Can HF be convinced to release these .bin files properly?
#2
by
artyom17
- opened
What do you think? For 8B too.
Probably not. The whole point was to move to safetensors because of the code Injection that can happen with pytorch pickle. I think a better solution would be to modify gpt-fast to work with safetensors instead.
Interesting. Probably, you are right. Found this article: https://medium.com/@mandalsouvik/safetensors-a-simple-and-safe-way-to-store-and-distribute-tensors-d9ba1931ba04
Sounds doable.