Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release v2.26.1 #9016

Merged
merged 9 commits into from
Jan 29, 2025
Prev Previous commit
Next Next commit
Add bandit suppressions to tracker functions (#9004)
Now that GHSA-wq36-mxf8-hv62 is fixed, it is actually safe to use
jsonpickle in this context.
SpecLad authored Jan 28, 2025
commit fa0e3f1a3173a166591a9bfee3b74778ef8b380a
24 changes: 14 additions & 10 deletions serverless/pytorch/dschoerk/transt/nuclio/model_handler.py
Original file line number Diff line number Diff line change
@@ -18,20 +18,24 @@ def __init__(self):
self.tracker = Tracker(name='transt', net=net, window_penalty=0.49, exemplar_size=128, instance_size=256)

def decode_state(self, state):
self.tracker.net.net.zf = jsonpickle.decode(state['model.net.net.zf'])
self.tracker.net.net.pos_template = jsonpickle.decode(state['model.net.net.pos_template'])
# The server ensures that `state` is one of the values that the function itself
# has previously output. Therefore it should be safe to use jsonpickle.
decode = jsonpickle.decode # nosec: B301

self.tracker.window = jsonpickle.decode(state['model.window'])
self.tracker.center_pos = jsonpickle.decode(state['model.center_pos'])
self.tracker.size = jsonpickle.decode(state['model.size'])
self.tracker.channel_average = jsonpickle.decode(state['model.channel_average'])
self.tracker.mean = jsonpickle.decode(state['model.mean'])
self.tracker.std = jsonpickle.decode(state['model.std'])
self.tracker.inplace = jsonpickle.decode(state['model.inplace'])
self.tracker.net.net.zf = decode(state['model.net.net.zf'])
self.tracker.net.net.pos_template = decode(state['model.net.net.pos_template'])

self.tracker.window = decode(state['model.window'])
self.tracker.center_pos = decode(state['model.center_pos'])
self.tracker.size = decode(state['model.size'])
self.tracker.channel_average = decode(state['model.channel_average'])
self.tracker.mean = decode(state['model.mean'])
self.tracker.std = decode(state['model.std'])
self.tracker.inplace = decode(state['model.inplace'])

self.tracker.features_initialized = False
if 'model.features_initialized' in state:
self.tracker.features_initialized = jsonpickle.decode(state['model.features_initialized'])
self.tracker.features_initialized = decode(state['model.features_initialized'])

def encode_state(self):
state = {}
11 changes: 9 additions & 2 deletions serverless/pytorch/foolwood/siammask/nuclio/model_handler.py
Original file line number Diff line number Diff line change
@@ -2,11 +2,16 @@
#
# SPDX-License-Identifier: MIT

from tools.test import *
import os
from copy import copy

import jsonpickle
import numpy as np
import torch

from tools.test import siamese_init, siamese_track
from utils.config_helper import load_config
from utils.load_helper import load_pretrain

class ModelHandler:
def __init__(self):
@@ -37,7 +42,9 @@ def encode_state(self, state):

def decode_state(self, state):
for k,v in state.items():
state[k] = jsonpickle.decode(v)
# The server ensures that `state` is one of the values that the function itself
# has previously output. Therefore it should be safe to use jsonpickle.
state[k] = jsonpickle.decode(v) # nosec: B301

state['net'] = copy(self.siammask)
state['net'].zf = state['net.zf']
Loading