated)

Commits

• e2d141d set thread_work_size to 4 for unrolled kernel (#154541)
• 1214198 [c10d] Fix extra CUDA context created by barrier (#152834)
• 790cc2f [c10d] Add more tests to prevent extra context (#154179)
• 62ea99a [CI] Remove the xpu env source for linux binary validate (#154409)
• 941732c [ROCm] Added unit test to test the cuda_pluggable allocator (#154135)
• 769d5da [binary builds] Linux aarch64 CUDA builds. Make sure tag is set correctly (#1...
• 306ba12 Fix uint view copy (#151598) (#154121)
• 1ae9953 [ROCm] Update CUDAPluggableAllocator.h (#1984) (#153974)
• 4a815ed ci: Set minimum cmake version for halide build (#154122)
• 4c7314e [Dynamo] Fix einops regression (#154053)
• Additional commits viewable in compare view

Updates transformers to 4.53.1

Release notes

Sourced from transformers's releases.

Patch Release v4.53.1

This patch contains several bug fixes. The following commits are included:

• Fix: unprotected import of tp plugin (#39083)
• Fix key mapping for VLMs (#39029)
• Several fixes for Gemma3n(#39135)
• [qwen2-vl] fix FA2 inference (#39121)
• [smolvlm] fix video inference (#39147)
• Fix multimodal processor get duplicate arguments when receive kwargs for initialization (#39125)
• when delaying optimizer creation only prepare the model (#39152)
• Add packed tensor format support for flex/sdpa/eager through the mask! (#39194)

Commits

• 896e9ce Release: v4.53.1
• bc0a47e Add packed tensor format support for flex/sdpa/eager through the mask! (#39194)
• 63af3d7 when delaying optimizer creation only prepare the model (#39152)
• a10c2bf Fix multimodal processor get duplicate arguments when receive kwargs for init...
• 650bc67 [smolvlm] fix video inference (#39147)
• 3c5f910 [qwen2-vl] fix FA2 inference (#39121)
• 5e1c914 Several fixes for Gemma3n (#39135)
• 8446e2a Fix key mapping for VLMs (#39029)
• 6900fe8 Fix: unprotected import of tp plugin (#39083)
• 67ddc82 Release: v4.53.0
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the Security Alerts page.

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[hansent]

tests are failing. I think transformers update breaks florence