modelaudit 0.2.35__tar.gz → 0.2.36__tar.gz

modelaudit-0.2.36/.release-please-manifest.json

@@ -0,0 +1,3 @@
+{
+  ".": "0.2.36"
+}

{modelaudit-0.2.35 → modelaudit-0.2.36}/AGENTS.md

@@ -28,7 +28,7 @@ uv sync --extra all-ci
 uv run ruff format modelaudit/ packages/modelaudit-picklescan/src packages/modelaudit-picklescan/tests tests/
 uv run ruff check --fix modelaudit/ packages/modelaudit-picklescan/src packages/modelaudit-picklescan/tests tests/
 uv run mypy modelaudit/ packages/modelaudit-picklescan/src packages/modelaudit-picklescan/tests tests/
-uv run pytest -n auto -m "not slow and not integration" --maxfail=1
+PROMPTFOO_DISABLE_TELEMETRY=1 uv run pytest -n auto -m "not slow and not integration" --maxfail=1
 ```
 
 ## Standard Workflow
@@ -74,7 +74,7 @@ gh pr create --title "feat: descriptive title" --body "Brief description"
 uv run ruff check modelaudit/ packages/modelaudit-picklescan/src packages/modelaudit-picklescan/tests tests/          # Lint (no errors)
 uv run ruff format --check modelaudit/ packages/modelaudit-picklescan/src packages/modelaudit-picklescan/tests tests/ # Format (no changes)
 uv run mypy modelaudit/ packages/modelaudit-picklescan/src packages/modelaudit-picklescan/tests tests/                # Types (no errors)
-uv run pytest -n auto -m "not slow and not integration" --maxfail=1
+PROMPTFOO_DISABLE_TELEMETRY=1 uv run pytest -n auto -m "not slow and not integration" --maxfail=1
 ```
 
 | Issue               | Fix                                                                                                                             |
@@ -111,6 +111,7 @@ uv run pytest -n auto -m "not slow and not integration" --maxfail=1
 - Keep fixtures deterministic and self-contained under `tmp_path`; never rely on host paths or global temp filenames.
 - If a new regression test must run on reduced CI lanes, add the file to `allowed_test_files` in `tests/conftest.py`.
 - Match local validation to the CI lane that will exercise the change when possible; if optional dependencies or Python-version gates prevent that, call it out explicitly in the PR.
+- Disable telemetry for local validation unless the task explicitly tests telemetry behavior: prefix pytest runs with `PROMPTFOO_DISABLE_TELEMETRY=1` (or `NO_ANALYTICS=1`). Do not request approval to contact `a.promptfoo.app` for normal unit, scanner, or integration-excluded test runs; telemetry tests must mock the transport or make network intent explicit before running.
 - For file routing, prefiltering, or archive-triage changes, add at least one malicious positive regression and one benign near-match negative regression.
 - Reuse shared fixture helpers for container formats. For PyTorch ZIP tests, prefer
   `tests.helpers.create_mock_pytorch_zip`; if you hand-roll a ZIP-backed `.pt`/`.pkl`,

{modelaudit-0.2.35 → modelaudit-0.2.36}/CHANGELOG.md

@@ -5,6 +5,12 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [0.2.36](https://github.com/promptfoo/modelaudit/compare/v0.2.35...v0.2.36) (2026-04-11)
+
+### Documentation
+
+- disable telemetry during agent validation ([#928](https://github.com/promptfoo/modelaudit/issues/928)) ([69a1986](https://github.com/promptfoo/modelaudit/commit/69a1986aa2a63ab07e63871507e96bf857c1c882))
+
 ## [0.2.35](https://github.com/promptfoo/modelaudit/compare/v0.2.34...v0.2.35) (2026-04-11)
 
 ### Bug Fixes

{modelaudit-0.2.35 → modelaudit-0.2.36}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: modelaudit
-Version: 0.2.35
+Version: 0.2.36
 Summary: Static scanning library for detecting malicious code, backdoors, and other security risks in ML model files
 Project-URL: Repository, https://github.com/promptfoo/modelaudit
 Project-URL: Homepage, https://github.com/promptfoo/modelaudit

{modelaudit-0.2.35 → modelaudit-0.2.36}/docs/agents/architecture.md

@@ -3,7 +3,8 @@
 ## Core Components
 
 - `cli.py`: Click-based CLI interface
-- `core.py`: Main scanning logic and file traversal
+- `core.py`: Main scanning logic, file traversal, routing, and scanner invocation
+- `core_results.py`: Aggregate result helpers, exit-code semantics, check consolidation, and asset/metadata attachment
 - `metadata_extractor.py`: Metadata extraction command backend (`modelaudit metadata`)
 - `scanner_results.py`: Leaf result/check/issue contracts re-exported by `scanners/base.py`
 - `scanner_registry_metadata.py`: Static scanner metadata consumed by registry loading and extension utilities
@@ -15,7 +16,8 @@
 ## Routing & Coverage Invariants
 
 - Prefer trusted file structure and bounded content sniffing over extension-only routing, especially for ZIP-like containers and nested archives.
-- Keep scanner routing metadata descriptor-owned in `ScannerRegistry`; header-format aliases, content-routed extensions, and lazy class exports should come from one descriptor entry, with `can_handle()` as the final content gate.
+- Keep scanner routing metadata descriptor-owned in `scanner_registry_metadata.py`; header-format aliases, content-routed extensions, extension-only format policy, and lazy class exports should come from that descriptor module, with `can_handle()` as the final content gate.
+- Source discovery filters should consume the registry-backed scannable extension set instead of carrying local allowlists.
 - For routing, prefiltering, or archive-recursion changes, add one malicious positive regression and one benign near-match negative regression.
 - If a scanner aborts to avoid partial coverage, make the result operationally explicit (`success=False` with a clear error message) and preserve consistent exit-code and cache behavior.
 
@@ -103,6 +105,7 @@ result.add_check(
 - `modelaudit/scanners/base.py`: Scanner interface and base classes
 - `modelaudit/scanners/<scanner>_support/`: Extracted helper modules for large scanners while preserving public `<scanner>_scanner.py` entrypoints
 - `modelaudit/core.py`: Main scanning orchestration logic
+- `modelaudit/core_results.py`: Shared result aggregation/finalization logic used by core scan flows
 - `modelaudit/cli.py`: Command-line interface
 - `pyproject.toml`: Dependencies and project configuration
 - `tests/conftest.py`: Test configuration and fixtures

{modelaudit-0.2.35 → modelaudit-0.2.36}/docs/agents/new-scanner-quickstart.md

@@ -55,12 +55,13 @@ class ExampleScanner(BaseScanner):
 
 ## 3. Register the scanner
 
-Update `modelaudit/scanners/__init__.py` in `ScannerRegistry._init_registry`:
+Update `modelaudit/scanner_registry_metadata.py`:
 
 - Add one scanner descriptor entry with module/class metadata
 - Set priority, direct extensions, and any descriptor-owned `header_formats` / `content_routed_extensions` carefully
 - Declare dependency names for load-time diagnostics
 - Document intentional descriptor/class extension differences with `scanner_only_extensions` instead of leaving silent drift
+- If the extension is authoritative enough for extension-only format validation, add it to the descriptor-owned `EXTENSION_FORMAT_MAP`; leave generic text/config extensions out
 - Do not add a second class map in `__getattr__`; lazy exports are resolved from descriptor metadata
 
 ## 4. Dependency handling rules

{modelaudit-0.2.35 → modelaudit-0.2.36}/docs/maintainers/format-gap-plans/coreml-mlmodel.md

@@ -58,8 +58,8 @@ Out of scope:
 
 1. Routing and registration
 
-- Add scanner entry and class mapping.
-- Add `.mlmodel` mapping to extension detection.
+- Add scanner metadata entry.
+- Add `.mlmodel` mapping to descriptor-owned extension detection.
 - Ensure scanner priority is above generic manifest/text handling.
 
 1. Optional deep-validation path

{modelaudit-0.2.35 → modelaudit-0.2.36}/docs/maintainers/format-gap-plans/mxnet-models.md

@@ -55,8 +55,8 @@ Out of scope:
 1. Routing and integration
 
 - Register scanner with proper priority relative to manifest/text scanners.
-- Add extension mapping entries for selected MXNet artifacts.
-- Ensure lazy loader class mapping is added.
+- Add descriptor-owned extension mapping entries for selected MXNet artifacts.
+- Ensure lazy exports resolve from scanner metadata.
 
 1. Robustness
 

{modelaudit-0.2.35 → modelaudit-0.2.36}/docs/maintainers/format-gap-plans/torchserve-mar.md

@@ -31,8 +31,8 @@ Out of scope:
 ## Deliverables
 
 - `modelaudit/scanners/torchserve_mar_scanner.py`
-- Registry wiring in `modelaudit/scanners/__init__.py`
-- Extension detection updates in `modelaudit/utils/file/detection.py`
+- Registry metadata in `modelaudit/scanner_registry_metadata.py`
+- Descriptor-owned extension detection updates
 - Unit tests under `tests/scanners/test_torchserve_mar_scanner.py`
 - Fixture allowlist update in `tests/conftest.py`
 - User docs and changelog updates
@@ -84,8 +84,8 @@ Out of scope:
 1. Registry and routing
 
 - Add scanner registration entry with priority before generic ZIP scanner.
-- Add class mapping in `__getattr__`.
-- Add extension mapping for `.mar` in `EXTENSION_FORMAT_MAP`.
+- Ensure lazy exports resolve from scanner metadata.
+- Add extension mapping for `.mar` in `modelaudit/scanner_registry_metadata.py` `EXTENSION_FORMAT_MAP`.
 - Ensure fallback behavior keeps `.mar` from being treated as unknown.
 
 1. Performance and resilience

modelaudit-0.2.36/modelaudit/config/constants.py

@@ -0,0 +1,21 @@
+"""Shared constants for ModelAudit."""
+
+from ..scanner_registry_metadata import get_registered_scanner_extensions
+
+# Extensions that ModelAudit can route to a scanner.
+SCANNABLE_MODEL_EXTENSIONS: frozenset[str] = frozenset(get_registered_scanner_extensions())
+
+# Subset of core model extensions used for license checking (lower risk, common formats)
+COMMON_MODEL_EXTENSIONS: frozenset[str] = frozenset(
+    {
+        ".pkl",
+        ".joblib",
+        ".pt",
+        ".pth",
+        ".onnx",
+        ".pb",
+        ".h5",
+        ".keras",
+        ".safetensors",
+    }
+)