chore(deps): bump onnxruntime from 1.25.1 to 1.26.0 in /requirements/ci

[dependabot]

Bumps onnxruntime from 1.25.1 to 1.26.0.

Release notes

Sourced from onnxruntime's releases.

1.26.0

n.b. The following was generated via LLM from Git history. Only the contributor list has been verified.

ONNX Runtime Release 1.26.0

Announcement - Breaking Changes

• Support for CUDA 12 will be removed in 1.27.0.
  • CUDA 13 will continue to be published as onnxruntime-<os>-<arch>-gpu_cuda13-<version>.<ext>
• CUDA runtime will be moving soon to a dedicated Execution Provider (EP) instead of a published package from ORT core.

Highlights

• Added optional memory mapping for .ort model loads (#28164).
• Added RISC-V Vector (RVV) support for CPU EP (#28261).
• OpenVINO EP upgraded for 1.26.0 development release (#28297).
• WebGPU gained GridSample support (#28264) and Split-K improvements (#28151).
• CUDA plugin EP gained graph support (#28002), profiling API (#28216).

Security and Reliability Hardening

• Replaced unrestricted Python setattr configuration with an allowlist (#28083).
• Hardened multiple OOB and overflow scenarios across ML and core ops:
  • Attention mask index OOB write (#27789).
  • MaxPoolGrad indices bounds validation (#27903).
  • SVM and TreeEnsemble bounds/security fixes (#27950, #27951, #27952, #27989).
  • RNN sequence_lens OOB read and integer overflow handling (#28052, #28003).
  • GroupQueryAttention seqlens_k bounds validation and compatibility follow-up (#28031, #28259).
  • MatMulBnb4 and ML coefficient SafeInt checks (#27995, #28001).
  • CUDA Gather int32 overflow fix (#28108).
  • GridSample float->int64 cast hardening for NaN/Inf/out-of-range coords (#28302).
• Fixed session logger use-after-free during EP teardown under verbose logging (#28274).

CUDA, Attention, and MLAS

• Filled CUDA opset/operator gaps and extended support:
  • Transpose opset 23 -> 25 (#27740).
  • QuantizeLinear/DequantizeLinear opset 25 (#28046).
  • CUDA TopK INT8/INT16/UINT8 support (#27862).
  • LabelEncoder CUDA support for numeric types (#28045).
• Attention/GQA improvements:
  • Fixed ONNX Attention min-bias alignment crash on SM<80 and masked-batch NaN behavior (#27831).
  • Added FP32 QK accumulation path for unfused GQA attention (#28198).
  • Added CUDART_VERSION reduction compatibility in GQA attention (#28296).
  • Fixed CUDA 13 build error in GQA unfused attention (#28309).
  • PagedAttention fallback for SM<80 fp16 (#28200).
• MLAS updates:
  • FP16 Gelu enablement (#26815).
  • Arm64 BF16 fast-math conv kernels for NCHW/NCHWc paths (#27878).

... (truncated)

Commits

• 8c546c3 1.26.0 - cherry-pick for RC2 (#28347)
• 55c5c82 GridSample: harden float->int64 casts against NaN/Inf/out-of-range coords (#2...
• 60ce9cc Relax GQA seqlens_k shape validation for backward compat with older models (#...
• d02a0fd Fix DoubleQDQPairsRemover adding spurious dimension to scalar scale/zero-poin...
• 9b30f30 remove weights_are_all_positive_ from TreeEnsemble (#27552)
• 5f2f848 fix(ci): incorrect relative template includes for setup-feeds (#28312)
• de2bc90 Add QNN Plugin EP repo link to README (#28225)
• 8dd4a06 Include license file in built distributions (#27783)
• 6e19374 Fix CUDA 13 build error in gqa_unfused_attention.cu (#28309)
• d6c363c [OVEP] OpenVINO EP 1.26.0 Development Release Updates (#28297)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)