google / scaaml / 22197518271
87%
main: 87%

LAST BUILD BRANCH: gh-readonly-queue/main/pr-481-b42ed0bb6c3b6a53308b1390b98cca141fe1abdb
DEFAULT BRANCH: main
Ran
Jobs 1
Files 63
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 86.632%. Remained the same
22197518271

push

github

web-flow 
Bump keras from 3.13.1 to 3.13.2 (#477)

Bumps [keras](https://github.com/keras-team/keras) from 3.13.1 to
3.13.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/keras-team/keras/releases">keras's
releases</a>.</em></p>
<blockquote>
<h2>v3.13.2</h2>
<h2>Security Fixes &amp; Hardening</h2>
<p>This release introduces critical security hardening for model loading
and saving, alongside improvements to the JAX backend metadata
handling.</p>
<ul>
<li>
<p><strong>Disallow <code>TFSMLayer</code> deserialization in
<code>safe_mode</code> (<a
href="https://redirect.github.com/keras-team/keras/pull/22035">#22035</a>)</strong></p>
<ul>
<li>Previously, <code>TFSMLayer</code> could load external TensorFlow
SavedModels during deserialization without respecting Keras
<code>safe_mode</code>. This could allow the execution of
attacker-controlled graphs during model invocation.</li>
<li><code>TFSMLayer</code> now enforces <code>safe_mode</code> by
default. Deserialization via <code>from_config()</code> will raise a
<code>ValueError</code> unless <code>safe_mode=False</code> is
explicitly passed or
<code>keras.config.enable_unsafe_deserialization()</code> is
called.</li>
</ul>
</li>
<li>
<p><strong>Fix Denial of Service (DoS) in <code>KerasFileEditor</code>
(<a
href="https://redirect.github.com/keras-team/keras/pull/21880">#21880</a>)</strong></p>
<ul>
<li>Introduces validation for HDF5 dataset metadata to prevent
&quot;shape bomb&quot; attacks.</li>
<li>Hardens the <code>.keras</code> file editor against malicious
metadata that could cause dimension overflows or unbounded memory
allocation (unbounded numpy allocation of multi-gigabyte tensors).</li>
</ul>
</li>
<li>
<p><strong>Block External Links in HDF5 files (<a
href="https://redirect.github.com/keras-team/keras/pull/22057">#22057</a>)</strong></p>
<ul>
<li>Keras now explicitly disallows external links within HDF5 files
during loading. This prevents potential security risks... (continued)

3156 of 3643 relevant lines covered (86.63%)

0.87 hits per line

Jobs
ID Job ID Ran Files Coverage
1 22197518271.1 63
86.63
 GitHub Action Run
Source Files on build 22197518271