[bandit] Ignore B614: Use of unsafe torch.load (#1426)

* B614 Use of unsafe PyTorch load fix

Signed-off-by: yes <[email protected]>

* added safetensors==0.5.3

Signed-off-by: yes <[email protected]>

* added safetensors==0.5.3

Signed-off-by: yes <[email protected]>

* testing changes

Signed-off-by: yes <[email protected]>

* B614 Use of unsafe PyTorch load fix

Signed-off-by: yes <[email protected]>

* B614 Use of unsafe PyTorch load fix

Signed-off-by: yes <[email protected]>

* revert changes

Signed-off-by: yes <[email protected]>

* code changes

Signed-off-by: yes <[email protected]>

* formatted code

Signed-off-by: yes <[email protected]>

* code changes

Signed-off-by: yes <[email protected]>

* code changes

Signed-off-by: yes <[email protected]>

* revert changes

Signed-off-by: yes <[email protected]>

* revert changes

Signed-off-by: yes <[email protected]>

---------

Signed-off-by: yes <[email protected]>

Author: tanwarsh

openfl-workspace/torch/histology_fedcurv/requirements.txt

@@ -1,3 +1,3 @@
 setuptools>=65.5.1
 torch==2.4.1
-torchvision==0.19.1
+torchvision==0.19.1

openfl-workspace/torch/mnist_eden_compression/requirements.txt

@@ -2,4 +2,4 @@ setuptools>=65.5.1
 tensorboard
 torch==2.4.1
 torchvision==0.19.1
-wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability
+wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability

openfl-workspace/torch/mnist_fed_eval/requirements.txt

@@ -2,4 +2,4 @@ setuptools>=65.5.1
 tensorboard
 torch==2.4.1
 torchvision==0.19.1
-wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability
+wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability 

openfl-workspace/torch/mnist_straggler_check/requirements.txt

@@ -4,4 +4,4 @@ setuptools>=65.5.1
 tensorboard
 torch==2.4.1
 torchvision==0.19.1
-wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability
+wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability

openfl/federated/task/runner_gandlf.py

@@ -419,7 +419,7 @@ def load_native(
                 dict in picked file. Defaults to 'optimizer_state_dict'.
             **kwargs: Additional keyword arguments.
         """
-        pickle_dict = pt.load(filepath)
+        pickle_dict = pt.load(filepath)  # nosec B614
         self.model.load_state_dict(pickle_dict[model_state_dict_key])
         self.optimizer.load_state_dict(pickle_dict[optimizer_state_dict_key])
 

openfl/federated/task/runner_pt.py

@@ -420,7 +420,7 @@ def load_native(
         Returns:
             None
         """
-        pickle_dict = torch.load(filepath)
+        pickle_dict = torch.load(filepath)  # nosec B614
         self.load_state_dict(pickle_dict[model_state_dict_key])
         self.optimizer.load_state_dict(pickle_dict[optimizer_state_dict_key])