Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: adding secure loading of models by default for haystack #3901

Merged
merged 6 commits into from
Jan 24, 2023
Merged

feat: adding secure loading of models by default for haystack #3901

merged 6 commits into from
Jan 24, 2023

Conversation

mayankjobanputra
Copy link
Contributor

@mayankjobanputra mayankjobanputra commented Jan 21, 2023
edited
Loading

Related Issues

Proposed Changes:

setting TORCH_FORCE_WEIGHTS_ONLY_LOAD to 1 by default

How did you test it?

added unit test

Notes for the reviewer

To load secure-only model pytorch requires the value of TORCH_FORCE_WEIGHTS_ONLY_LOAD to be ["1", "y", "yes", "true"]
For more details please refer to pytorch PR pytorch/pytorch#87443.

Checklist

  • I have read the contributors guidelines and the code of conduct
  • I have updated the related issue with new insights and changes
  • I added tests that demonstrate the correct behavior of the change
  • I've used one of the conventional commit types for my PR title: fix:, feat:, build:, chore:, ci:, docs:, style:, refactor:, perf:, test:.
  • I documented my code
  • I ran pre-commit hooks and fixed any issue

@mayankjobanputra mayankjobanputra requested a review from a team as a code owner January 21, 2023 18:18
@mayankjobanputra mayankjobanputra requested review from julian-risch and removed request for a team January 21, 2023 18:18
@mayankjobanputra mayankjobanputra changed the title adding secure loading of models by default feat: adding secure loading of models by default for haystack Jan 21, 2023
masci
masci suggested changes Jan 23, 2023
View reviewed changes
test/others/test_utils.py Outdated Show resolved Hide resolved
test/others/test_utils.py Show resolved Hide resolved
haystack/environment.py Outdated Show resolved Hide resolved
julian-risch
julian-risch requested changes Jan 23, 2023
View reviewed changes
Copy link
Member

@julian-risch julian-risch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's great to see this improvement! I have two small change requests specified in the comments below but I approve the idea of setting TORCH_FORCE_WEIGHTS_ONLY_LOAD in general. 👍

haystack/environment.py
@@ -18,6 +18,12 @@
env_meta_data: Dict[str, Any] = {}


def set_pytorch_secure_model_loading(flag_val="1"):
# To load secure only model pytorch requires value of
# TORCH_FORCE_WEIGHTS_ONLY_LOAD to be ["1", "y", "yes", "true"]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should check whether this flag is set to any value different from ["1", "y", "yes", "true"] before setting it to 1. Maybe a user explicitly set it to False. In that case we shouldn't silently overwrite it. Instead, let's at least log a warning.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changed it. I think your suggestion is taken care of, but please do let me know if you disagree.

test/others/test_utils.py Outdated Show resolved Hide resolved
masci
masci approved these changes Jan 24, 2023
View reviewed changes
Copy link
Contributor

@masci masci left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left a minor suggestion but the PR looks good to me!

haystack/environment.py Outdated Show resolved Hide resolved
@julian-risch @masci
change log string formatting
1e68deb 
Co-authored-by: Massimiliano Pippi <[email protected]>
julian-risch
julian-risch approved these changes Jan 24, 2023
View reviewed changes
Copy link
Member

@julian-risch julian-risch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me. 👍 I will merge this now so that we have it on main before branching off.

@ZanSara ZanSara added this to the 1.13.0 milestone Jan 24, 2023
@mayankjobanputra mayankjobanputra merged commit 5c53b2b into main Jan 24, 2023
@mayankjobanputra mayankjobanputra deleted the mayank/secure_pytorch branch January 24, 2023 17:31
ZanSara pushed a commit that referenced this pull request Jan 27, 2023
@mayankjobanputra @julian-risch
@masci @ZanSara
feat: adding secure loading of models by default for haystack (#3901)
eaac6b9 
* adding secure loading of models by default

* simplified set function

* testing import effect correctly

* added appropriate log line, adapted the test

* change log string formatting

Co-authored-by: Massimiliano Pippi <[email protected]>

* remove extra closing bracket )

Co-authored-by: Julian Risch <[email protected]>
Co-authored-by: Massimiliano Pippi <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@masci masci masci approved these changes

@julian-risch julian-risch julian-risch approved these changes

Assignees
No one assigned
Labels
topic:modeling
Projects
None yet
Milestone
1.13.0
Development

Successfully merging this pull request may close these issues.

Better model security with new PyTorch version
4 participants
@mayankjobanputra @masci @julian-risch @ZanSara