python-3.12

protectai · Jul 25, 2024 · 0a67bfe · 0a67bfe
1 parent b23b808
commit 0a67bfe
Show file tree

Hide file tree

Showing 10 changed files with 769 additions and 699 deletions.
diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml
@@ -13,7 +13,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-python@v5
         with:
-          python-version: "3.8"
+          python-version: "3.9"
       - uses: snok/install-poetry@v1
         with:
           virtualenvs-create: true

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -19,7 +19,7 @@ jobs:
           fetch-depth: 0 # Necessary to get tags
       - uses: actions/setup-python@v5
         with:
-          python-version: "3.8"
+          python-version: "3.9"
       - uses: snok/install-poetry@v1
         with:
           virtualenvs-create: true

diff --git a/.github/workflows/mypy.yml b/.github/workflows/mypy.yml
@@ -13,7 +13,7 @@ jobs:
       - uses: actions/checkout@v4
       - uses: actions/setup-python@v5
         with:
-          python-version: "3.8"
+          python-version: "3.9"
       - uses: snok/install-poetry@v1
         with:
           virtualenvs-create: true

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -19,7 +19,7 @@ jobs:
           fetch-depth: 0 # Necessary to get tags
       - uses: actions/setup-python@v5
         with:
-          python-version: "3.8"
+          python-version: "3.9"
       - uses: snok/install-poetry@v1
         with:
           virtualenvs-create: true

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        python-version: ["3.8", "3.9", "3.10", "3.11"]
+        python-version: ["3.9", "3.10", "3.11", "3.12"]
 
     steps:
       - uses: actions/checkout@v4

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -6,7 +6,7 @@ Welcome! We're glad to have you. If you would like to report a bug, request a ne
 
 1. Python
 
-   `modelscan` requires python version `>=3.8` and `<3.11`
+   `modelscan` requires python version `>=3.9` and `<3.13`
 
 2. Poetry
 

diff --git a/README.md b/README.md
@@ -91,7 +91,7 @@ At present, ModelScan supports any Pickle derived format and many others:
 | Classic ML Libraries (Sklearn, XGBoost etc.) | pickle.dump(), dill.dump(), joblib.dump(), cloudpickle.dump()                                              | Pickle, Cloudpickle, Dill, Joblib   | Yes               |
 
 ### Installation 
-ModelScan is installed on your systems as a Python package(Python 3.8 to 3.11 supported). As shown from above you can install
+ModelScan is installed on your systems as a Python package(Python 3.9 to 3.12 supported). As shown from above you can install
 it by running this in your terminal:
 
 ```bash

diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -12,17 +12,16 @@ exclude = ["tests/*", "Makefile"]
 modelscan = "modelscan.cli:main"
 
 [tool.poetry.dependencies]
-python = ">=3.8,<3.13"
+python = ">=3.9,<3.13"
 click = "^8.1.3"
-numpy = "1.24.3"
+numpy = ">=1.24.3"
 rich = "^13.4.2"
 tomlkit = ">=0.12.3,<0.14.0"
 h5py = { version = "^3.9.0", optional = true }
 
 # TODO: Add py3.12 once TF release supports
-tensorflow = { version = "^2.13.0", optional = true, python = "<3.12" }
-tensorflow-macos = { version = "^2.13.0", platform = "darwin", optional = true, python = "<3.12" }
-tensorflow-io-gcs-filesystem = { version = ">=0.23.1,<0.35", optional = true, python = "<3.12" }
+tensorflow = { version = "^2.16.2", optional = true }
+tensorflow-macos = { version = "^2.16.2", platform = "darwin", optional = true }
 
 [tool.poetry.extras]
 tensorflow = ["tensorflow", "tensorflow-macos"]
@@ -37,6 +36,7 @@ aiohttp = "^3.8.5"
 dill = "^0.3.7"
 types-requests = ">1.26"
 torch = "^2.1.2"
+tf-keras = "^2.16.0"
 
 
 [tool.poetry.group.dev.dependencies]

diff --git a/tests/test_modelscan.py b/tests/test_modelscan.py
@@ -14,7 +14,7 @@
 import sys
 import torch
 import tensorflow as tf
-from tensorflow import keras
+import tf_keras as keras
 from typing import Any, List, Set, Dict
 from test_utils import (
     generate_dill_unsafe_file,
@@ -325,6 +325,9 @@ def file_path(tmp_path_factory: Any) -> Any:
 
 @pytest.fixture(scope="session")
 def tensorflow_file_path(tmp_path_factory: Any) -> Any:
+    # Use Keras 2.0
+    os.environ["TF_USE_LEGACY_KERAS"] = "1"
+
     # Create a simple model.
     inputs = keras.Input(shape=(32,))
     outputs = keras.layers.Dense(1)(inputs)
@@ -340,17 +343,18 @@ def tensorflow_file_path(tmp_path_factory: Any) -> Any:
     tmp = tmp_path_factory.mktemp("tensorflow")
     safe_tensorflow_model_dir = tmp / "saved_model_safe"
     safe_tensorflow_model_dir.mkdir(parents=True)
-    tensorflow_model.save(safe_tensorflow_model_dir)
+    tensorflow_model.export(safe_tensorflow_model_dir)
 
     # Create an unsafe model
     unsafe_tensorflow_model = MaliciousModule(tensorflow_model)
     unsafe_tensorflow_model.build(input_shape=(32, 32))
+    unsafe_tensorflow_model.predict(np.random.random((32, 32)).astype(np.float32))
 
     # Save the unsafe model
     unsafe_tensorflow_model_dir = tmp / "saved_model_unsafe"
     unsafe_tensorflow_model_dir.mkdir(parents=True)
     unsafe_model_path = os.path.join(unsafe_tensorflow_model_dir)
-    unsafe_tensorflow_model.save(unsafe_model_path)
+    unsafe_tensorflow_model.export(unsafe_model_path)
 
     return safe_tensorflow_model_dir, unsafe_tensorflow_model_dir
 
@@ -362,6 +366,9 @@ def keras_file_extensions() -> List[str]:
 
 @pytest.fixture(scope="session")
 def keras_file_path(tmp_path_factory: Any, keras_file_extensions: List[str]) -> Any:
+    # Use Keras 2.0
+    os.environ["TF_USE_LEGACY_KERAS"] = "1"
+
     # Create a simple model.
 
     inputs = keras.Input(shape=(32,))
@@ -403,7 +410,7 @@ def keras_file_path(tmp_path_factory: Any, keras_file_extensions: List[str]) ->
     first_lambda_layer = keras.layers.Lambda(attack)(input_to_new_layer)
     second_lambda_layer = keras.layers.Lambda(attack)(first_lambda_layer)
 
-    malicious_model = tf.keras.Model(
+    malicious_model = keras.Model(
         inputs=keras_model.inputs, outputs=[second_lambda_layer]
     )
     malicious_model.compile(optimizer="adam", loss="mean_squared_error")
@@ -1485,7 +1492,6 @@ def test_scan_tensorflow(tensorflow_file_path: Any) -> None:
     assert ms.issues.all_issues == []
     assert set(results["summary"]["scanned"]["scanned_files"]) == {
         "fingerprint.pb",
-        "keras_metadata.pb",
         "saved_model.pb",
     }
     assert set(
@@ -1527,7 +1533,6 @@ def test_scan_tensorflow(tensorflow_file_path: Any) -> None:
     assert ms.issues.all_issues == expected
     assert set(results["summary"]["scanned"]["scanned_files"]) == {
         "fingerprint.pb",
-        "keras_metadata.pb",
         "saved_model.pb",
     }
     assert set(