"This model has one file that has been marked as unsafe." in HF Hub
See original GitHub issueHey!
After uploading a trained SetFit model with torch head to HF hub, the following message popped up in my repository.
Additionally, if I press on the “pickle” tag next to the model_head.pkl
in “Files and versions”, then I can see this.
I am wondering whether this is a known issue or I done something wrong? Unfortunately, the repo is private, but if needed I can try to share it.
Issue Analytics
- State:
- Created 9 months ago
- Comments:12 (10 by maintainers)
Top Results From Across the Web
Download files from the Hub - Hugging Face
Download and store a file from the Hub. The hf_hub_download() function is the main function for downloading files from the Hub. It downloads...
Read more >Reimagining our futures together: a new social contract for ...
While the expansion of education systems has created opportunities for many, vast numbers have been left with low-quality learning.
Read more >Human Performance Improvement Handbook, Volume 1
This Human Performance Improvement Handbook is a reference for anyone working in the. Department of Energy (DOE) community who wants to learn more...
Read more >Psychedelics - PMC - NCBI - NIH
Indeed, one of the most striking developments in this field has been the initiation ... is a general public perception that psychedelic drugs...
Read more >Housing First in Canada: Supporting Communities to End ...
Edmonton, Alberta, is a model designed to address the over- ... Since that time, Housing First has been taken up and applied in...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Hi @jegork, we run a static analysis on pickle files to gather information about specific opcodes, basically python
imports
.It may be that the framework you used to serialise your data does something fancy with its pickle. Without the file I won’t be able to check what went wrong here. Could you run
python3 -m pickletools <your_file>
and send use the output here ? Hopefully it’s not too long.joblib
is currently hard to replace with safetensors, asself.model_head
is eitherSetFitHead
orLogisticRegression
. I’m considering proposing an interface for SetFit heads which both heads must implement. This interface could then contain asave
and aload
method.