🔒 fix(model): huggingface unsafe download #2823
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…base This commit updates various DataLoader instances in the project to enable the option, enhancing performance for data loading on GPU. Changes were made in the following files: - : Updated train and test DataLoader configurations. - : Modified datamodule DataLoader to include . - : Added to evaluation DataLoader. - : Updated DataLoader for datasets to utilize . - : Enabled for reference dataset DataLoader. - : Adjusted inference DataLoader to include . These changes aim to optimize memory usage and improve data transfer speeds during model training and inference. Signed-off-by: samet-akcay <samet.akcay@intel.com>
This commit refactors the function in to utilize a dictionary mapping for decoder architectures, improving readability and maintainability. The previous conditional checks have been replaced with a more efficient approach, enhancing the overall structure of the code. Signed-off-by: samet-akcay <samet.akcay@intel.com>
…nsistency This commit modifies the initialization of the logit_scale parameter in the CLIP model to utilize torch.log instead of np.log. This change ensures consistency in tensor operations and improves compatibility with PyTorch's computation graph. Signed-off-by: samet-akcay <samet.akcay@intel.com>
…lculations This commit modifies the anomaly map generation logic to utilize PyTorch tensors instead of NumPy arrays for various calculations. This change enhances compatibility with the PyTorch computation graph and improves performance by leveraging GPU acceleration. Key updates include the conversion of statistical calculations and tensor operations to use PyTorch functions, ensuring consistency in tensor handling throughout the code. Signed-off-by: samet-akcay <samet.akcay@intel.com>
…istical calculations This commit refactors the anomaly map generation logic to replace NumPy-based statistical calculations with PyTorch equivalents, specifically using the distribution for computing tau. Additionally, it improves precision handling by allowing the use of float64 in high precision mode. The changes streamline the computation process and maintain compatibility with the PyTorch computation graph. Signed-off-by: samet-akcay <samet.akcay@intel.com>
Signed-off-by: samet-akcay <samet.akcay@intel.com>
This commit improves the URL validation in the download function to ensure only http and https schemes are allowed. Additionally, it adds comments to clarify the safety of using under these conditions, enhancing code readability and security awareness. Signed-off-by: samet-akcay <samet.akcay@intel.com>
This commit introduces an optional parameter in the Huggingface backend's initialization, allowing users to specify the model revision when loading the processor and model. The changes ensure that the correct model version is utilized, enhancing flexibility and usability for different model configurations. Signed-off-by: samet-akcay <samet.akcay@intel.com>
…rameter This commit removes the optional `revision` parameter from the Huggingface backend's initialization, defaulting to "main" for model loading. This change streamlines the code and ensures consistent model version usage, enhancing clarity and maintainability. Signed-off-by: Samet Akcay <samet.akcay@intel.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
📝 Description
from_pretrained()method in the Hugging Face backend was called without a specific revision, creating a risk of downloading a compromised model.This change resolves the issue by explicitly pinning the model revision to
"main"for both the processor and the model insrc/anomalib/models/image/vlm_ad/backends/huggingface.py.This ensures that a safe and deterministic version of the model is always used.✨ Changes
Select what type of change your PR is:
✅ Checklist
Before you submit your pull request, please make sure you have completed the following steps:
For more information about code review checklists, see the Code Review Checklist.