Stable-Diffusion-Pickle-Scanner-GUI
safetensors
Stable-Diffusion-Pickle-Scanner-GUI | safetensors | |
---|---|---|
21 | 31 | |
208 | 2,452 | |
- | 4.0% | |
0.0 | 8.2 | |
over 1 year ago | 14 days ago | |
Python | Python | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stable-Diffusion-Pickle-Scanner-GUI
- ⚠️WARNING⚠️ never open a .ckpt file without knowing exactly what's inside (especially SDXL)
- Textual Inversion / .pt file are those secure to use? or how to use it safely
-
Stable Diffusion on Virtual Machine to avoid Pickles
Pickle scanner: https://github.com/diStyApps/Stable-Diffusion-Pickle-Scanner-GUI
- Stable Diffusion modellerindeki gizli tehlike
-
Anyone know an online ckpt to safetensor converter?
Did you do a pickle scan on it already? You can find Distys pickle scanner here. If it's clean, then you could load it into Auto1111 and just do a checkpoint merge of that model at "0" (Meaning 100%) and save it as safetensor.
- How do I scan the models?
-
Any way to merge a checkpoint with a vae
Safetensor is a new file format for models. Checkpoints create a security risk, since they are Python code encapsulated in binary form, so a malicious actor could put whatever code they wanted in one of those, and which is why it's recommended that you only use .ckpt models from reputable sources or use a checker like this https://github.com/diStyApps/Stable-Diffusion-Pickle-Scanner-GUI to make sure they are "clean."
-
Safe & Stable - Ckpt2Safetensors Conversion Tool-GUI v0.1.0: New Update, Now with the Ability to Convert Back to ckpt.
If you are concerned about malware being embedded in .ckpt files, you can use an online tool to scan the models, or my Stable-Diffusion-Pickle-Scanner-GUI tool to scan your models before converting them.
-
Safe & Stable: Conversion Tool for Safer Stable Diffusion Models Distribution
I also recently updated my Stable Diffusion Pickle Scanner GUI, which you can find here: https://github.com/diStyApps/Stable-Diffusion-Pickle-Scanner-GUI Let me know what you think and if you have any suggestions for improvement!
-
Save yourself some space with Stable Diffusion Checkpoint Prunage Tool.
There is also an update for Stable-Diffusion-Pickle-Scanner-GUI https://github.com/diStyApps/Stable-Diffusion-Pickle-Scanner-GUI
safetensors
-
Llamafile lets you distribute and run LLMs with a single file
The ML field is doing work in that area: https://github.com/huggingface/safetensors
-
Hugging Face raises $235M from investors including Salesforce and Nvidia
FYI the file format, safetensors, was proposed, developed and maintained by HF, and involved people from groups such as Eleuther and Stability for external security audits.
https://github.com/huggingface/safetensors https://huggingface.co/blog/safetensors-security-audit
-
I Made Stable Diffusion XL Smarter by Finetuning It on Bad AI-Generated Images
Thank you for note on this. I had not heard there were already trojan horse malware being slipped into tensor files as python scripts. Apparently torch pickle uses eval on the tensor file with no filter.
Heard surprisingly little commentary on this topic. The full explanation of how Safetensors are "Safe" can be found from the developer at: https://github.com/huggingface/safetensors/discussions/111
- Pickle safety in Python
-
What makes .safetensors files safe?
Here the developer goes into some detail about what kinds of protections .safetensor files have : https://github.com/huggingface/safetensors/discussions/111
-
Security PSA: huggingface models are code. not just data.
Use the safetensors format, which allows safe persistence and loading of models for common libraries - TensorFlow, PyTorch, JAX, etc. We went through external audits in the last few months (blog post). The current direction will be to have this as the default format.
- What's your favorite model. Right now I'm really enjoying dreamshaper.
- Lora, ggml, safetensors, hf, etc. Is there a glossary and guide on which model to choose?
-
Stability AI Launches the First of Its StableLM Suite of Language Models
I've been diving in lately and while it's not efficient, the only way to do manage is to create a new conda/mamba environment, or a custom Docker image for all the conflicting packages.
For safety and speed, you should prefer the safetensor format: https://huggingface.co/docs/safetensors/speed
If you know what you are doing you can do your own conversions: https://github.com/huggingface/safetensors or for safety, https://huggingface.co/spaces/diffusers/convert
-
CKPT to Safetensors
GitHub - huggingface/safetensors: Simple, safe way to store and distribute tensors
What are some alternatives?
Safe-and-Stable-Ckpt2Safetensors-Conversion-Tool-GUI - Convert your Stable Diffusion checkpoints quickly and easily.
stable-diffusion-webui - Stable Diffusion web UI
picklescan - Security scanner detecting Python Pickle files performing suspicious actions
llama.cpp - LLM inference in C/C++
spaCy - 💫 Industrial-strength Natural Language Processing (NLP) in Python
Stable-Diffusion-Checkpoint-Prunage-Tool-GUI - Save yourself some disk space by pruning checkpoints
InvokeAI - InvokeAI is a leading creative engine for Stable Diffusion models, empowering professionals, artists, and enthusiasts to generate and create visual media using the latest AI-driven technologies. The solution offers an industry leading WebUI, supports terminal use through a CLI, and serves as the foundation for multiple commercial products.
stable-diffusion-webui-docker - Easy Docker setup for Stable Diffusion with user-friendly UI
stable-diffusion-webui-model-toolkit - A Multipurpose toolkit for managing, editing and creating models.
YourVision - AI-powered image editor
alpaca_lora_4bit