ci: Add script to check for pickle usage in community (#22863)

Add script to check for pickle usage in community.
2025-09-04 04:28:58 +00:00 · 2024-06-13 16:13:15 -04:00
parent 77209f315e
commit 8f7cc73817
9 changed files with 65 additions and 8 deletions
--- a/libs/community/langchain_community/llms/self_hosted.py
+++ b/libs/community/langchain_community/llms/self_hosted.py
@@ -36,7 +36,9 @@ def _send_pipeline_to_device(pipeline: Any, device: int) -> Any:
    """Send a pipeline to a device on the cluster."""
    if isinstance(pipeline, str):
        with open(pipeline, "rb") as f:
-            pipeline = pickle.load(f)
+            # This code path can only be triggered if the user
+            # passed allow_dangerous_deserialization=True
+            pipeline = pickle.load(f)  # ignore[pickle]: explicit-opt-in

    if importlib.util.find_spec("torch") is not None:
        import torch