huggingface/text-generation-inference
5
0
Fork 0
mirror of https://github.com/huggingface/text-generation-inference.git synced 2025-09-11 12:24:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Pickle conversion now requires --trust-remote-code.

Browse Source
This commit is contained in:
Nicolas Patry 2024-04-04 13:16:32 +00:00
parent 4ee0a0c401
commit ac118a5ad0
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
server/text_generation_server/cli.py
View File

@ -249,6 +249,13 @@ def download_weights(
local_pt_files = utils.download_weights(pt_filenames, model_id, revision) local_pt_files = utils.download_weights(pt_filenames, model_id, revision)
if auto_convert: if auto_convert:
if not trust_remote_code:
raise RuntimeError(
f"Safetensors conversion is disabled without `--trust-remote-code` because "
f"Pickle files are unsafe and can essentially contain remote code execution."
f"Please check the safety checks on the hub and ideally make the conversion in a sandbox or in a space."
)
logger.warning( logger.warning(
f"No safetensors weights found for model {model_id} at revision {revision}. " f"No safetensors weights found for model {model_id} at revision {revision}. "
f"Converting PyTorch weights to safetensors." f"Converting PyTorch weights to safetensors."