gavin/transformers
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity

first commit
Some checks failed
Self-hosted runner (nightly-past-ci-caller) / Get number (push) Has been cancelled
Details
Self-hosted runner (nightly-past-ci-caller) / TensorFlow 2.11 (push) Has been cancelled
Details
Self-hosted runner (nightly-past-ci-caller) / TensorFlow 2.10 (push) Has been cancelled
Details
Self-hosted runner (nightly-past-ci-caller) / TensorFlow 2.9 (push) Has been cancelled
Details
Self-hosted runner (nightly-past-ci-caller) / TensorFlow 2.8 (push) Has been cancelled
Details
Self-hosted runner (nightly-past-ci-caller) / TensorFlow 2.7 (push) Has been cancelled
Details
Self-hosted runner (nightly-past-ci-caller) / TensorFlow 2.6 (push) Has been cancelled
Details
Self-hosted runner (nightly-past-ci-caller) / TensorFlow 2.5 (push) Has been cancelled
Details
Self-hosted runner (benchmark) / Benchmark (aws-g5-4xlarge-cache) (push) Has been cancelled
Details
Build documentation / build (push) Has been cancelled
Details
Build documentation / build_other_lang (push) Has been cancelled
Details
CodeQL Security Analysis / CodeQL Analysis (push) Has been cancelled
Details
New model PR merged notification / Notify new model (push) Has been cancelled
Details
PR CI / pr-ci (push) Has been cancelled
Details
Slow tests on important models (on Push - A10) / Get all modified files (push) Has been cancelled
Details
Secret Leaks / trufflehog (push) Has been cancelled
Details
Update Transformers metadata / build_and_package (push) Has been cancelled
Details
Slow tests on important models (on Push - A10) / Model CI (push) Has been cancelled
Details
Check Tiny Models / Check tiny models (push) Has been cancelled
Details
Self-hosted runner (Intel Gaudi3 scheduled CI caller) / Model CI (push) Has been cancelled
Details
Self-hosted runner (Intel Gaudi3 scheduled CI caller) / Pipeline CI (push) Has been cancelled
Details
Self-hosted runner (Intel Gaudi3 scheduled CI caller) / Example CI (push) Has been cancelled
Details
Self-hosted runner (Intel Gaudi3 scheduled CI caller) / DeepSpeed CI (push) Has been cancelled
Details
Self-hosted runner (Intel Gaudi3 scheduled CI caller) / Trainer/FSDP CI (push) Has been cancelled
Details
Nvidia CI - Flash Attn / Setup (push) Has been cancelled
Details
Nvidia CI - Flash Attn / Model CI (push) Has been cancelled
Details
Nvidia CI / Setup (push) Has been cancelled
Details
Nvidia CI / Model CI (push) Has been cancelled
Details
Nvidia CI / Torch pipeline CI (push) Has been cancelled
Details
Nvidia CI / Example CI (push) Has been cancelled
Details
Nvidia CI / Trainer/FSDP CI (push) Has been cancelled
Details
Nvidia CI / DeepSpeed CI (push) Has been cancelled
Details
Nvidia CI / Quantization CI (push) Has been cancelled
Details
Nvidia CI / Kernels CI (push) Has been cancelled
Details
Doctests / Setup (push) Has been cancelled
Details
Doctests / Call doctest jobs (push) Has been cancelled
Details
Doctests / Send results to webhook (push) Has been cancelled
Details
Extras Smoke Test / Get supported Python versions (push) Has been cancelled
Details
Extras Smoke Test / Test extras on Python ${{ matrix.python-version }} (push) Has been cancelled
Details
Extras Smoke Test / Check Slack token availability (push) Has been cancelled
Details
Extras Smoke Test / Notify failures to Slack (push) Has been cancelled
Details
Self-hosted runner (AMD scheduled CI caller) / Trigger Scheduled AMD CI (push) Has been cancelled
Details
Stale Bot / Close Stale Issues (push) Has been cancelled
Details

Browse Source
This commit is contained in:
陈赣
2026-06-05 16:53:03 +08:00
commit 06f1fd69a6
6047 changed files with 1895387 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
SECURITY.md Normal file
View File

@@ -0,0 +1,32 @@
# Security Policy
## Hugging Face Hub, remote artefacts, and remote code
Transformers is open-source software that is tightly coupled to the Hugging Face Hub. While you have the ability to use it
offline with pre-downloaded model weights, it provides a very simple way to download, use, and manage models locally.
When downloading artefacts that have been uploaded by others on any platform, you expose yourself to risks. Please
read below for the security recommendations in order to keep your runtime and local environment safe.
### Remote artefacts
Models uploaded on the Hugging Face Hub come in different formats. We heavily recommend uploading and downloading
models in the [`safetensors`](https://github.com/huggingface/safetensors) format (which is the default prioritized
by the transformers library), as developed specifically to prevent arbitrary code execution on your system.
To avoid loading models from unsafe formats (e.g. [pickle](https://docs.python.org/3/library/pickle.html), you should use the `use_safetensors` parameter. If doing so, in the event that no .safetensors file is present, transformers will error when loading the model.
### Remote code
#### Modeling
Transformers supports many model architectures, but is also the bridge between your Python runtime and models that
are stored in model repositories on the Hugging Face Hub.
These models require the `trust_remote_code=True` parameter to be set when using them; please **always** verify
the content of the modeling files when using this argument. We recommend setting a revision in order to ensure you
protect yourself from updates on the repository.
## Reporting a Vulnerability
Feel free to submit vulnerability reports to [security@huggingface.co](mailto:security@huggingface.co), where someone from the HF security team will review and recommend next steps. If reporting a vulnerability specific to open source, please note [Huntr](https://huntr.com) is a vulnerability disclosure program for open source software.