Please use safetensors, not pickle
#1
by
MoonRide
- opened
Pickle format is inherently insecure, and was used to spread malware multiple times, including infected model weights on HF.
Please stop distributing weights as pickles, and use much safer safetensors format, instead.
thank you for your advice. we will updated our model to safetensors.
π
MoonRide
changed discussion status to
closed