Skip to content

Commit

Permalink
Merge branch 'main' into dependabot/pip/tomlkit-0.12.4
Browse files Browse the repository at this point in the history
  • Loading branch information
seanpmorgan authored Apr 25, 2024
2 parents 2a426d4 + 02fdd4a commit 136f02e
Show file tree
Hide file tree
Showing 12 changed files with 128 additions and 108 deletions.
9 changes: 4 additions & 5 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -1,11 +1,10 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file

version: 2
updates:
- package-ecosystem: "pip" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "weekly"
- package-ecosystem: github-actions
directory: /
schedule:
interval: weekly
6 changes: 3 additions & 3 deletions .github/workflows/bandit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@ jobs:
bandit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.8"
- uses: snok/install-poetry@v1
Expand All @@ -21,7 +21,7 @@ jobs:
installer-parallel: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: .venv
key: venv-test-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/black.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ jobs:
lint:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
- uses: psf/black@stable
with:
version: "22.8.0"
6 changes: 3 additions & 3 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,10 @@ jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Necessary to get tags
- uses: actions/setup-python@v2
- uses: actions/setup-python@v5
with:
python-version: "3.8"
- uses: snok/install-poetry@v1
Expand All @@ -27,7 +27,7 @@ jobs:
installer-parallel: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: .venv
key: venv-prod-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/mypy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,8 @@ jobs:
mypy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
- uses: actions/checkout@v4
- uses: actions/setup-python@v5
with:
python-version: "3.8"
- uses: snok/install-poetry@v1
Expand All @@ -21,7 +21,7 @@ jobs:
installer-parallel: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: .venv
key: venv-test-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/publish.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,10 +14,10 @@ jobs:

steps:
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@v4
with:
fetch-depth: 0 # Necessary to get tags
- uses: actions/setup-python@v2
- uses: actions/setup-python@v5
with:
python-version: "3.8"
- uses: snok/install-poetry@v1
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,9 +14,9 @@ jobs:
python-version: ["3.8", "3.9", "3.10", "3.11"]

steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v2
uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
- uses: snok/install-poetry@v1
Expand All @@ -26,7 +26,7 @@ jobs:
installer-parallel: true
- name: Load cached venv
id: cached-poetry-dependencies
uses: actions/cache@v3
uses: actions/cache@v4
with:
path: .venv
key: venv-test-${{ runner.os }}-${{ steps.setup-python.outputs.python-version }}-${{ hashFiles('**/poetry.lock') }}
Expand Down
7 changes: 6 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ pip install modelscan
With it installed, scan a model:

```bash
modelscan -p /path/to/model_file.h5
modelscan -p /path/to/model_file.pkl
```

## Why You Should Scan Models
Expand Down Expand Up @@ -105,6 +105,11 @@ or `pyproject.toml` like this:
modelscan = ">=0.1.1"
```

Scanners for Tensorflow or HD5 formatted models require installation with extras:
```bash
pip install 'modelscan[ tensorflow, h5py ]'
```

### Using ModelScan via CLI

ModelScan supports the following arguments via the CLI:
Expand Down
18 changes: 9 additions & 9 deletions modelscan/modelscan.py
Original file line number Diff line number Diff line change
Expand Up @@ -227,7 +227,7 @@ def _scan_source(
def _generate_results(self) -> Dict[str, Any]:
report: Dict[str, Any] = {}

absolute_path = Path(self._input_path).resolve()
absolute_path = Path(self._input_path).absolute()
if Path(self._input_path).is_file():
absolute_path = Path(absolute_path).parent

Expand All @@ -254,9 +254,8 @@ def _generate_results(self) -> Dict[str, Any]:
if self._scanned:
scanned_files = []
for file_name in self._scanned:
resolved_file = Path(file_name).resolve()
scanned_files.append(
str(resolved_file.relative_to(Path(absolute_path)))
str(Path(file_name).relative_to(Path(absolute_path)))
)

report["summary"]["scanned"]["scanned_files"] = scanned_files
Expand All @@ -267,8 +266,9 @@ def _generate_results(self) -> Dict[str, Any]:
]

for issue in report["issues"]:
resolved_file = Path(issue["source"]).resolve()
issue["source"] = str(resolved_file.relative_to(Path(absolute_path)))
issue["source"] = str(
Path(issue["source"]).relative_to(Path(absolute_path))
)
else:
report["issues"] = []

Expand All @@ -277,9 +277,10 @@ def _generate_results(self) -> Dict[str, Any]:
for error in self._errors:
error_information = error.to_dict()
if "source" in error_information:
resolved_file = Path(error_information["source"]).resolve()
error_information["source"] = str(
resolved_file.relative_to(Path(absolute_path))
Path(error_information["source"]).relative_to(
Path(absolute_path)
)
)

all_errors.append(error_information)
Expand All @@ -294,9 +295,8 @@ def _generate_results(self) -> Dict[str, Any]:
skipped_file_information = {}
skipped_file_information["category"] = str(skipped_file.category.name)
skipped_file_information["description"] = str(skipped_file.message)
resolved_file = Path(skipped_file.source).resolve()
skipped_file_information["source"] = str(
resolved_file.relative_to(Path(absolute_path))
Path(skipped_file.source).relative_to(Path(absolute_path))
)
all_skipped_files.append(skipped_file_information)

Expand Down
4 changes: 3 additions & 1 deletion modelscan/scanners/saved_model/scan.py
Original file line number Diff line number Diff line change
Expand Up @@ -64,7 +64,9 @@ def _check_for_unsafe_tf_keras_operator(
unsafe_operators: Dict[str, Any],
) -> ScanResults:
issues: List[Issue] = []
all_operators = tensorflow.raw_ops.__dict__.keys()
all_operators = (
tensorflow.raw_ops.__dict__.keys() if tensorflow_installed else []
)
all_safe_operators = [
operator for operator in list(all_operators) if operator[0] != "_"
]
Expand Down
14 changes: 14 additions & 0 deletions modelscan/settings.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,31 +15,45 @@
"scanners": {
"modelscan.scanners.H5LambdaDetectScan": {
"enabled": True,
"supported_extensions": [".h5"],
},
"modelscan.scanners.KerasLambdaDetectScan": {
"enabled": True,
"supported_extensions": [".keras"],
},
"modelscan.scanners.SavedModelLambdaDetectScan": {
"enabled": True,
"supported_extensions": [".pb"],
"unsafe_keras_operators": {
"Lambda": "MEDIUM",
},
},
"modelscan.scanners.SavedModelTensorflowOpScan": {
"enabled": True,
"supported_extensions": [".pb"],
"unsafe_tf_operators": {
"ReadFile": "HIGH",
"WriteFile": "HIGH",
},
},
"modelscan.scanners.NumpyUnsafeOpScan": {
"enabled": True,
"supported_extensions": [".npy"],
},
"modelscan.scanners.PickleUnsafeOpScan": {
"enabled": True,
"supported_extensions": [
".pkl",
".pickle",
".joblib",
".dill",
".dat",
".data",
],
},
"modelscan.scanners.PyTorchUnsafeOpScan": {
"enabled": True,
"supported_extensions": [".bin", ".pt", ".pth", ".ckpt"],
},
},
"middlewares": {
Expand Down
Loading

0 comments on commit 136f02e

Please sign in to comment.