Remote Code execution risk
Could you please confirm whether this carries risk of RCE?
The "remote code" that will be executed are these two files:
- https://huggingface.co/dunzhang/stella_en_1.5B_v5/blob/main/modeling_qwen.py
- https://huggingface.co/dunzhang/stella_en_1.5B_v5/blob/main/tokenization_qwen.py
Beyond that, it's just code from e.g. transformers/sentence-transformers.
As far as I can tell, these two files are clean. I've used them myself, as well.
- Tom Aarsen
Great @tomaarsen , thanks!
The "remote code" that will be executed are these two files:
- https://huggingface.co/dunzhang/stella_en_1.5B_v5/blob/main/modeling_qwen.py
- https://huggingface.co/dunzhang/stella_en_1.5B_v5/blob/main/tokenization_qwen.py
Beyond that, it's just code from e.g.
transformers/sentence-transformers.As far as I can tell, these two files are clean. I've used them myself, as well.
- Tom Aarsen
Hey Tom, in which path I should put the two files that I can totally use the model locally? I tried to put them in the same path as the safetensors, it didn't work when I cut off the internet.
Hmm, they should indeed be in the same directory as the safetensors file. Perhaps you can set the HF_HUB_OFFLINE argument as described here: https://huggingface.co/docs/transformers/main/en/installation#offline_mode
- Tom Aarsen