top | item 46598938

(no title)

arseniibr | 1 month ago

OP here. One of the annoying edge cases I hit was handling "Zip Bombs" in PyTorch files (since .pt is just a zip). Had to implement a stream reader with strict memory limits to prevent the scanner itself from OOMing on malicious archives.

Also, the "Identity Check" was tricky because people often rename files locally (e.g., model.bin instead of pytorch_model.bin). The tool now queries the HF API to find if any file in the repo matches the local hash, rather than just relying on the filename. Happy to answer any questions!

discuss

No comments yet.