[RHOAIENG-27349] - CVE-2025-1550: keras Deserialization of Untrusted Data (#109)

Signed-off-by: Filippe <[email protected]>

Author: spolti

requirements.txt

@@ -1,46 +1,40 @@
-absl-py==2.1.0
+absl-py==2.3.0
 astunparse==1.6.3
-cachetools==5.5.0
-certifi==2024.8.30
-charset-normalizer==3.3.2
-flatbuffers==24.3.25
-gast==0.4.0
-google-auth==2.34.0
-google-auth-oauthlib==1.0.0
+certifi==2025.4.26
+charset-normalizer==3.4.2
+flatbuffers==25.2.10
+gast==0.6.0
 google-pasta==0.2.0
-grpcio==1.66.1
-# pin to 3.10.0 to avoid error: libhdf5.so: cannot open shared object file: No such file or directory \
+grpcio==1.73.0
+# pin to 3.12.0 to avoid error: libhdf5.so: cannot open shared object file: No such file or directory \
 # if not version is set, it will install the 3.11.0 version which, seems that does not have the h5py dependencies \
 # for arm yet.
-h5py==3.10.0
-idna==3.8
-importlib-metadata==8.4.0
-keras==2.13.1
+h5py==3.12.0
+idna==3.10
+keras==3.10.0
 libclang==18.1.1
-Markdown==3.7
-MarkupSafe==2.1.5
-numpy==1.24.3
-oauthlib==3.2.2
-opt-einsum==3.3.0
-packaging==24.1
-protobuf==4.25.4
-pyasn1==0.6.0
-pyasn1-modules==0.4.0
-requests==2.32.3
-requests-oauthlib==2.0.0
-rsa==4.9
-six==1.16.0
-tensorboard==2.13.0
+Markdown==3.8
+markdown-it-py==3.0.0
+MarkupSafe==3.0.2
+mdurl==0.1.2
+ml_dtypes==0.5.1
+namex==0.1.0
+numpy==2.1.3
+opt_einsum==3.4.0
+optree==0.16.0
+packaging==25.0
+protobuf==5.29.5
+Pygments==2.19.1
+requests==2.32.4
+rich==14.0.0
+six==1.17.0
+tensorboard==2.19.0
 tensorboard-data-server==0.7.2
-tensorflow==2.13.1
-tensorflow-estimator==2.13.0
+tensorflow==2.19.0
 # Note, for `tensorflow-io-gcs-filesystem` it must be pinned to 0.34.0 manually after generating the `requirements.txt` file.
 tensorflow-io-gcs-filesystem==0.34.0
-termcolor==2.4.0
-typing-extensions==4.5.0
-urllib3==2.2.2
-werkzeug==3.0.6
-wheel==0.44.0
-wrapt==1.16.0
-zipp==3.20.1
-
+termcolor==3.1.0
+typing_extensions==4.14.0
+urllib3==2.4.0
+Werkzeug==3.1.3
+wrapt==1.17.2