Fix CVE for 3.6 release

[chensuyue]

User description

Type of Change

others

Description

1. Fix CVE for 3.6 release
   https://github.com/intel/neural-compressor/security/dependabot/823
   https://github.com/intel/neural-compressor/security/dependabot/956
2. Bump release version

Expected Behavior & Potential Risk

the expected behavior that triggered by this PR

How has this PR been tested?

how to reproduce the test (including hardware information)

Dependency Change?

any library dependency introduced or removed

---

PR Type

Bug fix, Enhancement

---

Description

• Update TensorFlow and Transformers versions for CVE fix

• Bump release version to 3.6

---

Diagram Walkthrough

flowchart LR
  A["Update TensorFlow"] -- "CVE fix" --> B["Update Transformers"]
  B -- "CVE fix" --> C["Bump version to 3.6"]

Loading

File Walkthrough

	Relevant files
Configuration changes	version.py Bump version to 3.6                                                                            neural_compressor/version.py Update version to 3.6 +1/-1
Documentation	README.md Update version badge                                                                          README.md Update version badge to 3.6 +1/-1
Dependencies	requirements.txt Update TensorFlow version                                                                examples/tensorflow/nlp/large_language_models/quantization/ptq/gpt-j/requirements.txt Update TensorFlow to 2.12.1 +1/-1      requirements.txt Update Transformers version                                                            examples/tensorflow/nlp/large_language_models/quantization/ptq/smoothquant/requirements.txt Update Transformers to 4.53.0 +1/-1

---

[PRAgent4INC]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Version Pinning Ensure that the pinned versions of tensorflow and transformers are compatible with other dependencies and do not introduce breaking changes. tensorflow==2.12.1 Version Pinning Ensure that the pinned versions of tensorflow and transformers are compatible with other dependencies and do not introduce breaking changes. tensorflow==2.15 datasets transformers==4.53.0

[PRAgent4INC]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
General	Update TensorFlow version Consider specifying a more recent patch version of TensorFlow to benefit from the latest bug fixes and improvements. examples/tensorflow/nlp/large_language_models/quantization/ptq/gpt-j/requirements.txt [1] -tensorflow==2.12 +tensorflow==2.12.1 Suggestion importance[1-10]: 5 __ Why: Updating to a more recent patch version can bring bug fixes and improvements, but it's not a critical change.	Low