PyPI - genesis-flow - Versions diffs - 1.0.7__py3-none-any.whl → 1.0.9__py3-none-any.whl - Mend

genesis-flow 1.0.7py3-none-any.whl → 1.0.9py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

{genesis_flow-1.0.7.dist-info → genesis_flow-1.0.9.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: genesis-flow
-Version: 1.0.7
+Version: 1.0.9
 Summary: Genesis-Flow: MLflow v3.1.4 compatible fork for Genesis platform
 Maintainer-email: Databricks <mlflow-oss-maintainers@googlegroups.com>
 License: Copyright 2018 Databricks, Inc.  All rights reserved.
@@ -316,7 +316,6 @@ Genesis-Flow is a secure, lightweight, and scalable ML operations platform built
 ### Security-First Design
 - **Input validation** against SQL injection and path traversal attacks
-- **Secure model loading** with restricted pickle deserialization
 - **Authentication** and authorization ready for enterprise deployment
 - **Security patches** for all known vulnerabilities in dependencies
@@ -504,7 +503,6 @@ export MLFLOW_POSTGRES_USERNAME="user@tenant"
 export GOOGLE_APPLICATION_CREDENTIALS="/path/to/service-account.json"
 # Security configuration
-export MLFLOW_ENABLE_SECURE_MODEL_LOADING=true
 export MLFLOW_STRICT_INPUT_VALIDATION=true
 ```
@@ -761,7 +759,6 @@ entry_points = {
 - ✅ **Input validation** against injection attacks
 - ✅ **Path traversal protection** for file operations
-- ✅ **Secure pickle loading** with restricted unpickling
 - ✅ **Authentication hooks** for enterprise SSO integration
 - ✅ **Audit logging** for compliance requirements
 - ✅ **Encrypted communication** support

{genesis_flow-1.0.7.dist-info → genesis_flow-1.0.9.dist-info}/RECORD RENAMED Viewed

@@ -1,4 +1,4 @@
-genesis_flow-1.0.7.dist-info/licenses/LICENSE.txt,sha256=Y5U1Xebzka__NZlqMPtBsYm0mRpMtUmTrONatpoL-ig,11382
+genesis_flow-1.0.9.dist-info/licenses/LICENSE.txt,sha256=Y5U1Xebzka__NZlqMPtBsYm0mRpMtUmTrONatpoL-ig,11382
 mlflow/__init__.py,sha256=-_r__N5Afed81pLVtr2wKbHQIA0aj9u9n_7kWGxLWi4,11194
 mlflow/__main__.py,sha256=_PcdoxKehR_a2MI6GqBfzYzRCXZhVyDCSdbxDWVlWd4,39
 mlflow/cli.py,sha256=f1ObrWZ03HgRiRoVEE1Gffe-dGcSY7CxJyEFgb5VUMM,26137
@@ -311,7 +311,7 @@ mlflow/pyfunc/backend.py,sha256=5-tjUnY1nPecoNCxFjhLjPbhHsDGR9_0P9ym02_J3HA,2077
 mlflow/pyfunc/context.py,sha256=nXQcP61XR7cKx6CeFsdAM4TD-NOrIEt_GQSfJ990xc4,3007
 mlflow/pyfunc/dbconnect_artifact_cache.py,sha256=-Ji_GU-NLvGyxYrOFhR81SYn4E6ykiFcZl35hRQ9c6A,5769
 mlflow/pyfunc/mlserver.py,sha256=ER7tXcOZ-tAUblMbgqPVT2E8BtBGH1HXLSSOmsQUB_c,1271
-mlflow/pyfunc/model.py,sha256=aDwfNKgoVw4sl9W0WZfOa9st5WTsSF3NWbF5TgM3bDs,64507
+mlflow/pyfunc/model.py,sha256=sOM5lgC0cvZmbv-u-NVE4xwWKv6WskP_xR8YKVNvOIg,63797
 mlflow/pyfunc/spark_model_cache.py,sha256=sFFAi-LxXEJdqk8szm32XxK5IFsISpxxVjAWjWbHZ1U,2091
 mlflow/pyfunc/stdin_server.py,sha256=gNkWxlCz3KLu6jvZNeNytmKAy4j5gIXOpIehrizm43s,1362
 mlflow/pyfunc/loaders/__init__.py,sha256=W3Bny093PoREOCqavIzKJ3lYeZUBXhxk3EDkCqc_lBc,276
@@ -364,7 +364,7 @@ mlflow/server/graphql/graphql_errors.py,sha256=B-U26g2vsJoKNg2hax-Gl3A66LB-y5adB
 mlflow/server/graphql/graphql_no_batching.py,sha256=3J7h6-qn6nbonYZWWCBlOgMC37NiSnKvA6P_rp5sSxc,2972
 mlflow/server/graphql/graphql_schema_extensions.py,sha256=i6DeNbzLcvBKXc_jLG_dCdXwA2cY__XPM6bU1dGQ8bM,2329
 mlflow/shap/__init__.py,sha256=i6UAJd-XYu7Nw6rbfxaGvr5vfK-6gUfU2MXMAZvSM-c,25558
-mlflow/sklearn/__init__.py,sha256=ovyR0zHB_HKoysOlElzx2EsonkisucHR8PslBsVMtfA,86026
+mlflow/sklearn/__init__.py,sha256=unYCnl3rXRlwptsluRiLjooR_KBM6anOZrvbzgiKe1A,85957
 mlflow/sklearn/utils.py,sha256=CM9z-UD65RBN4sIdEoJWhazkdmE9Wa9InjsU61y1XfE,38912
 mlflow/smolagents/__init__.py,sha256=V2sfkuWxQ090CaIjwBh7icD0bSgYP3jKD5MRzy__uW0,2202
 mlflow/smolagents/autolog.py,sha256=5GJpqmXs8dd2tf4jkL6fk7Fxb0TsxAMykB865M-BpK8,4770
@@ -613,7 +613,6 @@ mlflow/utils/requirements_utils.py,sha256=79BL9iFqg9H4VRYiqk-gTLlrfLyUY7KVG4BDV8
 mlflow/utils/rest_utils.py,sha256=R5MZk0Ck358VeW-DKqpfSyDHbWjg_slQTpRfr4ZLDLM,26664
 mlflow/utils/search_logged_model_utils.py,sha256=JWczQxogo4u9Gr3gfoSVf7tVny1e-rxfAchh3Vqy6RU,4289
 mlflow/utils/search_utils.py,sha256=PgXtwlViHvmahY63otykh5iJVW0PR9DIwetrvCCBw2U,86142
-mlflow/utils/secure_loading.py,sha256=1d-Hf0QkU6WkGjLKvAKcXv7sLa6xl2utig1lT-Hhyp4,10262
 mlflow/utils/security_validation.py,sha256=cLBrLNOoVJuAffO677v0m_v4i-01v7aLk-sJk87mpkQ,12830
 mlflow/utils/server_cli_utils.py,sha256=gbT5CVkOLorSw-y8bnNSBEP9mClcVTagtTN5SK5Azhw,2381
 mlflow/utils/spark_utils.py,sha256=zUbQIRAtwyU3rDJK8m7v42KO2TSGn28Coe_UYBEhIWA,395
@@ -641,8 +640,8 @@ mlflow/utils/autologging_utils/metrics_queue.py,sha256=bwpMX7Go6xFxrpYROi6rDBdVt
 mlflow/utils/autologging_utils/safety.py,sha256=IwbTbusyE87Hc4qkhhvMikoaZqX9kpr972FWS2B8goc,51465
 mlflow/utils/autologging_utils/versioning.py,sha256=2hSN4KXFWEJCcopDdLG6BiPeqSoqjETeNMuUBsCCwlI,3762
 mlflow/utils/import_hooks/__init__.py,sha256=werje98Woelkbwrhtlb8wmRdt3RtiL--LqGru7Xh3YU,13589
-genesis_flow-1.0.7.dist-info/METADATA,sha256=Z4t8Zn9OIxkH7d-hTozfYP0c8_-VB-WQ0KWo8XxyDHw,33401
-genesis_flow-1.0.7.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-genesis_flow-1.0.7.dist-info/entry_points.txt,sha256=YZZiTHSYQpv8vou6gdqWI17piK9Pm0P3BmZ-xepUtnw,449
-genesis_flow-1.0.7.dist-info/top_level.txt,sha256=wm8UqYyUHI21EvrTDHb3eYICy0dOVDLBhAL-jp5zbuI,7
-genesis_flow-1.0.7.dist-info/RECORD,,
+genesis_flow-1.0.9.dist-info/METADATA,sha256=yiOvGLekYICCUhdHRvUEjtFrmOoFYZ2xNn2wzXkSS2w,33229
+genesis_flow-1.0.9.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+genesis_flow-1.0.9.dist-info/entry_points.txt,sha256=YZZiTHSYQpv8vou6gdqWI17piK9Pm0P3BmZ-xepUtnw,449
+genesis_flow-1.0.9.dist-info/top_level.txt,sha256=wm8UqYyUHI21EvrTDHb3eYICy0dOVDLBhAL-jp5zbuI,7
+genesis_flow-1.0.9.dist-info/RECORD,,

mlflow/pyfunc/model.py CHANGED Viewed

@@ -818,28 +818,10 @@ def _maybe_compress_cloudpickle_dump(python_model, path, compression):
 def _maybe_decompress_cloudpickle_load(path, compression):
-    """
-    Genesis-Flow: Secure model loading with safety checks.
-    """
-    from mlflow.utils.secure_loading import SecureModelLoader, SecurityError
     _check_compression_supported(compression)
-    # For compressed files, we need to decompress first then load securely
-    if compression and compression != "none":
-        import tempfile
-        file_open = _COMPRESSION_INFO.get(compression, {}).get("open", open)
-        with file_open(path, "rb") as compressed_f:
-            with tempfile.NamedTemporaryFile(delete=False) as temp_f:
-                temp_f.write(compressed_f.read())
-                temp_path = temp_f.name
-        try:
-            return SecureModelLoader.safe_cloudpickle_load(temp_path)
-        finally:
-            os.unlink(temp_path)
-    else:
-        # Direct secure loading for uncompressed files
-        return SecureModelLoader.safe_cloudpickle_load(path)
+    file_open = _COMPRESSION_INFO.get(compression, {}).get("open", open)
+    with file_open(path, "rb") as f:
+        return cloudpickle.load(f)
 if IS_PYDANTIC_V2_OR_NEWER:

mlflow/sklearn/__init__.py CHANGED Viewed

@@ -465,13 +465,14 @@ def _load_model_from_local_file(path, serialization_format):
             ),
             error_code=INVALID_PARAMETER_VALUE,
         )
-    # Genesis-Flow: Use secure model loading to prevent code execution attacks
-    from mlflow.utils.secure_loading import SecureModelLoader
     if serialization_format == SERIALIZATION_FORMAT_PICKLE:
-        return SecureModelLoader.safe_pickle_load(path)
+        import pickle
+        with open(path, "rb") as f:
+            return pickle.load(f)
     elif serialization_format == SERIALIZATION_FORMAT_CLOUDPICKLE:
-        return SecureModelLoader.safe_cloudpickle_load(path)
+        import cloudpickle
+        with open(path, "rb") as f:
+            return cloudpickle.load(f)
 def _load_pyfunc(path):

mlflow/utils/secure_loading.py DELETED Viewed

@@ -1,285 +0,0 @@
-"""
-Genesis-Flow Secure Model Loading
-This module provides secure alternatives to pickle-based model loading,
-addressing security vulnerabilities in model deserialization.
-"""
-import io
-import pickle
-import cloudpickle
-import logging
-import hashlib
-from typing import Any, Set, Optional, Union, Type
-from pathlib import Path
-logger = logging.getLogger(__name__)
-# Allowlist of safe classes that can be unpickled
-SAFE_PICKLE_CLASSES = {
-    # STD types
-    'time.time',
-    # NumPy types
-    'numpy.ndarray',
-    'numpy.dtype',
-    'numpy.int32', 'numpy.int64', 'numpy.float32', 'numpy.float64',
-    'numpy.bool_', 'numpy.str_',
-    # Pandas types
-    'pandas.core.frame.DataFrame',
-    'pandas.core.series.Series',
-    'pandas.core.index.Index',
-    'pandas.core.dtypes.dtypes.CategoricalDtype',
-    # Scikit-learn estimators
-    'sklearn.linear_model._base.LinearRegression',
-    'sklearn.linear_model._logistic.LogisticRegression',
-    'sklearn.ensemble._forest.RandomForestClassifier',
-    'sklearn.ensemble._forest.RandomForestRegressor',
-    'sklearn.tree._classes.DecisionTreeClassifier',
-    'sklearn.tree._classes.DecisionTreeRegressor',
-    'sklearn.svm._classes.SVC',
-    'sklearn.svm._classes.SVR',
-    # Built-in types
-    'builtins.dict', 'builtins.list', 'builtins.tuple', 'builtins.set',
-    'builtins.str', 'builtins.int', 'builtins.float', 'builtins.bool',
-    'builtins.type',
-    # Collections
-    'collections.OrderedDict',
-    'collections.defaultdict',
-    # MLflow types
-    'mlflow.models.signature.ModelSignature',
-    'mlflow.models.signature._TypeHints',
-    'mlflow.types.schema.Schema',
-    'mlflow.pyfunc.model.PythonModel',
-    # Cloudpickle internals
-    'cloudpickle.cloudpickle._make_skeleton_class',
-    'cloudpickle.cloudpickle._class_setstate',
-    'cloudpickle.cloudpickle._make_function',
-    'cloudpickle.cloudpickle._builtin_type',
-    'cloudpickle.cloudpickle._function_setstate',
-    'cloudpickle.cloudpickle._make_empty_cell',
-    'cloudpickle.cloudpickle._make_cell',
-    'cloudpickle.cloudpickle.subimport',
-    # Sentence Transformers
-    'sentence_transformers.SentenceTransformer.SentenceTransformer',
-    'sentence_transformers.model_card.SentenceTransformerModelCardData',
-    'sentence_transformers.models.Transformer.Transformer',
-    'sentence_transformers.models.Pooling.Pooling',
-    'sentence_transformers.models.Normalize.Normalize',
-    # Torch
-    'torch.torch_version.TorchVersion',
-    'torch._utils._rebuild_tensor_v2',
-    'torch.storage._load_from_bytes',
-    'torch.nn.modules.sparse.Embedding',
-    'torch._utils._rebuild_parameter',
-    'torch.nn.modules.normalization.LayerNorm',
-    'torch.nn.modules.dropout.Dropout',
-    'torch.nn.modules.container.ModuleList',
-    'torch.nn.modules.linear.Linear',
-    'torch.nn.modules.activation.Tanh',
-    'torch.float32',
-    'torch._C._nn.gelu',
-    # Transformers
-    'transformers.models.bert.modeling_bert.BertModel',
-    'transformers.models.bert.modeling_bert.BertEmbeddings',
-    'transformers.models.bert.modeling_bert.BertEncoder',
-    'transformers.models.bert.modeling_bert.BertLayer',
-    'transformers.models.bert.modeling_bert.BertAttention',
-    'transformers.models.bert.modeling_bert.BertSdpaSelfAttention',
-    'transformers.models.bert.modeling_bert.BertSelfOutput',
-    'transformers.models.bert.modeling_bert.BertIntermediate',
-    'transformers.models.bert.modeling_bert.BertOutput',
-    'transformers.models.bert.modeling_bert.BertPooler',
-    'transformers.models.bert.configuration_bert.BertConfig',
-    'transformers.models.bert.tokenization_bert_fast.BertTokenizerFast',
-    'transformers.activations.GELUActivation',
-    # Tokenizers
-    'tokenizers.Tokenizer',
-    'tokenizers.models.Model',
-    'tokenizers.AddedToken',
-    # PyTorch
-    'model.load_checkpoint',
-    'torch.device',
-    'model.SepClassifier',
-}
-class RestrictedUnpickler(pickle.Unpickler):
-    """
-    Secure unpickler that only allows safe, whitelisted classes.
-    This prevents arbitrary code execution during model deserialization
-    by restricting which classes can be instantiated.
-    """
-    def __init__(self, file, *, safe_classes: Optional[Set[str]] = None):
-        super().__init__(file)
-        self.safe_classes = safe_classes or SAFE_PICKLE_CLASSES
-    def find_class(self, module: str, name: str) -> Type:
-        """
-        Override to restrict class loading to safe classes only.
-        Args:
-            module: Module name
-            name: Class name
-        Returns:
-            Class object if safe
-        Raises:
-            SecurityError: If class is not in allowlist
-        """
-        full_name = f"{module}.{name}"
-        # Check if the class is in our safe list
-        if full_name in self.safe_classes:
-            logger.debug(f"Loading safe class: {full_name}")
-            return super().find_class(module, name)
-        # Additional check for known safe modules
-        safe_modules = {
-            'numpy': ['ndarray', 'dtype', 'int32', 'int64', 'float32', 'float64', 'bool_'],
-            'pandas': ['DataFrame', 'Series', 'Index'],
-            'builtins': ['dict', 'list', 'tuple', 'set', 'str', 'int', 'float', 'bool'],
-        }
-        if module in safe_modules and name in safe_modules[module]:
-            logger.debug(f"Loading safe module class: {full_name}")
-            return super().find_class(module, name)
-        # Log and block unsafe class
-        logger.warning(f"Blocked potentially unsafe class: {full_name}")
-        raise pickle.UnpicklingError(
-            f"Security: Class '{full_name}' is not in the allowlist. "
-            f"If this is a legitimate model class, add it to SAFE_PICKLE_CLASSES."
-        )
-class SecureModelLoader:
-    """
-    Secure model loading with multiple safety mechanisms.
-    """
-    @staticmethod
-    def calculate_file_hash(file_path: Union[str, Path]) -> str:
-        """Calculate SHA256 hash of a file for integrity checking."""
-        hasher = hashlib.sha256()
-        with open(file_path, 'rb') as f:
-            for chunk in iter(lambda: f.read(4096), b""):
-                hasher.update(chunk)
-        return hasher.hexdigest()
-    @staticmethod
-    def safe_pickle_load(file_path: Union[str, Path], *, safe_classes: Optional[Set[str]] = None) -> Any:
-        """
-        Safely load a pickle file using restricted unpickler.
-        Args:
-            file_path: Path to pickle file
-            safe_classes: Optional custom set of safe classes
-        Returns:
-            Unpickled object
-        Raises:
-            SecurityError: If file contains unsafe classes
-            FileNotFoundError: If file doesn't exist
-        """
-        file_path = Path(file_path)
-        if not file_path.exists():
-            raise FileNotFoundError(f"Model file not found: {file_path}")
-        # Log file hash for audit trail
-        file_hash = SecureModelLoader.calculate_file_hash(file_path)
-        logger.info(f"Loading model file {file_path.name} (SHA256: {file_hash[:16]}...)")
-        try:
-            with open(file_path, 'rb') as f:
-                unpickler = RestrictedUnpickler(f, safe_classes=safe_classes)
-                model = unpickler.load()
-                logger.info(f"Successfully loaded model of type: {type(model).__name__}")
-                return model
-        except pickle.UnpicklingError as e:
-            logger.error(f"Security: Unsafe model file rejected: {e}")
-            raise SecurityError(f"Model file contains unsafe content: {e}") from e
-        except Exception as e:
-            logger.error(f"Error loading model: {e}")
-            raise
-    @staticmethod
-    def safe_cloudpickle_load(file_path: Union[str, Path], *, safe_classes: Optional[Set[str]] = None) -> Any:
-        """
-        Safely load a cloudpickle file using restricted unpickler.
-        Args:
-            file_path: Path to cloudpickle file
-            safe_classes: Optional custom set of safe classes
-        Returns:
-            Unpickled object
-        """
-        file_path = Path(file_path)
-        if not file_path.exists():
-            raise FileNotFoundError(f"Model file not found: {file_path}")
-        # Calculate file hash for audit trail
-        file_hash = SecureModelLoader.calculate_file_hash(file_path)
-        logger.info(f"Loading cloudpickle file {file_path.name} (SHA256: {file_hash[:16]}...)")
-        try:
-            with open(file_path, 'rb') as f:
-                # Use cloudpickle's load with our custom unpickler
-                # Note: This is a simplified approach - in practice, cloudpickle's
-                # load function would need to be modified to accept a custom unpickler
-                unpickler = RestrictedUnpickler(f, safe_classes=safe_classes)
-                model = unpickler.load()
-                logger.info(f"Successfully loaded cloudpickle model of type: {type(model).__name__}")
-                return model
-        except pickle.UnpicklingError as e:
-            logger.error(f"Security: Unsafe cloudpickle file rejected: {e}")
-            raise SecurityError(f"CloudPickle file contains unsafe content: {e}") from e
-        except Exception as e:
-            logger.error(f"Error loading cloudpickle model: {e}")
-            raise
-class SecurityError(Exception):
-    """Exception raised for security-related model loading issues."""
-    pass
-def add_safe_class(class_name: str) -> None:
-    """
-    Add a class to the safe loading allowlist.
-    Args:
-        class_name: Full class name (e.g., 'mymodule.MyClass')
-    """
-    SAFE_PICKLE_CLASSES.add(class_name)
-    logger.info(f"Added {class_name} to safe loading allowlist")
-def remove_safe_class(class_name: str) -> None:
-    """
-    Remove a class from the safe loading allowlist.
-    Args:
-        class_name: Full class name to remove
-    """
-    SAFE_PICKLE_CLASSES.discard(class_name)
-    logger.info(f"Removed {class_name} from safe loading allowlist")
-def get_safe_classes() -> Set[str]:
-    """Return a copy of the current safe classes set."""
-    return SAFE_PICKLE_CLASSES.copy()

{genesis_flow-1.0.7.dist-info → genesis_flow-1.0.9.dist-info}/WHEEL RENAMED Viewed

File without changes

{genesis_flow-1.0.7.dist-info → genesis_flow-1.0.9.dist-info}/entry_points.txt RENAMED Viewed

File without changes

{genesis_flow-1.0.7.dist-info → genesis_flow-1.0.9.dist-info}/licenses/LICENSE.txt RENAMED Viewed

File without changes

{genesis_flow-1.0.7.dist-info → genesis_flow-1.0.9.dist-info}/top_level.txt RENAMED Viewed

File without changes

genesis-flow 1.0.7__py3-none-any.whl → 1.0.9__py3-none-any.whl

genesis-flow 1.0.7py3-none-any.whl → 1.0.9py3-none-any.whl