modelaudit 0.2.42__tar.gz → 0.2.44__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (648) hide show
  1. {modelaudit-0.2.42 → modelaudit-0.2.44}/.gitattributes +4 -0
  2. modelaudit-0.2.44/.release-please-manifest.json +4 -0
  3. {modelaudit-0.2.42 → modelaudit-0.2.44}/CHANGELOG.md +220 -0
  4. {modelaudit-0.2.42 → modelaudit-0.2.44}/PKG-INFO +3 -3
  5. {modelaudit-0.2.42 → modelaudit-0.2.44}/README.md +1 -1
  6. modelaudit-0.2.44/docs/agents/performance-audit.md +1913 -0
  7. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/security/threat-model.md +1 -1
  8. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/analysis/__init__.py +0 -1
  9. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/analysis/entropy_analyzer.py +4 -0
  10. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/analysis/framework_patterns.py +0 -6
  11. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/analysis/integrated_analyzer.py +2 -3
  12. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/analysis/ml_context_analyzer.py +3 -2
  13. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/analysis/semantic_analyzer.py +48 -10
  14. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/analysis/unified_context.py +3 -4
  15. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/cache/adaptive_cache_keys.py +13 -6
  16. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/cache/scan_results_cache.py +24 -7
  17. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/cli.py +12 -4
  18. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/core.py +333 -132
  19. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/detectors/cve_patterns.py +39 -29
  20. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/detectors/jit_script.py +133 -28
  21. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/detectors/network_comm.py +97 -56
  22. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/detectors/secrets.py +115 -104
  23. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/detectors/suspicious_symbols.py +1 -54
  24. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/integrations/license_checker.py +59 -18
  25. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/integrations/sarif_formatter.py +22 -14
  26. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/metadata_extractor.py +2 -1
  27. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanner_results.py +8 -1
  28. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanner_selection.py +76 -6
  29. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/__init__.py +2 -0
  30. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/archive_dispatch.py +58 -1
  31. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/archive_member_security.py +118 -9
  32. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/base.py +12 -0
  33. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/catboost_scanner.py +15 -3
  34. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/cntk_scanner.py +4 -1
  35. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/compressed_scanner.py +180 -27
  36. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/coreml_scanner.py +7 -1
  37. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/flax_msgpack_scanner.py +52 -30
  38. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/gguf_scanner.py +21 -0
  39. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/jax_checkpoint_scanner.py +41 -25
  40. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/jinja2_template_scanner.py +139 -73
  41. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/joblib_scanner.py +2 -0
  42. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/keras_utils.py +8 -2
  43. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/keras_zip_scanner.py +20 -16
  44. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/lightgbm_scanner.py +6 -1
  45. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/llamafile_scanner.py +100 -9
  46. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/manifest_scanner.py +90 -15
  47. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/metadata_scanner.py +8 -2
  48. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/nemo_scanner.py +72 -31
  49. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/onnx_scanner.py +102 -47
  50. modelaudit-0.2.44/modelaudit/scanners/paddle_scanner.py +255 -0
  51. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/pickle_scanner.py +84 -5
  52. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/pmml_scanner.py +4 -3
  53. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/pytorch_zip_scanner.py +328 -5
  54. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/r_serialized_scanner.py +5 -1
  55. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/rknn_scanner.py +5 -1
  56. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/skops_scanner.py +79 -79
  57. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/tf_metagraph_scanner.py +9 -3
  58. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/tf_savedmodel_scanner.py +183 -29
  59. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/torch7_scanner.py +18 -4
  60. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/torchserve_mar_scanner.py +52 -5
  61. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/xgboost_scanner.py +274 -36
  62. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/file/detection.py +145 -21
  63. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/file/filtering.py +11 -22
  64. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/file/streaming.py +21 -13
  65. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/CHANGELOG.md +65 -0
  66. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/Cargo.lock +1 -1
  67. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/Cargo.toml +1 -1
  68. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/README.md +1 -1
  69. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/pyproject.toml +1 -1
  70. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/nested.rs +23 -0
  71. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/policy.rs +22 -0
  72. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/post_budget.rs +9 -1
  73. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/pybridge.rs +1 -0
  74. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/stack.rs +7 -5
  75. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/state.rs +938 -79
  76. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/src/modelaudit_picklescan/api.py +230 -37
  77. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/src/modelaudit_picklescan/call_graph.py +313 -88
  78. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_api.py +405 -5
  79. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_call_graph_import_statements.py +1883 -82
  80. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/uv.lock +1 -1
  81. {modelaudit-0.2.42 → modelaudit-0.2.44}/pyproject.toml +2 -2
  82. modelaudit-0.2.44/tests/analysis/test_analysis_modules.py +316 -0
  83. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/analysis/test_entropy_analyzer.py +38 -0
  84. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/analysis/test_framework_patterns.py +16 -3
  85. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/analysis/test_ml_context_analyzer.py +17 -0
  86. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/analysis/test_unified_context.py +23 -0
  87. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/cache/test_cache_correctness.py +26 -1
  88. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/conftest.py +6 -0
  89. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/detectors/test_cve_detection.py +33 -0
  90. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/detectors/test_jit_script_detector.py +95 -0
  91. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/detectors/test_network_comm_detector.py +110 -0
  92. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/detectors/test_secrets_detector.py +40 -0
  93. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/helpers/file_creators.py +18 -9
  94. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/integrations/test_license_checker.py +176 -39
  95. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/integrations/test_license_integration.py +24 -3
  96. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/integrations/test_sarif_formatter.py +76 -18
  97. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_catboost_scanner.py +17 -0
  98. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_cntk_scanner.py +18 -1
  99. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_compressed_scanner.py +180 -1
  100. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_coreml_scanner.py +4 -2
  101. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_flax_msgpack_scanner.py +73 -2
  102. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_gguf_scanner.py +101 -1
  103. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_jax_checkpoint_scanner.py +118 -0
  104. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_jinja2_template_scanner.py +86 -0
  105. modelaudit-0.2.44/tests/scanners/test_keras_utils.py +23 -0
  106. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_keras_zip_scanner.py +138 -183
  107. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_lightgbm_scanner.py +12 -1
  108. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_llamafile_scanner.py +138 -1
  109. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_manifest_scanner.py +143 -1
  110. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_metadata_scanner.py +54 -16
  111. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_mxnet_scanner.py +24 -0
  112. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_nemo_scanner.py +68 -5
  113. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_onnx_scanner.py +123 -0
  114. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_openvino_scanner.py +27 -0
  115. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_paddle_scanner.py +97 -0
  116. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_pickle_scanner.py +227 -5
  117. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_pmml_scanner.py +51 -0
  118. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_pytorch_zip_scanner.py +366 -6
  119. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_r_serialized_scanner.py +12 -1
  120. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_rknn_scanner.py +12 -1
  121. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_scanner_registry.py +50 -0
  122. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_skops_content_analysis.py +50 -35
  123. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_skops_scanner.py +184 -32
  124. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_tar_scanner.py +40 -0
  125. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_tf_metagraph_scanner.py +18 -0
  126. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_tf_savedmodel_scanner.py +147 -1
  127. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_torch7_scanner.py +85 -1
  128. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_torchserve_mar_scanner.py +79 -0
  129. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_xgboost_scanner.py +346 -10
  130. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_zip_scanner.py +237 -0
  131. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_basic.py +3 -2
  132. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_cli.py +22 -1
  133. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_core.py +531 -2
  134. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_core_asset_extraction.py +41 -22
  135. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_directory_file_filtering.py +210 -1
  136. modelaudit-0.2.44/tests/test_docker_workflow.py +71 -0
  137. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_exit_codes.py +24 -0
  138. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_metadata_extractor.py +14 -0
  139. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_models.py +12 -0
  140. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_regular_scan_hash.py +26 -0
  141. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_release_workflow.py +99 -0
  142. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_scanner_selection.py +81 -0
  143. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_streaming_scan.py +6 -3
  144. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/file/test_file_filter.py +92 -3
  145. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/file/test_filetype.py +43 -18
  146. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/file/test_streaming_analysis.py +33 -8
  147. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/file/test_streaming_preview.py +16 -0
  148. {modelaudit-0.2.42 → modelaudit-0.2.44}/uv.lock +2 -2
  149. modelaudit-0.2.42/.release-please-manifest.json +0 -4
  150. modelaudit-0.2.42/modelaudit/analysis/enhanced_pattern_detector.py +0 -411
  151. modelaudit-0.2.42/modelaudit/scanners/paddle_scanner.py +0 -141
  152. modelaudit-0.2.42/tests/analysis/test_analysis_modules.py +0 -111
  153. modelaudit-0.2.42/tests/analysis/test_enhanced_pattern_detector.py +0 -327
  154. {modelaudit-0.2.42 → modelaudit-0.2.44}/.dockerignore +0 -0
  155. {modelaudit-0.2.42 → modelaudit-0.2.44}/.editorconfig +0 -0
  156. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/CODEOWNERS +0 -0
  157. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/ISSUE_TEMPLATE/bug_report.yml +0 -0
  158. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/ISSUE_TEMPLATE/feature_request.yml +0 -0
  159. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/PULL_REQUEST_TEMPLATE.md +0 -0
  160. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/markdown-link-check-config.json +0 -0
  161. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/workflows/README.md +0 -0
  162. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/workflows/codeql.yml +0 -0
  163. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/workflows/docker-image-test.yml +0 -0
  164. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/workflows/docker-publish.yml +0 -0
  165. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/workflows/docs-check.yml +0 -0
  166. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/workflows/nightly.yml +0 -0
  167. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/workflows/perf.yml +0 -0
  168. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/workflows/release-please.yml +0 -0
  169. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/workflows/test.yml +0 -0
  170. {modelaudit-0.2.42 → modelaudit-0.2.44}/.github/workflows/validate-pr-title.yml +0 -0
  171. {modelaudit-0.2.42 → modelaudit-0.2.44}/.gitignore +0 -0
  172. {modelaudit-0.2.42 → modelaudit-0.2.44}/.mailmap +0 -0
  173. {modelaudit-0.2.42 → modelaudit-0.2.44}/.modelaudit.toml.example +0 -0
  174. {modelaudit-0.2.42 → modelaudit-0.2.44}/.prettierignore +0 -0
  175. {modelaudit-0.2.42 → modelaudit-0.2.44}/AGENTS.md +0 -0
  176. {modelaudit-0.2.42 → modelaudit-0.2.44}/CLAUDE.md +0 -0
  177. {modelaudit-0.2.42 → modelaudit-0.2.44}/CODE_OF_CONDUCT.md +0 -0
  178. {modelaudit-0.2.42 → modelaudit-0.2.44}/CONTRIBUTING.md +0 -0
  179. {modelaudit-0.2.42 → modelaudit-0.2.44}/Dockerfile +0 -0
  180. {modelaudit-0.2.42 → modelaudit-0.2.44}/Dockerfile.full +0 -0
  181. {modelaudit-0.2.42 → modelaudit-0.2.44}/Dockerfile.tensorflow +0 -0
  182. {modelaudit-0.2.42 → modelaudit-0.2.44}/LICENSE +0 -0
  183. {modelaudit-0.2.42 → modelaudit-0.2.44}/MAINTAINERS.md +0 -0
  184. {modelaudit-0.2.42 → modelaudit-0.2.44}/MANIFEST.in +0 -0
  185. {modelaudit-0.2.42 → modelaudit-0.2.44}/RULES.md +0 -0
  186. {modelaudit-0.2.42 → modelaudit-0.2.44}/SECURITY.md +0 -0
  187. {modelaudit-0.2.42 → modelaudit-0.2.44}/SUPPORT.md +0 -0
  188. {modelaudit-0.2.42 → modelaudit-0.2.44}/THIRD_PARTY_NOTICES.md +0 -0
  189. {modelaudit-0.2.42 → modelaudit-0.2.44}/codecov.yml +0 -0
  190. {modelaudit-0.2.42 → modelaudit-0.2.44}/docker-compose.yml +0 -0
  191. {modelaudit-0.2.42 → modelaudit-0.2.44}/docker-entrypoint.sh +0 -0
  192. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/agents/architecture.md +0 -0
  193. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/agents/dependencies.md +0 -0
  194. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/agents/new-scanner-quickstart.md +0 -0
  195. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/agents/picklescan-package-split.md +0 -0
  196. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/agents/release-process.md +0 -0
  197. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/maintainers/cve-process.md +0 -0
  198. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/maintainers/dependency-policy.md +0 -0
  199. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/maintainers/scanner-cve-coverage.md +0 -0
  200. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/maintainers/triage-playbook.md +0 -0
  201. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/user/compatibility-matrix.md +0 -0
  202. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/user/metadata-extraction.md +0 -0
  203. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/user/offline-air-gapped.md +0 -0
  204. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/user/scanner-selection.md +0 -0
  205. {modelaudit-0.2.42 → modelaudit-0.2.44}/docs/user/security-model.md +0 -0
  206. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/__init__.py +0 -0
  207. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/__main__.py +0 -0
  208. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/analysis/anomaly_detector.py +0 -0
  209. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/analysis/opcode_sequence_analyzer.py +0 -0
  210. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/auth/__init__.py +0 -0
  211. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/auth/client.py +0 -0
  212. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/auth/config.py +0 -0
  213. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/cache/__init__.py +0 -0
  214. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/cache/batch_operations.py +0 -0
  215. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/cache/cache_manager.py +0 -0
  216. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/cache/cache_policy.py +0 -0
  217. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/cache/optimized_config.py +0 -0
  218. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/cache/trusted_config_store.py +0 -0
  219. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/config/__init__.py +0 -0
  220. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/config/constants.py +0 -0
  221. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/config/data/spdx_licenses.json +0 -0
  222. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/config/explanations.py +0 -0
  223. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/config/generated_keras_layers.py +0 -0
  224. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/config/local_config.py +0 -0
  225. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/config/name_blacklist.py +0 -0
  226. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/config/rule_config.py +0 -0
  227. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/core_results.py +0 -0
  228. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/detectors/__init__.py +0 -0
  229. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/integrations/__init__.py +0 -0
  230. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/integrations/jfrog.py +0 -0
  231. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/integrations/mlflow.py +0 -0
  232. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/integrations/sbom_generator.py +0 -0
  233. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/models.py +0 -0
  234. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/progress/__init__.py +0 -0
  235. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/progress/base.py +0 -0
  236. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/progress/console.py +0 -0
  237. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/progress/file.py +0 -0
  238. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/progress/hooks.py +0 -0
  239. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/progress/multi_phase.py +0 -0
  240. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/LICENSE +0 -0
  241. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/NOTICE +0 -0
  242. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/__init__.py +0 -0
  243. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/py.typed +0 -0
  244. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/__init__.py +0 -0
  245. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/__init__.py +0 -0
  246. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/__init__.py +0 -0
  247. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/allocation_description_pb2.py +0 -0
  248. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/api_def_pb2.py +0 -0
  249. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/attr_value_pb2.py +0 -0
  250. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/cost_graph_pb2.py +0 -0
  251. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/cpp_shape_inference_pb2.py +0 -0
  252. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/dataset_metadata_pb2.py +0 -0
  253. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/dataset_options_pb2.py +0 -0
  254. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/dataset_pb2.py +0 -0
  255. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/device_attributes_pb2.py +0 -0
  256. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/full_type_pb2.py +0 -0
  257. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/function_pb2.py +0 -0
  258. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/graph_debug_info_pb2.py +0 -0
  259. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/graph_pb2.py +0 -0
  260. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/graph_transfer_info_pb2.py +0 -0
  261. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/kernel_def_pb2.py +0 -0
  262. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/log_memory_pb2.py +0 -0
  263. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/model_pb2.py +0 -0
  264. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/node_def_pb2.py +0 -0
  265. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/op_def_pb2.py +0 -0
  266. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/optimized_function_graph_pb2.py +0 -0
  267. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/reader_base_pb2.py +0 -0
  268. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/resource_handle_pb2.py +0 -0
  269. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/step_stats_pb2.py +0 -0
  270. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/tensor_description_pb2.py +0 -0
  271. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/tensor_pb2.py +0 -0
  272. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/tensor_shape_pb2.py +0 -0
  273. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/tensor_slice_pb2.py +0 -0
  274. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/types_pb2.py +0 -0
  275. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/variable_pb2.py +0 -0
  276. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/framework/versions_pb2.py +0 -0
  277. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/__init__.py +0 -0
  278. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/cluster_pb2.py +0 -0
  279. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/composite_tensor_variant_pb2.py +0 -0
  280. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/control_flow_pb2.py +0 -0
  281. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/core_platform_payloads_pb2.py +0 -0
  282. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/critical_section_pb2.py +0 -0
  283. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/data_service_pb2.py +0 -0
  284. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/debug_event_pb2.py +0 -0
  285. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/debug_pb2.py +0 -0
  286. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/device_filters_pb2.py +0 -0
  287. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/device_properties_pb2.py +0 -0
  288. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/fingerprint_pb2.py +0 -0
  289. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/meta_graph_pb2.py +0 -0
  290. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/named_tensor_pb2.py +0 -0
  291. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/remote_tensor_handle_pb2.py +0 -0
  292. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/rewriter_config_pb2.py +0 -0
  293. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/saved_model_pb2.py +0 -0
  294. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/saved_object_graph_pb2.py +0 -0
  295. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/saver_pb2.py +0 -0
  296. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/service_config_pb2.py +0 -0
  297. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/snapshot_pb2.py +0 -0
  298. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/struct_pb2.py +0 -0
  299. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/tensor_bundle_pb2.py +0 -0
  300. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/trackable_object_graph_pb2.py +0 -0
  301. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/transport_options_pb2.py +0 -0
  302. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/protos/tensorflow/core/protobuf/verifier_config_pb2.py +0 -0
  303. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/py.typed +0 -0
  304. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/rule_catalog.py +0 -0
  305. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/rules.py +0 -0
  306. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanner_registry_metadata.py +0 -0
  307. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/_archive_config.py +0 -0
  308. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/_archive_locations.py +0 -0
  309. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/_archive_outcomes.py +0 -0
  310. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/_evidence_redaction.py +0 -0
  311. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/_string_extraction.py +0 -0
  312. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/executorch_scanner.py +0 -0
  313. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/keras_h5_scanner.py +0 -0
  314. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/mxnet_scanner.py +0 -0
  315. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/numpy_scanner.py +0 -0
  316. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/oci_layer_scanner.py +0 -0
  317. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/openvino_scanner.py +0 -0
  318. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/picklescan_adapter.py +0 -0
  319. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/pytorch_binary_scanner.py +0 -0
  320. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/pytorch_zip_support/__init__.py +0 -0
  321. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/pytorch_zip_support/archive_members.py +0 -0
  322. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/rar_scanner.py +0 -0
  323. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/rule_mapper.py +0 -0
  324. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/safetensors_scanner.py +0 -0
  325. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/sevenzip_scanner.py +0 -0
  326. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/tar_scanner.py +0 -0
  327. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/tensorrt_scanner.py +0 -0
  328. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/text_scanner.py +0 -0
  329. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/tflite_scanner.py +0 -0
  330. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/weight_distribution_scanner.py +0 -0
  331. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/scanners/zip_scanner.py +0 -0
  332. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/telemetry.py +0 -0
  333. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/__init__.py +0 -0
  334. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/_path_hardening.py +0 -0
  335. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/auto_defaults.py +0 -0
  336. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/file/__init__.py +0 -0
  337. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/file/_compression.py +0 -0
  338. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/file/handlers.py +0 -0
  339. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/file/large_file_handler.py +0 -0
  340. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/__init__.py +0 -0
  341. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/assets.py +0 -0
  342. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/auto_defaults.py +0 -0
  343. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/cache_decorator.py +0 -0
  344. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/code_validation.py +0 -0
  345. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/disk_space.py +0 -0
  346. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/file_hash.py +0 -0
  347. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/file_iterator.py +0 -0
  348. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/interrupt_handler.py +0 -0
  349. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/ml_context.py +0 -0
  350. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/result_conversion.py +0 -0
  351. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/retry.py +0 -0
  352. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/secure_hasher.py +0 -0
  353. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/helpers/types.py +0 -0
  354. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/lfs.py +0 -0
  355. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/model_extensions.py +0 -0
  356. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/sources/__init__.py +0 -0
  357. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/sources/_huggingface_cache.py +0 -0
  358. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/sources/cloud_storage.py +0 -0
  359. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/sources/dvc.py +0 -0
  360. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/sources/huggingface.py +0 -0
  361. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/sources/huggingface_paths.py +0 -0
  362. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/sources/jfrog.py +0 -0
  363. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/sources/pytorch_hub.py +0 -0
  364. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/utils/tensorflow_compat.py +0 -0
  365. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/version.py +0 -0
  366. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/whitelists/__init__.py +0 -0
  367. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/whitelists/huggingface_organizations.py +0 -0
  368. {modelaudit-0.2.42 → modelaudit-0.2.44}/modelaudit/whitelists/huggingface_popular.py +0 -0
  369. {modelaudit-0.2.42 → modelaudit-0.2.44}/package-lock.json +0 -0
  370. {modelaudit-0.2.42 → modelaudit-0.2.44}/package.json +0 -0
  371. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/AGENTS.md +0 -0
  372. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/README.md +0 -0
  373. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/expansion.rs +0 -0
  374. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/lib.rs +0 -0
  375. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/nested_surface.rs +0 -0
  376. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/opcode.rs +0 -0
  377. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/options.rs +0 -0
  378. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/report.rs +0 -0
  379. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/strings.rs +0 -0
  380. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/rust/src/strings_policy.rs +0 -0
  381. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/src/modelaudit_picklescan/__init__.py +0 -0
  382. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/src/modelaudit_picklescan/options.py +0 -0
  383. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/src/modelaudit_picklescan/py.typed +0 -0
  384. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/src/modelaudit_picklescan/report.py +0 -0
  385. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/conftest.py +0 -0
  386. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/parity_corpus.py +0 -0
  387. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_adversarial_pickle_oracle.py +0 -0
  388. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_call_graph_click.py +0 -0
  389. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_call_graph_execnet.py +0 -0
  390. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_call_graph_instance_defaults.py +0 -0
  391. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_call_graph_local_imports.py +0 -0
  392. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_call_graph_six.py +0 -0
  393. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_call_graph_tkinter.py +0 -0
  394. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_import_boundary.py +0 -0
  395. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_native_interface.py +0 -0
  396. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_options.py +0 -0
  397. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_report.py +0 -0
  398. {modelaudit-0.2.42 → modelaudit-0.2.44}/packages/modelaudit-picklescan/tests/test_rust_engine.py +0 -0
  399. {modelaudit-0.2.42 → modelaudit-0.2.44}/pyproject.toml.example +0 -0
  400. {modelaudit-0.2.42 → modelaudit-0.2.44}/release-please-config.json +0 -0
  401. {modelaudit-0.2.42 → modelaudit-0.2.44}/renovate.json +0 -0
  402. {modelaudit-0.2.42 → modelaudit-0.2.44}/requirements-tensorflow.txt +0 -0
  403. {modelaudit-0.2.42 → modelaudit-0.2.44}/scripts/README.md +0 -0
  404. {modelaudit-0.2.42 → modelaudit-0.2.44}/scripts/benchmark_report.py +0 -0
  405. {modelaudit-0.2.42 → modelaudit-0.2.44}/scripts/check_circular_imports.py +0 -0
  406. {modelaudit-0.2.42 → modelaudit-0.2.44}/scripts/compile_tensorflow_protos.sh +0 -0
  407. {modelaudit-0.2.42 → modelaudit-0.2.44}/scripts/fetch_hf_org_models.py +0 -0
  408. {modelaudit-0.2.42 → modelaudit-0.2.44}/scripts/fetch_hf_top_models.py +0 -0
  409. {modelaudit-0.2.42 → modelaudit-0.2.44}/scripts/generate_keras_layer_inventory.py +0 -0
  410. {modelaudit-0.2.42 → modelaudit-0.2.44}/scripts/jax_flax_scanning_demo.py +0 -0
  411. {modelaudit-0.2.42 → modelaudit-0.2.44}/scripts/large_pickle_corpus_qa.py +0 -0
  412. {modelaudit-0.2.42 → modelaudit-0.2.44}/scripts/minimal_circular_check.py +0 -0
  413. {modelaudit-0.2.42 → modelaudit-0.2.44}/scripts/profile_scan.py +0 -0
  414. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/__init__.py +0 -0
  415. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/analysis/test_anomaly_detector.py +0 -0
  416. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/analysis/test_opcode_sequence_analyzer.py +0 -0
  417. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/exploits/exploit1_basic_torch_bypass.pkl +0 -0
  418. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/exploits/exploit2_advanced_torch_bypass.pkl +0 -0
  419. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/exploits/exploit3_sophisticated_hybrid.pkl +0 -0
  420. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/exploits/exploit4_supply_chain_attack.pkl +0 -0
  421. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/exploits/exploit5_ultra_high_confidence.pkl +0 -0
  422. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/exploits/exploit6_ordereddict_bypass.pkl +0 -0
  423. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/exploits/exploit7_nested_collections.pkl +0 -0
  424. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/exploits/exploit9_manual_construction.pkl +0 -0
  425. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/exploits/exploit_ultimate_50pct.pkl +0 -0
  426. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/generators/generate_7z_test_assets.py +0 -0
  427. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/generators/generate_advanced_pickle_tests.py +0 -0
  428. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/generators/generate_evil_pickle.py +0 -0
  429. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/generators/generate_jinja2_test_assets.py +0 -0
  430. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/generators/generate_nested_pickle_assets.py +0 -0
  431. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/generators/generate_os_alias_tests.py +0 -0
  432. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/generators/generate_safe_nested_assets.py +0 -0
  433. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/generators/generate_safetensors_assets.py +0 -0
  434. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/generators/generate_security_assets.py +0 -0
  435. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/pickles/memo_attack.pkl +0 -0
  436. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/pickles/multiple_stream_attack.pkl +0 -0
  437. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/pickles/nt_alias_attack.pkl +0 -0
  438. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/pickles/posix_alias_attack.pkl +0 -0
  439. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/pickles/stack_global_attack.pkl +0 -0
  440. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/archives/path_traversal.zip +0 -0
  441. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/archives/safe_model.zip +0 -0
  442. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/benign/chatml_format.json +0 -0
  443. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/benign/complex_legitimate.json +0 -0
  444. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/benign/conditional_system.json +0 -0
  445. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/benign/huggingface_llama.json +0 -0
  446. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/benign/simple_roles.json +0 -0
  447. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/benign/special_tokens.json +0 -0
  448. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/edge_cases/empty_template.json +0 -0
  449. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/edge_cases/malformed_template.json +0 -0
  450. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/edge_cases/multiple_templates.json +0 -0
  451. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/edge_cases/no_template.json +0 -0
  452. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/edge_cases/oversized_template.json +0 -0
  453. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/malicious/attr_bypass.json +0 -0
  454. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/malicious/combined_attack.json +0 -0
  455. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/malicious/config_exploit.json +0 -0
  456. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/malicious/cve_2024_34359_original.json +0 -0
  457. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/malicious/direct_eval.json +0 -0
  458. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/malicious/env_extraction.json +0 -0
  459. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/malicious/file_access.json +0 -0
  460. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/malicious/hex_bypass.json +0 -0
  461. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/malicious/loop_discovery.json +0 -0
  462. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/malicious/network_exfil.json +0 -0
  463. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/malicious/request_exploit.json +0 -0
  464. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/malicious/subprocess_injection.json +0 -0
  465. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/obfuscated/base64_payload.json +0 -0
  466. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/obfuscated/char_construction.json +0 -0
  467. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/obfuscated/format_bypass.json +0 -0
  468. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/obfuscated/getattr_bypass.json +0 -0
  469. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/standalone/benign_chat.j2 +0 -0
  470. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/standalone/malicious_standalone.jinja +0 -0
  471. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/standalone/malicious_subprocess.template +0 -0
  472. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/standalone/suspicious_benign.template +0 -0
  473. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/yaml/malicious_config.yaml +0 -0
  474. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/jinja2/yaml/model_config.yaml +0 -0
  475. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/keras/custom_layer_attack.h5 +0 -0
  476. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/keras/loss_injection.h5 +0 -0
  477. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/keras/malicious_lambda.h5 +0 -0
  478. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/keras/metric_injection.h5 +0 -0
  479. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/keras/safe_model.h5 +0 -0
  480. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/manifests/safe_config.json +0 -0
  481. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/manifests/suspicious_config.json +0 -0
  482. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/decode_exec_chain.pkl +0 -0
  483. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/dill_func.pkl +0 -0
  484. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/malicious_model_realistic.pkl +0 -0
  485. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/malicious_system_call.pkl +0 -0
  486. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/nested_pickle_base64.pkl +0 -0
  487. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/nested_pickle_hex.pkl +0 -0
  488. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/nested_pickle_multistage.pkl +0 -0
  489. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/nested_pickle_raw.pkl +0 -0
  490. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/safe_data.pkl +0 -0
  491. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/safe_large_model.pkl +0 -0
  492. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/safe_model_with_binary.pkl +0 -0
  493. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/safe_model_with_encoding.pkl +0 -0
  494. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/safe_model_with_tokens.pkl +0 -0
  495. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/safe_nested_structure.pkl +0 -0
  496. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pickles/simple_nested.pkl +0 -0
  497. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pipeline.skops +0 -0
  498. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pytorch/malicious_eval.pt +0 -0
  499. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/pytorch/safe_model.pt +0 -0
  500. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/safetensors/malicious_import.safetensors +0 -0
  501. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/safetensors/safe_model.safetensors +0 -0
  502. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/tensorflow/malicious_pyfunc/saved_model.pb +0 -0
  503. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/samples/tensorflow/safe_savedmodel/saved_model.pb +0 -0
  504. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/license_scenarios/agpl_component/agpl_model.pkl +0 -0
  505. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/license_scenarios/agpl_component/neural_network.py +0 -0
  506. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/license_scenarios/mit_model/config.json +0 -0
  507. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/license_scenarios/mit_model/model.py +0 -0
  508. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/license_scenarios/mit_model/model_weights.pkl +0 -0
  509. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/license_scenarios/mixed_licenses/LICENSE +0 -0
  510. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/license_scenarios/mixed_licenses/apache_component.py +0 -0
  511. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/license_scenarios/mixed_licenses/dataset_cc_nc.json +0 -0
  512. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/license_scenarios/mixed_licenses/gpl_utility.py +0 -0
  513. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/license_scenarios/mixed_licenses/mixed_model.pkl +0 -0
  514. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/license_scenarios/unlicensed_dataset/embeddings.npy +0 -0
  515. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/license_scenarios/unlicensed_dataset/features.csv +0 -0
  516. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/license_scenarios/unlicensed_dataset/training_data.json +0 -0
  517. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/security_scenarios/mixed_malicious_model/config.json +0 -0
  518. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/assets/scenarios/security_scenarios/mixed_malicious_model/model.pkl +0 -0
  519. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/benchmarks/test_picklescan_benchmarks.py +0 -0
  520. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/benchmarks/test_scan_benchmarks.py +0 -0
  521. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/cache/__init__.py +0 -0
  522. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/cache/test_optimized_config.py +0 -0
  523. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/cli_output.py +0 -0
  524. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/config/__init__.py +0 -0
  525. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/config/test_name_blacklist.py +0 -0
  526. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/demo_license_functionality.py +0 -0
  527. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/detectors/test_builtin_detection.py +0 -0
  528. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/detectors/test_compile_eval_variants.py +0 -0
  529. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/detectors/test_runpy_detection.py +0 -0
  530. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/detectors/test_suspicious_symbols.py +0 -0
  531. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/helpers/__init__.py +0 -0
  532. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/helpers/frameworks.py +0 -0
  533. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/integrations/test_jfrog.py +0 -0
  534. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/integrations/test_jfrog_integration.py +0 -0
  535. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/integrations/test_mlflow_integration.py +0 -0
  536. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/integrations/test_sbom_license_integration.py +0 -0
  537. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/integrations/test_sbom_url_fixes.py +0 -0
  538. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/progress/__init__.py +0 -0
  539. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/progress/test_base.py +0 -0
  540. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_base_scanner.py +0 -0
  541. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_executorch_scanner.py +0 -0
  542. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_joblib_scanner.py +0 -0
  543. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_joblib_scanner_codecs.py +0 -0
  544. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_keras_h5_scanner.py +0 -0
  545. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_numpy_scanner.py +0 -0
  546. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_oci_layer_scanner.py +0 -0
  547. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_onnx_dependency_handling.py +0 -0
  548. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_picklescan_adapter.py +0 -0
  549. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_pytorch_binary_scanner.py +0 -0
  550. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_rule_code_registry_consistency.py +0 -0
  551. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_rule_mapper.py +0 -0
  552. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_safetensors_scanner.py +0 -0
  553. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_sevenzip_scanner.py +0 -0
  554. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_tensorrt_scanner.py +0 -0
  555. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_tflite_scanner.py +0 -0
  556. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scanners/test_weight_distribution_scanner.py +0 -0
  557. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/scripts/test_large_pickle_corpus_qa.py +0 -0
  558. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_asset_inventory_integration.py +0 -0
  559. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_asset_list.py +0 -0
  560. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_auth_config.py +0 -0
  561. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_benchmark_report.py +0 -0
  562. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_bug1_confidence_exploit.py +0 -0
  563. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_cache_cli.py +0 -0
  564. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_cache_optimizations.py +0 -0
  565. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_checks_recording.py +0 -0
  566. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_cli_cache_dir.py +0 -0
  567. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_cli_default_command.py +0 -0
  568. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_cli_file_filtering.py +0 -0
  569. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_cli_license_integration.py +0 -0
  570. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_cli_logging_handlers.py +0 -0
  571. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_cli_output.py +0 -0
  572. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_cloud_url_detection.py +0 -0
  573. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_committed_fixture_hygiene.py +0 -0
  574. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_cve_2025_10155_bin_pickle.py +0 -0
  575. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_debug_command.py +0 -0
  576. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_dill_joblib_enhanced.py +0 -0
  577. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_double_interrupt.py +0 -0
  578. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_false_positive_fixes.py +0 -0
  579. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_file_hash.py +0 -0
  580. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_gguf_sbom_integration.py +0 -0
  581. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_graceful_degradation.py +0 -0
  582. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_header_discrepancy.py +0 -0
  583. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_huggingface_extensions.py +0 -0
  584. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_huggingface_symlinks.py +0 -0
  585. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_importlib_detection.py +0 -0
  586. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_integration.py +0 -0
  587. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_jax_flax_integration.py +0 -0
  588. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_jit_script_integration.py +0 -0
  589. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_lazy_loading.py +0 -0
  590. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_lazy_loading_integration.py +0 -0
  591. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_manifest_name_policy.py +0 -0
  592. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_nested_pickle_integration.py +0 -0
  593. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_network_comm_integration.py +0 -0
  594. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_os_alias_detection.py +0 -0
  595. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_os_subprocess_detection.py +0 -0
  596. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_path_traversal.py +0 -0
  597. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_performance_benchmarks.py +0 -0
  598. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_pickle_context_filtering.py +0 -0
  599. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_progress.py +0 -0
  600. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_pydantic_models.py +0 -0
  601. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_python_version_warning.py +0 -0
  602. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_pytorch_zip_detection.py +0 -0
  603. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_real_world_dill_joblib.py +0 -0
  604. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_regression_corpus.py +0 -0
  605. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_rules.py +0 -0
  606. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_safetensors_optimization.py +0 -0
  607. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_secure_hasher.py +0 -0
  608. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_security_asset_integration.py +0 -0
  609. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_security_enhancements.py +0 -0
  610. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_shebang_context.py +0 -0
  611. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_simple_jinja2.py +0 -0
  612. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_sklearn_joblib_false_positive.py +0 -0
  613. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_telemetry.py +0 -0
  614. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_telemetry_decoupling.py +0 -0
  615. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_tensorflow_lambda_detection.py +0 -0
  616. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_timeout_configuration.py +0 -0
  617. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_utils.py +0 -0
  618. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_weak_hash_detection.py +0 -0
  619. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_webbrowser_detection.py +0 -0
  620. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_why_explanations.py +0 -0
  621. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/test_xdist_status.py +0 -0
  622. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/__init__.py +0 -0
  623. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/file/__init__.py +0 -0
  624. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/file/test_advanced_file_handler.py +0 -0
  625. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/file/test_advanced_size_limits.py +0 -0
  626. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/file/test_file_type_validation_integration.py +0 -0
  627. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/file/test_integration_file_type_demo.py +0 -0
  628. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/file/test_large_file_handler.py +0 -0
  629. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/helpers/test_asset_from_scan_result.py +0 -0
  630. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/helpers/test_auto_defaults.py +0 -0
  631. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/helpers/test_code_validation.py +0 -0
  632. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/helpers/test_disk_space.py +0 -0
  633. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/helpers/test_file_iterator.py +0 -0
  634. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/helpers/test_interrupt_handling.py +0 -0
  635. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/helpers/test_ml_context_false_positives.py +0 -0
  636. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/helpers/test_py_compile_improvements.py +0 -0
  637. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/helpers/test_secure_hasher.py +0 -0
  638. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/sources/test_cloud_storage.py +0 -0
  639. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/sources/test_dvc_integration.py +0 -0
  640. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/sources/test_huggingface.py +0 -0
  641. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/sources/test_pytorch_hub.py +0 -0
  642. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/test_lfs.py +0 -0
  643. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/utils/test_result_conversion.py +0 -0
  644. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/whitelists/__init__.py +0 -0
  645. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/whitelists/test_combined.py +0 -0
  646. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/whitelists/test_huggingface_popular.py +0 -0
  647. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/whitelists/test_organizations.py +0 -0
  648. {modelaudit-0.2.42 → modelaudit-0.2.44}/tests/xdist_status.py +0 -0
{modelaudit-0.2.42 → modelaudit-0.2.44}/.gitattributes RENAMED
@@ -9,3 +9,7 @@
9
9
 
10
10
  # Vendored protobuf stubs are generated artifacts.
11
11
  modelaudit/protos/* linguist-generated=true
12
+
13
+ # Changelogs are append-heavy; preserve concurrent additions during merges.
14
+ CHANGELOG.md merge=union
15
+ packages/modelaudit-picklescan/CHANGELOG.md merge=union
modelaudit-0.2.44/.release-please-manifest.json ADDED
@@ -0,0 +1,4 @@
1
+ {
2
+ ".": "0.2.44",
3
+ "packages/modelaudit-picklescan": "0.1.5"
4
+ }
{modelaudit-0.2.42 → modelaudit-0.2.44}/CHANGELOG.md RENAMED
@@ -5,6 +5,174 @@ All notable changes to this project will be documented in this file.
5
5
  The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
6
6
  and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7
7
 
8
+ ## [0.2.44](https://github.com/promptfoo/modelaudit/compare/v0.2.43...v0.2.44) (2026-05-03)
9
+
10
+ ### Bug Fixes
11
+
12
+ - address ai quality findings ([#1218](https://github.com/promptfoo/modelaudit/issues/1218)) ([30f4ef2](https://github.com/promptfoo/modelaudit/commit/30f4ef246f7e26a4c6f85e684bfb35ceaea7c43d))
13
+ - clear remaining security-quality findings ([#1219](https://github.com/promptfoo/modelaudit/issues/1219)) ([259f931](https://github.com/promptfoo/modelaudit/commit/259f931fa573e234734b7d72850e0ca09d775f45))
14
+
15
+ ### Performance Improvements
16
+
17
+ - add opt-in core phase timings ([#1170](https://github.com/promptfoo/modelaudit/issues/1170)) ([75a7f0b](https://github.com/promptfoo/modelaudit/commit/75a7f0b4480f6e4305617a729fa9635b15432fe3))
18
+ - bound directory progress pre-counts ([#1174](https://github.com/promptfoo/modelaudit/issues/1174)) ([23dc5d0](https://github.com/promptfoo/modelaudit/commit/23dc5d009a9cf14060ee046fe74ef1af02de2e7d))
19
+ - bound ordinary license header reads ([#1197](https://github.com/promptfoo/modelaudit/issues/1197)) ([113ad34](https://github.com/promptfoo/modelaudit/commit/113ad3402d82aa1815239a4e3cbe93a862619cdc))
20
+ - cache call graph call nodes ([#1215](https://github.com/promptfoo/modelaudit/issues/1215)) ([aa52759](https://github.com/promptfoo/modelaudit/commit/aa52759aabaac335b87e30e2cbf042d141dc4e9f))
21
+ - cache function import aliases ([#1214](https://github.com/promptfoo/modelaudit/issues/1214)) ([d56eef2](https://github.com/promptfoo/modelaudit/commit/d56eef2de18652fee1a759642165e404b8202be9))
22
+ - cache manifest trusted-url lookups ([#1186](https://github.com/promptfoo/modelaudit/issues/1186)) ([09e76cf](https://github.com/promptfoo/modelaudit/commit/09e76cf9a793572e961aefbbc827aeaeab351e64))
23
+ - cache parameter controlled names ([#1213](https://github.com/promptfoo/modelaudit/issues/1213)) ([41b8f45](https://github.com/promptfoo/modelaudit/commit/41b8f4541c9b62204c74c04199931ef0484ba1a5))
24
+ - cache scanner selection policies ([#1177](https://github.com/promptfoo/modelaudit/issues/1177)) ([371f480](https://github.com/promptfoo/modelaudit/commit/371f48024153dcd93f5df327781348b4076ddfd4))
25
+ - cache split call graph names ([#1212](https://github.com/promptfoo/modelaudit/issues/1212)) ([77ab177](https://github.com/promptfoo/modelaudit/commit/77ab17782f23de46c57f6e2a7302a539fb0bfb98))
26
+ - dedupe repeated metadata urls ([#1166](https://github.com/promptfoo/modelaudit/issues/1166)) ([b3f1009](https://github.com/promptfoo/modelaudit/commit/b3f1009d8e75912117df1279da6230b80e6e61cc))
27
+ - reuse cache key content hash on store ([#1171](https://github.com/promptfoo/modelaudit/issues/1171)) ([e3981bd](https://github.com/promptfoo/modelaudit/commit/e3981bd21ddd912d893e306f354d49eb6b4e06e1))
28
+ - reuse call graph controlled names ([#1198](https://github.com/promptfoo/modelaudit/issues/1198)) ([84e6a9b](https://github.com/promptfoo/modelaudit/commit/84e6a9bd841095917e2199e9004759bcbe9c0eb3))
29
+ - reuse call graph module parses ([#1167](https://github.com/promptfoo/modelaudit/issues/1167)) ([0822b40](https://github.com/promptfoo/modelaudit/commit/0822b4043db270882b8fd14ff04de1cf3d3fb134))
30
+ - reuse compiled pmml extension patterns ([#1172](https://github.com/promptfoo/modelaudit/issues/1172)) ([51ddc85](https://github.com/promptfoo/modelaudit/commit/51ddc8510bf1fa696bf38f2f54b29885c267ca2a))
31
+ - reuse default secret regexes ([#1185](https://github.com/promptfoo/modelaudit/issues/1185)) ([b5ba149](https://github.com/promptfoo/modelaudit/commit/b5ba149f0667be7f7d86fe11f3647dac5ea3a620))
32
+ - reuse flax layer keyword text ([#1187](https://github.com/promptfoo/modelaudit/issues/1187)) ([b50947f](https://github.com/promptfoo/modelaudit/commit/b50947fefde1140693856011b221ff540d83b100))
33
+ - reuse flax structure analysis ([#1188](https://github.com/promptfoo/modelaudit/issues/1188)) ([c33c566](https://github.com/promptfoo/modelaudit/commit/c33c566cdb37ca480d593bbd474cb6f3dbd727b2))
34
+ - reuse flax suspicious patterns ([#1194](https://github.com/promptfoo/modelaudit/issues/1194)) ([0351de1](https://github.com/promptfoo/modelaudit/commit/0351de1b3419353a60bdc6510772ddb6b8b55d47))
35
+ - reuse hashes for hardlinked files ([#1175](https://github.com/promptfoo/modelaudit/issues/1175)) ([aac4367](https://github.com/promptfoo/modelaudit/commit/aac4367ef610e77c33bed9181821d83d4ccf1e4b))
36
+ - reuse jax probe file handle ([#1161](https://github.com/promptfoo/modelaudit/issues/1161)) ([3e95649](https://github.com/promptfoo/modelaudit/commit/3e956493a476156b71fd06142190d49eb95b8bac))
37
+ - reuse jinja scanner patterns ([#1184](https://github.com/promptfoo/modelaudit/issues/1184)) ([bb5a729](https://github.com/promptfoo/modelaudit/commit/bb5a729364aff328996d2868799b3ce394193df5))
38
+ - reuse jit import regexes ([#1190](https://github.com/promptfoo/modelaudit/issues/1190)) ([9f37f5d](https://github.com/promptfoo/modelaudit/commit/9f37f5d35317d9273388e24e72af4a6a2fd4c001))
39
+ - reuse lowered blacklist payload ([#1165](https://github.com/promptfoo/modelaudit/issues/1165)) ([624a17b](https://github.com/promptfoo/modelaudit/commit/624a17b2ede0e84062120987ed2b8919bedd822d))
40
+ - reuse lowered c2 payload scan ([#1163](https://github.com/promptfoo/modelaudit/issues/1163)) ([a63efaa](https://github.com/promptfoo/modelaudit/commit/a63efaaa44c257c6428ec64ac337657f8d948d9a))
41
+ - reuse lowered flax transform values ([#1169](https://github.com/promptfoo/modelaudit/issues/1169)) ([3d73ad7](https://github.com/promptfoo/modelaudit/commit/3d73ad719e540697d64636354f1ff23d4b2a8837))
42
+ - reuse lowered get_file values ([#1211](https://github.com/promptfoo/modelaudit/issues/1211)) ([3bc7890](https://github.com/promptfoo/modelaudit/commit/3bc7890339f9373e73e2979e48ef010c190c6028))
43
+ - reuse lowered hex token seed checks ([#1202](https://github.com/promptfoo/modelaudit/issues/1202)) ([8a34db9](https://github.com/promptfoo/modelaudit/commit/8a34db967e25d5b0a78479f71e53f85486f4c557))
44
+ - reuse lowered jax context text ([#1164](https://github.com/promptfoo/modelaudit/issues/1164)) ([d012c09](https://github.com/promptfoo/modelaudit/commit/d012c09ebb8a73b75360e8132d8a1434b37342ce))
45
+ - reuse lowered keras metadata text ([#1168](https://github.com/promptfoo/modelaudit/issues/1168)) ([abfe87b](https://github.com/promptfoo/modelaudit/commit/abfe87b3e4ac15aaf3d0721c9a9751a16fa10e6f))
46
+ - reuse lowered layer type names ([#1203](https://github.com/promptfoo/modelaudit/issues/1203)) ([4b94a67](https://github.com/promptfoo/modelaudit/commit/4b94a67f2b5142332b49da29fdb1e8ad2106cf03))
47
+ - reuse lowered license header text ([#1162](https://github.com/promptfoo/modelaudit/issues/1162)) ([447ea66](https://github.com/promptfoo/modelaudit/commit/447ea664889624da254d7de4c9c4219fe286e9e7))
48
+ - reuse lowered metadata filenames ([#1205](https://github.com/promptfoo/modelaudit/issues/1205)) ([4251df5](https://github.com/promptfoo/modelaudit/commit/4251df584cb5c3491492c643f211e07f3234fd68))
49
+ - reuse lowered metadata keys ([#1206](https://github.com/promptfoo/modelaudit/issues/1206)) ([3ea11f0](https://github.com/promptfoo/modelaudit/commit/3ea11f0d671902a95458cd143f3061b63db4f588))
50
+ - reuse lowered ml operation names ([#1201](https://github.com/promptfoo/modelaudit/issues/1201)) ([c5de398](https://github.com/promptfoo/modelaudit/commit/c5de398c1c1cb4809edd6bcab25740dc23eda1b8))
51
+ - reuse lowered sarif messages ([#1209](https://github.com/promptfoo/modelaudit/issues/1209)) ([fde43a4](https://github.com/promptfoo/modelaudit/commit/fde43a4a267de63530bd7716fcf6b851c6b74e78))
52
+ - reuse lowered secret descriptions ([#1208](https://github.com/promptfoo/modelaudit/issues/1208)) ([cb0324b](https://github.com/promptfoo/modelaudit/commit/cb0324b6ffd4444a974895a0dee7d209b0e4b571))
53
+ - reuse lowered skops member names ([#1207](https://github.com/promptfoo/modelaudit/issues/1207)) ([879c531](https://github.com/promptfoo/modelaudit/commit/879c5310f3f7f39b96bb280e9cc772647e1ea749))
54
+ - reuse lowered xgboost legacy headers ([#1204](https://github.com/promptfoo/modelaudit/issues/1204)) ([8bc1e7d](https://github.com/promptfoo/modelaudit/commit/8bc1e7d45ee89d62d51503c8e549114fa3df197e))
55
+ - reuse manifest text within scans ([#1160](https://github.com/promptfoo/modelaudit/issues/1160)) ([848bc1e](https://github.com/promptfoo/modelaudit/commit/848bc1ec65b428d0fe47adf117d848519e05f2be))
56
+ - reuse metagraph attr lowercase values ([#1200](https://github.com/promptfoo/modelaudit/issues/1200)) ([349751e](https://github.com/promptfoo/modelaudit/commit/349751e228f601c30bfbe61d386621db14aefb31))
57
+ - reuse nearby license discovery ([#1155](https://github.com/promptfoo/modelaudit/issues/1155)) ([301618d](https://github.com/promptfoo/modelaudit/commit/301618da66a41514e6e210d4ba8298cf816da81d))
58
+ - reuse network library patterns ([#1191](https://github.com/promptfoo/modelaudit/issues/1191)) ([630bd3d](https://github.com/promptfoo/modelaudit/commit/630bd3d35eff43c980a3bb9d0f75ad6cb548b42c))
59
+ - reuse normalized scanner selection policy ([#1153](https://github.com/promptfoo/modelaudit/issues/1153)) ([b8430a0](https://github.com/promptfoo/modelaudit/commit/b8430a04b141972febab6b03e744e1382c14aacb))
60
+ - reuse onnx model bytes for parsing ([#1193](https://github.com/promptfoo/modelaudit/issues/1193)) ([a5356a5](https://github.com/promptfoo/modelaudit/commit/a5356a5109a09f04db6efa764cb47088b7a5b1aa))
61
+ - reuse prefiltered sarif issues ([#1210](https://github.com/promptfoo/modelaudit/issues/1210)) ([d996043](https://github.com/promptfoo/modelaudit/commit/d9960432a37982595109d2c20ca34cbb7e2807cf))
62
+ - reuse savedmodel function patterns ([#1183](https://github.com/promptfoo/modelaudit/issues/1183)) ([c043bcd](https://github.com/promptfoo/modelaudit/commit/c043bcd0c9509f0704406e3cbf67a374f898d73e))
63
+ - reuse secrets detector heuristics ([#1189](https://github.com/promptfoo/modelaudit/issues/1189)) ([799e8bf](https://github.com/promptfoo/modelaudit/commit/799e8bf6c62c336cd64083309d2f615426041863))
64
+ - reuse sibling license directory listings ([#1157](https://github.com/promptfoo/modelaudit/issues/1157)) ([5ec7f21](https://github.com/promptfoo/modelaudit/commit/5ec7f21ab0b16eaf23c654688eab4219c091fc86))
65
+ - reuse suspicious port names ([#1192](https://github.com/promptfoo/modelaudit/issues/1192)) ([8ed7665](https://github.com/promptfoo/modelaudit/commit/8ed76651cc386ef4ad1ffbdd9f1b280ee951f1cc))
66
+ - share call graph caches within reports ([#1156](https://github.com/promptfoo/modelaudit/issues/1156)) ([b16d37c](https://github.com/promptfoo/modelaudit/commit/b16d37c3b4439b4e6d966b8b9624642307c2a322))
67
+ - share getattr assignment candidates ([#1199](https://github.com/promptfoo/modelaudit/issues/1199)) ([5d12903](https://github.com/promptfoo/modelaudit/commit/5d1290330328ad4fb6e6f88bddc34e7bfba9d310))
68
+ - short-circuit hf bookkeeping checks ([#1154](https://github.com/promptfoo/modelaudit/issues/1154)) ([ed0122d](https://github.com/promptfoo/modelaudit/commit/ed0122d57bb875beab88a92dbb670c7d06ec881b))
69
+ - skip call graph enrichment in pickle validation ([#1196](https://github.com/promptfoo/modelaudit/issues/1196)) ([2347d80](https://github.com/promptfoo/modelaudit/commit/2347d80a2d110f582c188679b4a0c04489779745))
70
+ - skip directory pre-count without progress ([#1173](https://github.com/promptfoo/modelaudit/issues/1173)) ([83c8bb4](https://github.com/promptfoo/modelaudit/commit/83c8bb42a53180d09d707bad6cd90d06d3ab55ee))
71
+ - skip redundant jax scans for plain pickles ([#1158](https://github.com/promptfoo/modelaudit/issues/1158)) ([04c6974](https://github.com/promptfoo/modelaudit/commit/04c6974283a02ddb5233a498ccfd0306261ab6ab))
72
+ - skip renormalizing scanner selection ([#1181](https://github.com/promptfoo/modelaudit/issues/1181)) ([74ac7a7](https://github.com/promptfoo/modelaudit/commit/74ac7a7fef31028582c201690610076214c2d544))
73
+ - summarize CLI progress tree once ([#1182](https://github.com/promptfoo/modelaudit/issues/1182)) ([0bc373f](https://github.com/promptfoo/modelaudit/commit/0bc373fc8a3d1694fa35a18f7789d195f2cacd79))
74
+
75
+ ### Documentation
76
+
77
+ - add performance audit backlog ([#1159](https://github.com/promptfoo/modelaudit/issues/1159)) ([be6cc4a](https://github.com/promptfoo/modelaudit/commit/be6cc4a43facb6212c6f591779c5faddc111a280))
78
+
79
+ ## [0.2.43](https://github.com/promptfoo/modelaudit/compare/v0.2.42...v0.2.43) (2026-05-01)
80
+
81
+ ### Bug Fixes
82
+
83
+ - align manifest scanner routing ([#1111](https://github.com/promptfoo/modelaudit/issues/1111)) ([ad7f253](https://github.com/promptfoo/modelaudit/commit/ad7f2534ad3e9f5ec744aadbf2448e02bdaa092f))
84
+ - analyze jax-like pickle checkpoints ([#1114](https://github.com/promptfoo/modelaudit/issues/1114)) ([576ac54](https://github.com/promptfoo/modelaudit/commit/576ac540822e620204ea7d654848bcca9376b44f))
85
+ - avoid inert skops cve false positives ([7538e58](https://github.com/promptfoo/modelaudit/commit/7538e58fc6ba7c3f9f7721a6c686035f6502c1e6))
86
+ - avoid PMML system substring false positives ([#1125](https://github.com/promptfoo/modelaudit/issues/1125)) ([20fdd0c](https://github.com/promptfoo/modelaudit/commit/20fdd0c7ef498099e439306e323093920fd752c7))
87
+ - catch suspicious nemo target leaves ([#1116](https://github.com/promptfoo/modelaudit/issues/1116)) ([b8dccfa](https://github.com/promptfoo/modelaudit/commit/b8dccfa1b2aca25c277c35616ee1b01c87953e6f))
88
+ - close pytorch zip coverage gaps ([#1095](https://github.com/promptfoo/modelaudit/issues/1095)) ([a1ca298](https://github.com/promptfoo/modelaudit/commit/a1ca298b7d217989286b9bc0e3ef6545871f9b53))
89
+ - correct analysis suspiciousness ([#1101](https://github.com/promptfoo/modelaudit/issues/1101)) ([11b1d3e](https://github.com/promptfoo/modelaudit/commit/11b1d3e3ce7ace309f3864c599c7f70b6479c5cb))
90
+ - cover eager statistics consumers in picklescan ([#1148](https://github.com/promptfoo/modelaudit/issues/1148)) ([0d5ea8e](https://github.com/promptfoo/modelaudit/commit/0d5ea8e5a0be4f96d3ca97c55640cdb35b55215c))
91
+ - detect bare torch7 require loads ([#1117](https://github.com/promptfoo/modelaudit/issues/1117)) ([7c77be0](https://github.com/promptfoo/modelaudit/commit/7c77be01de8783e852815e58811f592455b3b6c4))
92
+ - detect extensionless archive executables ([#1110](https://github.com/promptfoo/modelaudit/issues/1110)) ([b64a2da](https://github.com/promptfoo/modelaudit/commit/b64a2da696f9a922e826c39d64c37894ce393582))
93
+ - detect nested brace-format mapping lookups ([#1151](https://github.com/promptfoo/modelaudit/issues/1151)) ([fc296ad](https://github.com/promptfoo/modelaudit/commit/fc296adaa97815b4067f0a764e653cdf777a5724))
94
+ - detect Paddle patterns across chunk boundaries ([#1120](https://github.com/promptfoo/modelaudit/issues/1120)) ([d4fedf9](https://github.com/promptfoo/modelaudit/commit/d4fedf9e9b1492cec291dedb1ff53fe420d13bb7))
95
+ - fail closed on bounded scanner analysis ([#1099](https://github.com/promptfoo/modelaudit/issues/1099)) ([60973e4](https://github.com/promptfoo/modelaudit/commit/60973e4eb48928c120d62ed651b1abb95c210134))
96
+ - fail closed on call graph errors ([#1143](https://github.com/promptfoo/modelaudit/issues/1143)) ([1a08449](https://github.com/promptfoo/modelaudit/commit/1a084493b16b5c62b0cd7022b79e60795e88b07b))
97
+ - fail closed on directory size limits ([#1093](https://github.com/promptfoo/modelaudit/issues/1093)) ([47054d7](https://github.com/promptfoo/modelaudit/commit/47054d7fe808cfb3ee676d1da533c244170946bf))
98
+ - fail closed on header-only streaming scans ([#1103](https://github.com/promptfoo/modelaudit/issues/1103)) ([7b934c0](https://github.com/promptfoo/modelaudit/commit/7b934c02004850b5ca2428fe2871acb3e413062a))
99
+ - fail closed on incomplete mar scans ([#1096](https://github.com/promptfoo/modelaudit/issues/1096)) ([af31235](https://github.com/promptfoo/modelaudit/commit/af312351a7b2069214d4938cb9c8e051e25ae8f3))
100
+ - fail closed on limited llamafile payload scans ([ceb3f22](https://github.com/promptfoo/modelaudit/commit/ceb3f22870f5555e809dbf19d7ce37e4d2488b5a))
101
+ - fail closed on malformed XGBoost JSON ([#1123](https://github.com/promptfoo/modelaudit/issues/1123)) ([4d4ba28](https://github.com/promptfoo/modelaudit/commit/4d4ba285e60a3abfb64f0259c792c52dcb66794d))
102
+ - fail closed on nemo archives without config ([#1115](https://github.com/promptfoo/modelaudit/issues/1115)) ([a09f763](https://github.com/promptfoo/modelaudit/commit/a09f76308e1e5e3db7d20298e1ed508806d9cbbd))
103
+ - fail closed on ONNX raw detector failures ([#1119](https://github.com/promptfoo/modelaudit/issues/1119)) ([2963764](https://github.com/promptfoo/modelaudit/commit/2963764e28c4fb94cdfdef6a975e630c4ab4dd2f))
104
+ - fail closed on truncated tensor metadata ([b267328](https://github.com/promptfoo/modelaudit/commit/b267328ca6952ade157a82de00ddc3ca541619f0))
105
+ - fail closed on unanalyzable call graphs ([#1108](https://github.com/promptfoo/modelaudit/issues/1108)) ([dcb8bbe](https://github.com/promptfoo/modelaudit/commit/dcb8bbe4683c284a1ea6c84231dee6808a93fc52))
106
+ - fail closed when recognized scanners are unavailable ([#1104](https://github.com/promptfoo/modelaudit/issues/1104)) ([f4866d4](https://github.com/promptfoo/modelaudit/commit/f4866d424c5fe2112c681f7984a2c59d9fe5b794))
107
+ - fail closed without yaml parser ([99ef15a](https://github.com/promptfoo/modelaudit/commit/99ef15a35cea50257ca31629da3e51f50d369f75))
108
+ - harden detector heuristics ([#1100](https://github.com/promptfoo/modelaudit/issues/1100)) ([bf57b3b](https://github.com/promptfoo/modelaudit/commit/bf57b3b20ab43d1fdf764a503a7bd9fe19c7cd11))
109
+ - ignore inert format placeholders ([#1142](https://github.com/promptfoo/modelaudit/issues/1142)) ([8f728e8](https://github.com/promptfoo/modelaudit/commit/8f728e8454578ba34ce5b28389258fa2eba29fe8))
110
+ - ignore inert XGBoost feature labels ([f637e1e](https://github.com/promptfoo/modelaudit/commit/f637e1ebc024913af14f4a3eff01ee4600459b5d))
111
+ - inspect savedmodel root siblings ([#1118](https://github.com/promptfoo/modelaudit/issues/1118)) ([cf6bf8f](https://github.com/promptfoo/modelaudit/commit/cf6bf8f83499910bf179361d1015c161ee8dafff))
112
+ - keep inert dotted global metadata clean ([#1150](https://github.com/promptfoo/modelaudit/issues/1150)) ([9a76915](https://github.com/promptfoo/modelaudit/commit/9a769151c0ffd29a1638f1dacc78d2eb77b0f268))
113
+ - **picklescan:** detect hidden-only pytorch zips ([#1098](https://github.com/promptfoo/modelaudit/issues/1098)) ([3e94f70](https://github.com/promptfoo/modelaudit/commit/3e94f7020d5a28fc150afed1520adcac8d58ce73))
114
+ - **picklescan:** detect statistics quantiles iterator consumption ([#1152](https://github.com/promptfoo/modelaudit/issues/1152)) ([b357fdb](https://github.com/promptfoo/modelaudit/commit/b357fdb7db320d3485cf0458a4cf0f16b86717c1))
115
+ - **picklescan:** fail closed on late encoded payload probes ([#1107](https://github.com/promptfoo/modelaudit/issues/1107)) ([55b43a5](https://github.com/promptfoo/modelaudit/commit/55b43a5229baadf1c3673b4d89838e55c5cf6ae3))
116
+ - **picklescan:** model str.format lookups ([#1097](https://github.com/promptfoo/modelaudit/issues/1097)) ([2c87acb](https://github.com/promptfoo/modelaudit/commit/2c87acbb01285289872203063074baf51d0cd28c))
117
+ - preserve exact entropy literals ([#1138](https://github.com/promptfoo/modelaudit/issues/1138)) ([95ba57c](https://github.com/promptfoo/modelaudit/commit/95ba57cad1d9bb346c2752942b8e054d8dfa66ff))
118
+ - preserve hidden model payloads ([#1091](https://github.com/promptfoo/modelaudit/issues/1091)) ([5b11f91](https://github.com/promptfoo/modelaudit/commit/5b11f91942c1e5943e74affa3fbf86244f63f9cc))
119
+ - preserve incomplete office zip scans ([#1094](https://github.com/promptfoo/modelaudit/issues/1094)) ([9ed81db](https://github.com/promptfoo/modelaudit/commit/9ed81db90ce60e4128f8e95a0ae50f5f5a75d214))
120
+ - preserve merged scan failures ([#1092](https://github.com/promptfoo/modelaudit/issues/1092)) ([e7fecc5](https://github.com/promptfoo/modelaudit/commit/e7fecc5e674a404164e352f07d5bca381e1862f0))
121
+ - preserve path-sensitive directory scans ([#1102](https://github.com/promptfoo/modelaudit/issues/1102)) ([ddebc52](https://github.com/promptfoo/modelaudit/commit/ddebc52095773f651b64944412180e2ee5e76762))
122
+ - preserve str.format lookup keys in picklescan ([#1149](https://github.com/promptfoo/modelaudit/issues/1149)) ([feb3e1c](https://github.com/promptfoo/modelaudit/commit/feb3e1ccb629344180e3a27e093e24b707c671e6))
123
+ - reject ajax as a JAX checkpoint hint ([#1124](https://github.com/promptfoo/modelaudit/issues/1124)) ([9f51b2c](https://github.com/promptfoo/modelaudit/commit/9f51b2c8e154d94b3361dfb0b07ba6bdd37aedd1))
124
+ - reject marker-only XGBoost binaries ([#1122](https://github.com/promptfoo/modelaudit/issues/1122)) ([30ec930](https://github.com/promptfoo/modelaudit/commit/30ec9308a50f445ddd2f55624fe0b294dc2e92cd))
125
+ - remove filename-based framework skips ([#1137](https://github.com/promptfoo/modelaudit/issues/1137)) ([7a18b49](https://github.com/promptfoo/modelaudit/commit/7a18b49f434ddc091cb26672323dad6dab42dab7))
126
+ - require startup hook invocations ([#1140](https://github.com/promptfoo/modelaudit/issues/1140)) ([7e0777d](https://github.com/promptfoo/modelaudit/commit/7e0777dcc71bfdbd8212358aa548ee45d3808642))
127
+ - require strict zip signatures ([93f60af](https://github.com/promptfoo/modelaudit/commit/93f60afe5765047752f2c97fc10f160939a66c62))
128
+ - resolve concatenated archive getattr names ([#1105](https://github.com/promptfoo/modelaudit/issues/1105)) ([59a7df6](https://github.com/promptfoo/modelaudit/commit/59a7df6464fda09f79bbd5fa44754402764e89b7))
129
+ - resync post-budget pickle replay ([#1141](https://github.com/promptfoo/modelaudit/issues/1141)) ([e275676](https://github.com/promptfoo/modelaudit/commit/e27567661295a96d94cd1ea29abd4f42c6c249e3))
130
+ - route extensionless scanners ([18accbd](https://github.com/promptfoo/modelaudit/commit/18accbdaf6808bd6316d742c84a1f92dce63984a))
131
+ - route flax suffixes without msgpack ([dca6056](https://github.com/promptfoo/modelaudit/commit/dca605662e2dbf3209b4d69e61fb9f1306599b7d))
132
+ - route middle-marker llamafiles ([f11792c](https://github.com/promptfoo/modelaudit/commit/f11792ca6c4e3237d731d54c47ce44b00a3c7d4b))
133
+ - route renamed XML models after long prologs ([#1109](https://github.com/promptfoo/modelaudit/issues/1109)) ([e2f9962](https://github.com/promptfoo/modelaudit/commit/e2f9962a887762ad49854ec1ee750c7df20b6a7c))
134
+ - scan concatenated compressed members ([#1135](https://github.com/promptfoo/modelaudit/issues/1135)) ([3f9a51a](https://github.com/promptfoo/modelaudit/commit/3f9a51a37b92bc6e48dedb5aa97e3aeb32d64a0d))
135
+ - scan embedded manifest chat templates ([#1112](https://github.com/promptfoo/modelaudit/issues/1112)) ([18433a8](https://github.com/promptfoo/modelaudit/commit/18433a83966229642555fa8886e3e55a8b3e15bb))
136
+ - scan gguf chat templates with jinja analysis ([#1113](https://github.com/promptfoo/modelaudit/issues/1113)) ([35b420a](https://github.com/promptfoo/modelaudit/commit/35b420ac908bd29cecc6e82b85e1af88056b9551))
137
+ - scan unmarked python jit blobs ([#1136](https://github.com/promptfoo/modelaudit/issues/1136)) ([681ce62](https://github.com/promptfoo/modelaudit/commit/681ce62487f0f41a9c2af7e8f7b50be65b16f901))
138
+ - scope huggingface bookkeeping skips ([#1090](https://github.com/promptfoo/modelaudit/issues/1090)) ([87f7204](https://github.com/promptfoo/modelaudit/commit/87f7204bedc8a6ff94472b5831abd52a25836dcd))
139
+ - stabilize non-pytorch zip status ([7449aae](https://github.com/promptfoo/modelaudit/commit/7449aae0e36a38de7681acfd0f5f77033afea059))
140
+ - validate all XGBoost trees ([#1121](https://github.com/promptfoo/modelaudit/issues/1121)) ([a38eab2](https://github.com/promptfoo/modelaudit/commit/a38eab225b3671e8df20621455fca775ff5ee96a))
141
+
142
+ ### Documentation
143
+
144
+ - narrow scan coverage claims ([#1139](https://github.com/promptfoo/modelaudit/issues/1139)) ([47ec8cf](https://github.com/promptfoo/modelaudit/commit/47ec8cf3bc5a5ac3166757bbaae0c5a3c6adb73d))
145
+
146
+ ## [Unreleased]
147
+
148
+ ### Bug Fixes
149
+
150
+ - detect nested brace-format lookups that reach tracked `defaultdict` factories
151
+ - avoid `str.format` picklescan false positives when a `ChainMap` shadows a `defaultdict`
152
+ - block `statistics.quantiles` call-iterator consumption in picklescan call-graph analysis
153
+ - block additional eager `statistics` consumers in picklescan call-graph analysis
154
+ - avoid picklescan false positives for inert metadata under dangerous dotted globals
155
+ - preserve path-sensitive scan results while hashing duplicate directory contents
156
+ - correct analysis suspiciousness scoring and alias-aware semantic risk handling
157
+ - harden detector heuristics against comment padding, byte-backed credentials, unmarked Python blobs, and spoofed network context
158
+ - fail closed when bounded scanner windows leave relevant model content uninspected
159
+ - fail closed when TorchServe MAR limits leave manifest-referenced payloads unscanned
160
+ - recurse into nested ZIP members inside PyTorch archives and fail closed when compression-ratio guards leave members unscanned
161
+ - preserve large Office-like ZIPs when prefilter inspection is incomplete
162
+ - fail closed when directory scans stop at the total-size budget
163
+ - restrict Hugging Face bookkeeping filename skips to recognized cache layouts
164
+ - preserve unsuccessful child results after scan-result merges
165
+ - preserve supported payloads hidden behind default directory-skip names
166
+ - use bounded raw Jinja fallback windows and fail closed when PyYAML is
167
+ unavailable for YAML template configs
168
+ - let extensionless file scanners participate in local file selection so
169
+ supported extensionless Llamafiles do not fall through to clean unknown
170
+ results
171
+ - fail closed when PyTorch ZIP tensor-metadata validation can only inspect a
172
+ bounded pickle prefix or cannot complete member analysis
173
+ - preserve and scan concatenated compressed-wrapper member boundaries so a
174
+ benign first member cannot hide later malicious payloads
175
+
8
176
  ## [0.2.42](https://github.com/promptfoo/modelaudit/compare/v0.2.41...v0.2.42) (2026-04-27)
9
177
 
10
178
  ### Bug Fixes
@@ -97,6 +265,17 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
97
265
 
98
266
  ### Added
99
267
 
268
+ - **security:** inspect non-canonical SavedModel root siblings for suspicious
269
+ executable-like content
270
+ - **security:** detect bare-string Lua `require "module"` loads in Torch7
271
+ artifacts
272
+ - **security:** keep trusted NeMo namespaces from suppressing suspicious Hydra
273
+ `_target_` leaf names
274
+ - **security:** fail closed when NeMo archives contain no analyzable config files
275
+ - **security:** analyze GGUF-embedded chat templates through the Jinja scanner
276
+ while preserving GGUF scanner ownership
277
+ - **security:** run JAX checkpoint analysis for JAX-like pickle payloads that
278
+ stay on the primary pickle scanner path
100
279
  - **security:** detect `mailcap.findmatch` pickle call targets that can execute
101
280
  attacker-controlled mailcap `test` commands on Python versions that still
102
281
  provide `mailcap`
@@ -293,6 +472,47 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
293
472
 
294
473
  ### Fixed
295
474
 
475
+ - **llamafile:** stream marker detection across executable bodies so `.exe`
476
+ wrappers with middle-only `llamafile` markers still route to the scanner
477
+ - **flax:** keep explicit Flax/JAX checkpoint suffixes routed to the scanner when
478
+ `msgpack` is unavailable so missing parser coverage fails closed
479
+ - **llamafile:** fail closed when bounded embedded-payload scanning stops before
480
+ covering the full executable
481
+ - **skops:** require exploit-shaped structured loader nodes for CVE-2025-54412
482
+ and CVE-2025-54413 checks so inert prose, filenames, and valid loader nodes do
483
+ not become critical findings
484
+ - **routing:** require recognized ZIP signatures before classifying files or
485
+ streaming previews as archives, so benign `PK*` near-matches stay unclassified
486
+ - **xgboost:** avoid flagging inert `feature_names` metadata as executable JSON
487
+ content.
488
+ - **pmml:** avoid flagging benign `ecosystem()` prose as a `system(...)` call.
489
+ - **jax:** avoid routing `ajax` near-matches as JAX checkpoint indicators.
490
+ - **security:** fail closed on malformed nested XGBoost JSON structures that
491
+ would otherwise skip booster or tree validation.
492
+ - **security:** require the legacy XGBoost binary signature instead of
493
+ accepting marker-shaped text payloads as valid `.bst` models.
494
+ - **security:** validate late XGBoost trees instead of sampling only the first
495
+ ten tree structures.
496
+ - **security:** detect PaddlePaddle suspicious tokens that span the scanner's
497
+ 1 MiB read boundaries.
498
+ - **routing:** align manifest scanner routing with the manifest filenames and
499
+ dedicated manifest-style suffixes declared by the registry.
500
+ - **security:** detect strong executable headers in generic archive members even
501
+ when the payload has no executable-looking suffix.
502
+ - **routing:** preserve renamed OpenVINO and PMML XML models with long benign
503
+ prologs during content-based directory filtering.
504
+ - **security:** resolve compile-time string concatenation in archive-member `getattr` calls so high-risk targets like `os.system` cannot hide behind split literals
505
+ - **security:** fail closed when routing recognizes a model format but no scanner is available to analyze it
506
+ - **security:** fail closed when streaming scans only fall back to heuristic header checks, even if the remote file bytes were fully read
507
+ - **docs:** narrow public scan-coverage wording so unsupported or merely discovered formats are not over-promised
508
+ - **analysis:** keep exact dangerous literals visible even when surrounding bytes look like ML weights
509
+ - **analysis:** stop attacker-controlled file and directory names from suppressing dangerous framework-pattern findings
510
+ - **security:** detect dangerous marker-free Python source blobs through the public JIT path so disguised archive members are still analyzed
511
+ - **security:** mark ONNX scans inconclusive when raw JIT/script or network
512
+ detector analysis cannot complete instead of treating detector failures as
513
+ clean passes.
514
+ - **security:** run Jinja template analysis for manifest-owned configs that carry
515
+ embedded chat-template fields.
296
516
  - **pickle:** detect stdlib filesystem probe and process-state callables such as `pathlib` metadata methods, `decimal.setcontext`, and `gc.disable` during pickle scans, while keeping local container mutations clean and covering public `operator.setitem` registry poisoning plus target-aware `operator.imul` warning-filter mutation.
297
517
  - **pickle:** detect public `operator.setitem` pickle calls, keep callable
298
518
  invocation aliases ahead of import-reference budget exhaustion, dedupe repeated
{modelaudit-0.2.42 → modelaudit-0.2.44}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: modelaudit
3
- Version: 0.2.42
3
+ Version: 0.2.44
4
4
  Summary: Static scanning library for detecting malicious code, potential backdoor indicators, and other security risks in ML model files
5
5
  Project-URL: Repository, https://github.com/promptfoo/modelaudit
6
6
  Project-URL: Homepage, https://github.com/promptfoo/modelaudit
@@ -27,7 +27,7 @@ Requires-Dist: defusedxml>=0.7.1
27
27
  Requires-Dist: fsspec>=2025.5.1
28
28
  Requires-Dist: gcsfs>=2025.5.1
29
29
  Requires-Dist: huggingface-hub>=0.23.0
30
- Requires-Dist: modelaudit-picklescan<0.2.0,>=0.1.3
30
+ Requires-Dist: modelaudit-picklescan<0.2.0,>=0.1.4
31
31
  Requires-Dist: msgpack<2.0,>=1.0.0
32
32
  Requires-Dist: numpy<2.0,>=1.19.0; python_version == '3.10'
33
33
  Requires-Dist: numpy<2.5,>=2.4.3; python_version >= '3.11'
@@ -143,7 +143,7 @@ Models download from untrusted registries, pass through CI, and end up running i
143
143
  - **Scan statically.** No model is ever loaded, unpickled, or executed.
144
144
  - **Cover the formats you actually ship.** 40+ scanners spanning pickle, PyTorch, SafeTensors, ONNX, TensorFlow, Keras, GGUF, archives, and configs.
145
145
  - **Fit into CI.** Machine-readable output (JSON, SARIF), strict mode, exit codes, and [selectable scanners](https://github.com/promptfoo/modelaudit/blob/main/docs/user/scanner-selection.md).
146
- - **Fail closed.** Truncated reads, exhausted budgets, and unsupported formats are reported as coverage gaps, not silent passes.
146
+ - **Surface coverage limits.** Recognized scanners report bounded-analysis gaps such as truncated reads or exhausted budgets instead of presenting them as fully covered results.
147
147
 
148
148
  Comparable tools: [`picklescan`](https://github.com/mmaitre314/picklescan) (pickle only, Python-based), [`fickling`](https://github.com/trailofbits/fickling) (pickle only, AST-based), [`modelscan`](https://github.com/protectai/modelscan) (pickle + TensorFlow + Keras subset). ModelAudit is broader in coverage and ships a native Rust pickle engine via its companion package [`modelaudit-picklescan`](https://pypi.org/project/modelaudit-picklescan/).
149
149
 
{modelaudit-0.2.42 → modelaudit-0.2.44}/README.md RENAMED
@@ -19,7 +19,7 @@ Models download from untrusted registries, pass through CI, and end up running i
19
19
  - **Scan statically.** No model is ever loaded, unpickled, or executed.
20
20
  - **Cover the formats you actually ship.** 40+ scanners spanning pickle, PyTorch, SafeTensors, ONNX, TensorFlow, Keras, GGUF, archives, and configs.
21
21
  - **Fit into CI.** Machine-readable output (JSON, SARIF), strict mode, exit codes, and [selectable scanners](https://github.com/promptfoo/modelaudit/blob/main/docs/user/scanner-selection.md).
22
- - **Fail closed.** Truncated reads, exhausted budgets, and unsupported formats are reported as coverage gaps, not silent passes.
22
+ - **Surface coverage limits.** Recognized scanners report bounded-analysis gaps such as truncated reads or exhausted budgets instead of presenting them as fully covered results.
23
23
 
24
24
  Comparable tools: [`picklescan`](https://github.com/mmaitre314/picklescan) (pickle only, Python-based), [`fickling`](https://github.com/trailofbits/fickling) (pickle only, AST-based), [`modelscan`](https://github.com/protectai/modelscan) (pickle + TensorFlow + Keras subset). ModelAudit is broader in coverage and ships a native Rust pickle engine via its companion package [`modelaudit-picklescan`](https://pypi.org/project/modelaudit-picklescan/).
25
25