You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Due to security risks and the potential of executing arbitrary code, serializing torch models with pickle is not implemented. Currently the only allowed models are those from Hugging Face and those that can be serialized via torch.jit.script.
The proposed custom model "serialization" method that can allow any model to be sent over P2P will involve using the inspect library to send the model source code to the worker. On the worker side, we must analyze the source code for vulnerabilities before then loading the model.
The text was updated successfully, but these errors were encountered:
Due to security risks and the potential of executing arbitrary code, serializing torch models with pickle is not implemented. Currently the only allowed models are those from Hugging Face and those that can be serialized via
torch.jit.script.The proposed custom model "serialization" method that can allow any model to be sent over P2P will involve using the
inspectlibrary to send the model source code to the worker. On the worker side, we must analyze the source code for vulnerabilities before then loading the model.The text was updated successfully, but these errors were encountered: