stf on Nostr: TIL pytorch models are just compressed python pickle files? ...
TIL pytorch models are just compressed python pickle files?
https://www.reversinglabs.com/blog/rl-identifies-malware-ml-model-hosted-on-hugging-face
can we please eliminate the pickle footgun from python? this is so embarrassing like a '../' path traversal in online services... 🤦♂️
https://www.reversinglabs.com/blog/rl-identifies-malware-ml-model-hosted-on-hugging-face
can we please eliminate the pickle footgun from python? this is so embarrassing like a '../' path traversal in online services... 🤦♂️