Pickle files are probably still useful saving exploratory work, collaborating in... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tennysont 59 days ago \| parent \| context \| favorite \| on: AIsbom – open-source CLI to detect "Pickle Bombs" ... Pickle files are probably still useful saving exploratory work, collaborating inside a company, and use inside a pipeline. Safetensors is supposed to be the successor for distribution. I believe that it's the "safe" subset of pickle's data format.

rhdunn 58 days ago [–]

The safetensors file format is a header length, JSON header, and serialized tensor weights. [1]

[1] https://github.com/huggingface/safetensors

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact