Safetensors, a file format designed for secure storage and loading of tensors, has officially joined the PyTorch Foundation. This move aims to enhance model security and interoperability within the PyTorch ecosystem.
The format, originally developed by Hugging Face, is known for preventing code injection attacks commonly associated with pickle-based serialization. By becoming a member of the PyTorch Foundation, Safetensors will benefit from broader community support and integration with the widely-used machine learning framework.
"This partnership marks a significant step towards safer AI model distribution," said a representative from Safetensors. "Developers can now rely on a standardized, secure method for sharing models within the PyTorch environment."
Joining the foundation also means Safetensors will align with PyTorch's governance and development practices, potentially accelerating its adoption across the industry.
"We welcome Safetensors to the PyTorch Foundation," said a spokesperson for the foundation. "Their commitment to security aligns with our mission to provide reliable tools for the AI community."
The move underscores the growing emphasis on security in machine learning workflows, as the industry shifts towards safer practices for model deployment and sharing.