product

safetensors

productactivesafetensors-4b52001c·2 events·first seen 1mo ago

Aliases: safetensors

Co-occurring entities

Hugging Face pickle PyTorch Foundation PyTorch

More like this (12)

gpt-oss-safeguard SafeCoder sandboxing TruffleSecurity safe-completions SafeCtrl-RL SafetyKit Safety Gym SafeSteer Frontier Safety Framework NIST PatchTST

Recent events (2)

6Hugging Face Blog·28d ago·source ↗

Safetensors Security Audit Confirms Safety, Format Becoming Default on Hugging Face

Hugging Face conducted an independent security audit of the Safetensors file format, which stores model weights without executable code. The audit confirmed the format is secure against the serialization-based attacks that affect formats like pickle. Safetensors is now being adopted as the default model weight format on the Hugging Face Hub, replacing less secure alternatives.

Enterprise Deployment Patterns Agent and Tool Ecosystem safetensors pickle Hugging Face

5Hugging Face Blog·1mo ago·source ↗

Safetensors is Joining the PyTorch Foundation

The safetensors format, developed by Hugging Face as a secure and fast alternative to pickle-based model serialization, is being adopted under the PyTorch Foundation. This move formalizes safetensors as part of the broader PyTorch ecosystem, signaling growing standardization around safe model weight storage. The transition reflects increasing industry concern about supply-chain security in ML model distribution.

Training Infrastructure Open Weights Progress PyTorch Foundation safetensors Hugging Face +2 more