Build(deps): Bump timm from 1.0.25 to 1.0.26 in /requirements

[dependabot]

Bumps timm from 1.0.25 to 1.0.26.

Release notes

Sourced from timm's releases.

Release v1.0.26

March 23, 2026

• Improve pickle checkpoint handling security. Default all loading to weights_only=True, add safe_global for ArgParse.
• Improve attention mask handling for core ViT/EVA models & layers. Resolve bool masks, pass is_causal through for SSL tasks.
• Fix class & register token uses with ViT and no pos embed enabled.
• Add Patch Representation Refinement (PRR) as a pooling option in ViT. Thanks Sina (https://github.com/sinahmr).
• Improve consistency of output projection / MLP dimensions for attention pooling layers.
• Hiera model F.SDPA optimization to allow Flash Attention kernel use.
• Caution added to SGDP optimizer.
• Release 1.0.26. First maintenance release since my departure from Hugging Face.

What's Changed

• fix: replace 5 bare except clauses with except Exception by @​haosenwang1018 in huggingface/pytorch-image-models#2672
• Add timmx model export tool to README by @​Boulaouaney in huggingface/pytorch-image-models#2673
• Enhance SGDP optimizer with caution parameter by @​Yuan-Jinghui in huggingface/pytorch-image-models#2675
• Fix CLS and Reg tokens usage when pos_embed is disabled by @​sinahmr in huggingface/pytorch-image-models#2676
• default weights_only=True for load fns by @​rwightman in huggingface/pytorch-image-models#2679
• Fix Hiera global attention to use 4D tensors for efficient SDPA dispatch by @​Raiden129 in huggingface/pytorch-image-models#2680
• Improve 2d and latent attention pool dimension handling. Fix #2682 by @​rwightman in huggingface/pytorch-image-models#2684
• Improve attention mask handling for vision_transformer and eva and related blocks by @​rwightman in huggingface/pytorch-image-models#2686
• Implement PRR as a pooling module. Alternative to #2678 by @​rwightman in huggingface/pytorch-image-models#2685

New Contributors

• @​haosenwang1018 made their first contribution in huggingface/pytorch-image-models#2672
• @​Raiden129 made their first contribution in huggingface/pytorch-image-models#2680

Full Changelog: huggingface/pytorch-image-models@v1.0.25...v1.0.26

Commits

• 8d0f79e Release 1.0.26
• 6e3fdda Implement PRR as a pooling module. Alternative to #2678
• 8b4239c Add comments for DinoV3 re global pool (class token). Fix #2681
• 52e6d19 Change avg_checkpoints.py to use more secure load helper
• 7a2f49b Fix FX tracing on resolve_self_attn_mask
• 61a26c7 Improve attention mask handling for vision_transformer and eva and related bl...
• 3e8def8 Improve 2d and latent attention pool dimension handling. Fix #2682
• a94c10f Update version.py
• 0c90043 fix: branch Hiera MaskUnitAttention into 4D global path for FlashAttention di...
• a346c76 Further refine weights_only=True, add safe globals for argparse Namespace to ...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)