chore(deps): bump onnxruntime from 1.24.2 to 1.25.0 in /requirements/ci

[dependabot]

Bumps onnxruntime from 1.24.2 to 1.25.0.

Release notes

Sourced from onnxruntime's releases.

ONNX Runtime v1.25.0

📢 Announcements & Breaking Changes

Build & Platform

• C++20 is now required to build ONNX Runtime from source. Minimum toolchains: MSVC 19.29+, GCC 10+, Clang 10+. Users of prebuilt packages are unaffected. (#27178)
• CUDA minimum version raised to 12.0 — CUDA 11.x is no longer supported. Users pinned to CUDA 11.x should stay on ORT 1.24.x or upgrade their CUDA toolkit/driver. (#27570)
• ONNX upgraded to 1.21.0 (#27601)
• sympy is now an optional dependency for Python builds. (#27200)

Execution Provider Changes

• ArmNN EP has been removed. Users should remove any --use_armnn build flags and migrate to the MLAS/KleidiAI-backed CPU EP or QNN EP for Qualcomm hardware. (#27447)

API Version

• ORT_API_VERSION updated to 25. (#27280)

---

🔒 Security Fixes

• Fixed potential integer truncation leading to heap out-of-bounds read/write (#27544)
• Addressed Pad Reflect vulnerability (#27652)
• Security fix for transpose optimizer (#27555)
• Upgraded minimatch 3.1.2 → 3.1.4 for CVE-2026-27904 (#27667)
• Hardened shell command handling for constant strings (#27840)
• Added validation of onnx::TensorProto data size before allocation (#27547)
• Cleaned up external data path validation (#27539)
• Fixed misaligned address reads for tensor attributes from raw data buffers (#27312)
• Fixed CPU Attention overflow issue (#27822)
• Fixed CPU LRN integer overflow issues (#27886)
• Additional input validation hardening:
  • Tile kernel dim overflow (#27566)
  • Out-of-bounds read in cross entropy (#27568)
  • TreeEnsembleClassifier attributes (#27571)
  • AffineGrid (#27572)
  • EmbedLayerNorm position_ids (#27573)
  • RotaryEmbedding position_ids (#27597)
  • RoiAlign batch_indices (#27603)
  • MaxUnpool indices (#27432)
  • QMoECPU swiglu OOB (#27748)
  • SVMClassifier initializer (#27699)
  • Col2Im SafeInt (#27625)

---

✨ New Features

🔌 Execution Provider Plugin API & CUDA Plugin EP

... (truncated)

Commits

• 7a71bc5 Cherry-pick CI/pipeline fixes for rel-1.25.0 (#28106)
• 211edbc FF rel-1.25 to last merge prior to version bump & add first round of cherry p...
• 57b265e [MLAS] Add depthwise with multiplier conv special kernel for NCHW data layout...
• bec2792 Plugin EP event profiling APIs (#27649)
• a997c4f [VitisAI] external_ep_library typo fix (#27647)
• f2c28e2 S390x test fixes (#27404)
• 0f43e16 [QNN-EP] Fix use-after-free of logger object (#27804)
• f22e3a9 webgpu: Optimize DP4A SmallM MatMulNBits tiling (#27910)
• 048e7dc [Plugin EP] Add plugin EP APIs to retrieve ONNX operator schemas (#27713)
• e43d306 [CI] fix: missing branch specifier in schedule directive (#27914)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)