{"passport":{"unfragile":{"@version":"1.0","version":"2026-05","artifact":{"id":"pypi_pypi-safetensors","slug":"pypi-safetensors","name":"safetensors","type":"repo","url":"https://pypi.org/project/safetensors/","page_url":"https://unfragile.ai/pypi-safetensors","categories":["model-training"],"tags":[],"pricing":{"model":"open_source","free":true,"starting_price":null},"status":"active","verified":false},"capabilities":[{"id":"pypi_pypi-safetensors__cap_0","uri":"capability://safety.moderation.pickle.free.tensor.serialization.with.arbitrary.code.execution.prevention","name":"pickle-free tensor serialization with arbitrary code execution prevention","description":"Implements a custom binary format (8-byte header + JSON metadata + contiguous data buffer) that eliminates pickle's arbitrary code execution vulnerability by design. The format uses a simple, declarative structure with no dynamic code loading or object reconstruction, making it safe to load from untrusted sources. Validation occurs at the Rust core level (~400 lines) before any Python object instantiation, preventing malicious payloads from executing during deserialization.","intents":["Load model weights from untrusted sources without security risk","Replace pickle-based model checkpoints with a safer serialization format","Ensure model files cannot execute arbitrary code when deserialized","Audit and validate tensor data before loading into memory"],"best_for":["ML teams handling models from external sources or public repositories","Organizations with strict security policies requiring code-execution-free deserialization","Developers building model distribution systems (HuggingFace Hub, model zoos)"],"limitations":["Header size capped at 100MB to prevent DOS attacks — very large tensor metadata dictionaries may fail","Format is read-only for validation; no in-place modification of serialized tensors without full reload","No support for custom Python objects or non-tensor data structures (unlike pickle)"],"requires":["Python 3.7+","Rust compiler (if building from source; pre-built wheels available on PyPI)"],"input_types":["safetensors binary files (.safetensors)","JSON metadata (embedded in file header)"],"output_types":["Framework-specific tensor objects (torch.Tensor, np.ndarray, tf.Tensor, jax.Array)","Dictionary of tensors with metadata"],"categories":["safety-moderation","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"pypi_pypi-safetensors__cap_1","uri":"capability://data.processing.analysis.zero.copy.tensor.loading.via.memory.mapping","name":"zero-copy tensor loading via memory mapping","description":"Implements memory-mapped file access through the Rust core's safe_open() context manager, which maps the safetensors file directly into process memory without copying tensor data. The JSON header is parsed once to build an offset index, then individual tensors are accessed on-demand by calculating byte offsets into the contiguous data buffer. This approach eliminates the memory overhead of eager loading and enables partial tensor access without materializing the entire model.","intents":["Load multi-gigabyte models on memory-constrained devices (mobile, edge)","Access specific layers or weight matrices without loading the full model","Reduce model loading latency by avoiding data copies","Enable efficient batch processing of model weights without duplication"],"best_for":["Edge ML deployments with limited RAM (mobile, IoT, embedded systems)","Inference servers handling multiple concurrent model loads","Researchers working with very large models (100GB+) on shared infrastructure"],"limitations":["Memory mapping requires file system support for mmap() — not available on all platforms (e.g., some Windows configurations)","Tensors must be contiguous in the file; non-contiguous access patterns may require copying","File must remain open for the duration of tensor access; closing the file invalidates memory-mapped pointers","Platform-specific behavior: page alignment and cache coherency vary across OS implementations"],"requires":["Python 3.7+","Operating system with mmap support (Linux, macOS, Windows 10+)","File system that supports memory mapping (POSIX-compliant or Windows NTFS)"],"input_types":["safetensors binary files on disk or network-mounted file systems"],"output_types":["Memory-mapped tensor views (lazy-loaded, on-demand access)","Framework-specific tensor objects materialized on first access"],"categories":["data-processing-analysis","memory-knowledge"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"pypi_pypi-safetensors__cap_10","uri":"capability://data.processing.analysis.jax.flax.array.serialization.with.device.agnostic.loading","name":"jax/flax array serialization with device-agnostic loading","description":"Implements jax-specific save_file() and load_file() functions that handle JAX array conversion, including jax.Array dtype mapping, shape preservation, and device-agnostic loading (arrays are loaded on the default JAX device). The adapter extracts raw array data from JAX arrays, passes to Rust core for serialization, and reconstructs JAX arrays on load. This enables JAX/Flax-based workflows to use safetensors without framework-specific code.","intents":["Save JAX/Flax models with full dtype and shape preservation","Create JAX checkpoints that are safe to load from untrusted sources","Integrate safetensors into JAX training loops and inference pipelines","Share JAX models with PyTorch and TensorFlow"],"best_for":["JAX-based ML research teams","Flax model training and checkpointing workflows","Organizations using JAX for numerical computing","Research projects requiring framework-agnostic model serialization"],"limitations":["JAX device placement (CPU, GPU, TPU) is not preserved; loaded arrays default to the default JAX device","JAX-specific features (e.g., pytree structures, custom array types) are not preserved","Flax module metadata and architecture are not serialized; only raw tensor data","Distributed JAX arrays (sharded across devices) are materialized to a single device during serialization"],"requires":["Python 3.7+","JAX 0.3+ installed","safetensors library with jax adapter"],"input_types":["Dictionary of jax.Array objects","Flax model parameters"],"output_types":["safetensors binary file","Dictionary of jax.Array objects"],"categories":["data-processing-analysis","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"pypi_pypi-safetensors__cap_11","uri":"capability://data.processing.analysis.mlx.framework.tensor.serialization.for.apple.silicon.optimization","name":"mlx framework tensor serialization for apple silicon optimization","description":"Implements mlx-specific save_file() and load_file() functions that handle MLX tensor conversion, including mlx.core.array dtype mapping, shape preservation, and Apple Silicon device handling. The adapter extracts raw tensor data from MLX arrays, passes to Rust core for serialization, and reconstructs MLX arrays on load. This enables MLX-based workflows (optimized for Apple Silicon) to use safetensors without framework-specific code.","intents":["Save MLX models optimized for Apple Silicon with full dtype and shape preservation","Create MLX checkpoints that are safe to load from untrusted sources","Integrate safetensors into MLX training loops and inference pipelines","Share MLX models with other frameworks"],"best_for":["Apple Silicon (M1/M2/M3) ML development teams","MLX-based inference and training workflows","Organizations standardizing on MLX for on-device ML","Research projects using MLX for efficient neural networks"],"limitations":["MLX device placement (GPU, CPU) is not preserved; loaded arrays default to the default MLX device","MLX-specific optimizations and quantization formats are not preserved","Custom MLX array types and metadata are not serialized","Distributed MLX arrays are materialized to a single device during serialization"],"requires":["Python 3.8+","MLX 0.0.1+ installed","safetensors library with mlx adapter","Apple Silicon device (M1/M2/M3 or later)"],"input_types":["Dictionary of mlx.core.array objects","MLX model parameters"],"output_types":["safetensors binary file","Dictionary of mlx.core.array objects"],"categories":["data-processing-analysis","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"pypi_pypi-safetensors__cap_12","uri":"capability://automation.workflow.model.conversion.and.format.migration.utilities","name":"model conversion and format migration utilities","description":"Provides command-line and Python API utilities for converting models from other formats (PyTorch .pt, TensorFlow SavedModel, HuggingFace Transformers) to safetensors format. The conversion process loads the source model using framework-specific APIs, extracts the tensor dictionary, and serializes using safetensors. This is implemented as a set of utility functions in the Python bindings that abstract framework-specific loading logic.","intents":["Migrate existing model checkpoints from pickle to safetensors format","Convert models between frameworks (PyTorch → TensorFlow, etc.)","Batch convert model repositories to safetensors format","Implement automated format migration in CI/CD pipelines"],"best_for":["Organizations standardizing on safetensors for all model storage","Model distribution platforms (HuggingFace Hub) performing format migrations","Teams migrating from pickle-based checkpointing","Automated model conversion pipelines and CI/CD systems"],"limitations":["Conversion requires source framework to be installed; no framework-agnostic conversion","Framework-specific metadata (e.g., PyTorch requires_grad, TensorFlow variable constraints) is lost during conversion","Very large models (>100GB) may require significant disk space for intermediate files","Conversion speed depends on source framework's loading performance; no built-in parallelization"],"requires":["Python 3.7+","Source framework installed (torch, tensorflow, transformers, etc.)","safetensors library with conversion utilities","Sufficient disk space for source and target formats"],"input_types":["Model files in source format (.pt, SavedModel, etc.)","Framework-specific model objects"],"output_types":["safetensors binary files (.safetensors)","Conversion logs and status reports"],"categories":["automation-workflow","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"pypi_pypi-safetensors__cap_2","uri":"capability://data.processing.analysis.lazy.tensor.slicing.and.partial.tensor.access","name":"lazy tensor slicing and partial tensor access","description":"Implements on-demand tensor slicing through the safe_open() context manager, which parses the JSON header to compute byte offsets for each tensor, then allows slice operations (e.g., tensor[0:100, :]) to be resolved without loading the full tensor. The slicing logic calculates the exact byte range needed based on tensor shape, dtype, and requested indices, then reads only that range from the file. This is implemented in the Rust core's slice.rs module (~270 lines) and exposed through Python bindings.","intents":["Extract specific layers or weight matrices from a model without loading the entire file","Implement streaming inference that processes model weights in chunks","Inspect model structure and weight statistics without materializing tensors","Implement model pruning or quantization by selectively loading weight subsets"],"best_for":["Inference engines that process models layer-by-layer","Model analysis tools that need to inspect weights without full materialization","Distributed inference systems that partition model weights across devices","Research workflows involving selective model loading and modification"],"limitations":["Slicing is read-only; modifications require rewriting the entire file","Complex slicing patterns (e.g., non-contiguous indices) may require multiple file reads","Slice operations have ~1-5ms overhead per slice due to offset calculation and file seek","Not all frameworks support arbitrary slicing on memory-mapped tensors (e.g., TensorFlow may materialize)"],"requires":["Python 3.7+","safetensors library with safe_open() context manager support","Framework-specific tensor implementation that supports view-based slicing"],"input_types":["safetensors files with known tensor shapes and dtypes","Slice specifications (start:stop:step indices)"],"output_types":["Sliced tensor views or materialized tensor subsets","Framework-specific tensor objects (torch.Tensor, np.ndarray, etc.)"],"categories":["data-processing-analysis","memory-knowledge"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"pypi_pypi-safetensors__cap_3","uri":"capability://data.processing.analysis.framework.agnostic.tensor.serialization.with.multi.framework.adapters","name":"framework-agnostic tensor serialization with multi-framework adapters","description":"Provides a unified serialization API that abstracts framework differences through framework-specific adapter modules (torch, numpy, tensorflow, jax, mlx). Each adapter implements save_file() and load_file() functions that convert framework tensors to/from a common internal representation before writing to the safetensors binary format. The Rust core handles the actual serialization; Python adapters handle dtype mapping, device placement, and framework-specific tensor construction. This design enables a single .safetensors file to be loaded by any supported framework.","intents":["Save a PyTorch model and load it in TensorFlow or JAX without conversion","Build framework-agnostic model distribution systems","Migrate models between frameworks without intermediate format conversions","Create interoperable model checkpoints for multi-framework research"],"best_for":["Multi-framework research teams (PyTorch + TensorFlow + JAX)","Model distribution platforms (HuggingFace Hub, model zoos)","Organizations standardizing on safetensors for all model serialization","Framework migration projects requiring format compatibility"],"limitations":["Framework-specific features (e.g., PyTorch's requires_grad, TensorFlow's variable metadata) are not preserved — only raw tensor data","Device placement is not serialized; loaded tensors default to CPU and must be moved explicitly","Custom dtypes or framework-specific tensor subclasses are converted to standard dtypes (float32, int64, etc.)","Quantization formats (e.g., PyTorch's qint8) are not natively supported; must be converted to standard dtypes"],"requires":["Python 3.7+","Target framework installed (torch, tensorflow, jax, numpy, mlx, etc.)","safetensors library with framework-specific adapter modules"],"input_types":["Framework-specific tensor objects (torch.Tensor, tf.Tensor, jax.Array, np.ndarray)","Dictionary of tensors with string keys"],"output_types":["safetensors binary files (.safetensors)","Framework-specific tensor objects after loading"],"categories":["data-processing-analysis","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"pypi_pypi-safetensors__cap_4","uri":"capability://data.processing.analysis.efficient.dtype.and.shape.metadata.serialization","name":"efficient dtype and shape metadata serialization","description":"Encodes tensor metadata (shape, dtype, data type, byte offset) in a compact JSON header that is parsed once at file open time. The JSON structure maps tensor names to metadata objects containing shape arrays, dtype strings (e.g., 'F32', 'I64'), and byte offsets into the data buffer. This metadata enables the Rust core to validate tensor consistency, compute slice offsets, and construct framework-specific tensors without scanning the data buffer. The header is limited to 100MB to prevent DOS attacks.","intents":["Inspect model structure (layer names, weight shapes, dtypes) without loading tensor data","Validate tensor consistency before materialization","Compute memory requirements for model loading","Enable efficient tensor indexing and offset calculation for slicing"],"best_for":["Model inspection tools and visualization systems","Memory planning and resource allocation systems","Model validation pipelines","Distributed inference systems that need to partition weights by shape/dtype"],"limitations":["Header size capped at 100MB; models with extremely large metadata dictionaries (millions of tensors) may exceed limit","Metadata is read-only; modifying tensor shapes or dtypes requires rewriting the entire file","Custom metadata (e.g., per-tensor comments, training hyperparameters) is not supported — only shape/dtype/offset","JSON parsing overhead is ~1-10ms depending on header size and number of tensors"],"requires":["Python 3.7+","safetensors library with metadata parsing support"],"input_types":["safetensors binary files","JSON metadata embedded in file header"],"output_types":["Dictionary of tensor metadata (shape, dtype, offset)","Structured metadata objects for inspection and validation"],"categories":["data-processing-analysis","memory-knowledge"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"pypi_pypi-safetensors__cap_5","uri":"capability://data.processing.analysis.batch.tensor.serialization.with.dictionary.based.api","name":"batch tensor serialization with dictionary-based api","description":"Provides save_file(tensors_dict, filepath) and load_file(filepath) functions that serialize/deserialize entire tensor dictionaries in a single operation. The save_file() function iterates over the dictionary, computes cumulative byte offsets for each tensor, builds the JSON header with metadata, and writes the contiguous data buffer. The load_file() function reads the header, parses metadata, and returns a dictionary of framework-specific tensors. This API abstracts the complexity of offset calculation and buffer management.","intents":["Save and load complete model checkpoints as a single atomic operation","Implement model versioning and checkpointing in training loops","Create reproducible model snapshots for experiment tracking","Simplify model serialization in training frameworks (PyTorch Lightning, Hugging Face Transformers)"],"best_for":["Training pipelines that need frequent model checkpointing","Experiment tracking systems (MLflow, Weights & Biases)","Model versioning and reproducibility workflows","Production inference systems that load complete models"],"limitations":["Entire dictionary must fit in memory during serialization; no streaming write support for very large models","Dictionary keys must be valid UTF-8 strings; no support for numeric or complex object keys","Serialization is all-or-nothing; partial updates require rewriting the entire file","No built-in compression; file size equals sum of tensor data sizes (can be mitigated with external compression)"],"requires":["Python 3.7+","Framework-specific tensor objects in a dictionary","Sufficient disk space for serialized model"],"input_types":["Dictionary of framework-specific tensors {name: tensor, ...}","File path for output"],"output_types":["safetensors binary file","Dictionary of loaded tensors"],"categories":["data-processing-analysis","automation-workflow"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"pypi_pypi-safetensors__cap_6","uri":"capability://safety.moderation.dos.resistant.file.format.validation.with.header.size.limits","name":"dos-resistant file format validation with header size limits","description":"Enforces strict validation rules at the Rust FFI boundary to prevent denial-of-service attacks: header size is capped at 100MB, header must begin with '{' character (0x7B), and all tensor offsets are validated against file size before any data access. The validation occurs before Python object construction, preventing malicious files from consuming excessive memory or triggering expensive operations. This is implemented in the Rust core's validation logic (~100 lines).","intents":["Safely load model files from untrusted sources without resource exhaustion","Prevent zip-bomb style attacks using crafted safetensors files","Validate model integrity before loading into production systems","Implement security policies that require format validation"],"best_for":["Production inference systems handling user-uploaded models","Model distribution platforms with security requirements","Organizations with strict security policies","Systems handling models from untrusted sources (public repositories, user uploads)"],"limitations":["Header size limit of 100MB may reject legitimate models with millions of tensors and extensive metadata","Validation adds ~1-5ms overhead per file load due to header parsing and offset checking","No support for streaming validation; entire header must be read into memory","Validation is format-level only; does not check for semantic issues (e.g., invalid tensor values)"],"requires":["Python 3.7+","safetensors library with validation enabled (default)"],"input_types":["safetensors binary files from any source"],"output_types":["Validated tensor dictionary or error message"],"categories":["safety-moderation","data-processing-analysis"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"pypi_pypi-safetensors__cap_7","uri":"capability://data.processing.analysis.pytorch.specific.tensor.serialization.with.device.and.dtype.preservation","name":"pytorch-specific tensor serialization with device and dtype preservation","description":"Implements torch-specific save_file() and load_file() functions that handle PyTorch tensor conversion, including dtype mapping (torch.float32 → 'F32'), device handling (GPU tensors are moved to CPU before serialization), and gradient state management (requires_grad is not preserved). The adapter uses PyTorch's tensor API to extract raw data and metadata, then passes to the Rust core for serialization. On load, tensors are constructed as CPU tensors and can be moved to device explicitly.","intents":["Save PyTorch models with full dtype and shape preservation","Create PyTorch checkpoints that are safe to load from untrusted sources","Integrate safetensors into PyTorch training loops and inference pipelines","Export PyTorch models for use in other frameworks"],"best_for":["PyTorch-based ML teams","Training pipelines using PyTorch Lightning or Hugging Face Transformers","PyTorch model distribution (HuggingFace Hub, model zoos)","Organizations migrating from pickle-based checkpointing"],"limitations":["requires_grad and other training-specific metadata are not preserved; loaded tensors default to requires_grad=False","GPU tensors are automatically moved to CPU during serialization; device placement must be handled explicitly after loading","Custom PyTorch tensor subclasses are converted to standard tensors; custom behavior is lost","Quantized tensors (qint8, qint32) are converted to standard dtypes; quantization parameters are not preserved"],"requires":["Python 3.7+","PyTorch 1.9+ installed","safetensors library with torch adapter"],"input_types":["Dictionary of torch.Tensor objects","PyTorch model state_dict()"],"output_types":["safetensors binary file","Dictionary of torch.Tensor objects"],"categories":["data-processing-analysis","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"pypi_pypi-safetensors__cap_8","uri":"capability://data.processing.analysis.numpy.array.serialization.with.dtype.and.shape.preservation","name":"numpy array serialization with dtype and shape preservation","description":"Implements numpy-specific save_file() and load_file() functions that handle NumPy array conversion, including dtype mapping (np.float32 → 'F32'), shape preservation, and byte order handling (little-endian assumed). The adapter extracts raw array data and metadata using NumPy's C API, passes to Rust core for serialization, and reconstructs NumPy arrays on load. This enables NumPy-based workflows to use safetensors without framework-specific code.","intents":["Save NumPy arrays with full dtype and shape preservation","Create NumPy data files that are safe to load from untrusted sources","Integrate safetensors into NumPy-based data pipelines","Share numerical data between NumPy and other frameworks"],"best_for":["NumPy-based data science and scientific computing workflows","Data preprocessing pipelines using NumPy","Organizations standardizing on safetensors for numerical data storage","Research projects requiring framework-agnostic data serialization"],"limitations":["Structured arrays (dtype with named fields) are not supported; must be converted to standard dtypes","Byte order is assumed to be little-endian; big-endian arrays are converted automatically","NumPy-specific metadata (e.g., array flags, strides) is not preserved","Very large arrays (>2GB) may require chunked serialization (not built-in)"],"requires":["Python 3.7+","NumPy 1.16+ installed","safetensors library with numpy adapter"],"input_types":["Dictionary of np.ndarray objects","NumPy arrays with standard dtypes (float32, int64, etc.)"],"output_types":["safetensors binary file","Dictionary of np.ndarray objects"],"categories":["data-processing-analysis","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0},{"id":"pypi_pypi-safetensors__cap_9","uri":"capability://data.processing.analysis.tensorflow.keras.tensor.serialization.with.variable.and.dtype.handling","name":"tensorflow/keras tensor serialization with variable and dtype handling","description":"Implements tensorflow-specific save_file() and load_file() functions that handle TensorFlow tensor conversion, including tf.Variable to tensor conversion, dtype mapping (tf.float32 → 'F32'), and shape preservation. The adapter extracts raw tensor data from TensorFlow variables, passes to Rust core for serialization, and reconstructs TensorFlow tensors on load. This enables TensorFlow-based workflows to use safetensors without framework-specific code.","intents":["Save TensorFlow models with full dtype and shape preservation","Create TensorFlow checkpoints that are safe to load from untrusted sources","Integrate safetensors into TensorFlow training loops and inference pipelines","Share TensorFlow models with PyTorch and other frameworks"],"best_for":["TensorFlow-based ML teams","Keras model training and checkpointing workflows","TensorFlow model distribution and serving","Organizations migrating from TensorFlow's native checkpoint format"],"limitations":["tf.Variable metadata (trainable, dtype constraints) is not preserved; loaded tensors are immutable","TensorFlow-specific features (e.g., distributed variable sharding) are not supported","Custom TensorFlow layers and model subclasses are not serialized; only raw tensor data","Quantization and pruning metadata are not preserved"],"requires":["Python 3.7+","TensorFlow 2.4+ installed","safetensors library with tensorflow adapter"],"input_types":["Dictionary of tf.Tensor or tf.Variable objects","TensorFlow model weights"],"output_types":["safetensors binary file","Dictionary of tf.Tensor objects"],"categories":["data-processing-analysis","tool-use-integration"],"confidence":0.5,"matches":0,"success_rate":0}],"trust":{"score":30,"verified":false,"data_access_risk":"high","permissions":["Python 3.7+","Rust compiler (if building from source; pre-built wheels available on PyPI)","Operating system with mmap support (Linux, macOS, Windows 10+)","File system that supports memory mapping (POSIX-compliant or Windows NTFS)","JAX 0.3+ installed","safetensors library with jax adapter","Python 3.8+","MLX 0.0.1+ installed","safetensors library with mlx adapter","Apple Silicon device (M1/M2/M3 or later)"],"failure_modes":["Header size capped at 100MB to prevent DOS attacks — very large tensor metadata dictionaries may fail","Format is read-only for validation; no in-place modification of serialized tensors without full reload","No support for custom Python objects or non-tensor data structures (unlike pickle)","Memory mapping requires file system support for mmap() — not available on all platforms (e.g., some Windows configurations)","Tensors must be contiguous in the file; non-contiguous access patterns may require copying","File must remain open for the duration of tensor access; closing the file invalidates memory-mapped pointers","Platform-specific behavior: page alignment and cache coherency vary across OS implementations","JAX device placement (CPU, GPU, TPU) is not preserved; loaded arrays default to the default JAX device","JAX-specific features (e.g., pytree structures, custom array types) are not preserved","Flax module metadata and architecture are not serialized; only raw tensor data","builder identity is not verified yet","no observed match outcomes yet"],"rank_breakdown":{"adoption":0.05,"quality":0.6,"ecosystem":0.39999999999999997,"match_graph":0.25,"freshness":0.52,"weights":{"adoption":0.3,"quality":0.2,"ecosystem":0.15,"match_graph":0.3,"freshness":0.05}},"observed_outcomes":{"matches":0,"success_rate":0,"avg_confidence":0,"top_intents":[],"last_matched_at":null},"maintenance":{"status":"active","updated_at":"2026-05-24T12:16:25.060Z","last_scraped_at":"2026-05-03T15:20:15.343Z","last_commit":null},"community":{"stars":null,"forks":null,"weekly_downloads":null,"model_downloads":null,"model_likes":null}},"distribution":{"claim_url":"https://unfragile.ai/submit?claim=pypi-safetensors","compare_url":"https://unfragile.ai/compare?artifact=pypi-safetensors"}},"signature":"TKZv327lCMk11OlaYvxMKXHddBs4KzG/v/8iVQWfXUnk7GTXLb+vvigF6p+e1POiNWv1md4J/RLzvOVFAteOAQ==","signedAt":"2026-06-22T08:43:34.134Z","signedBy":"unfragile.ai","version":1},"_links":{"self":"https://unfragile.ai/api/v1/passport/pypi-safetensors","artifact":"https://unfragile.ai/pypi-safetensors","verify":"https://unfragile.ai/api/v1/verify?slug=pypi-safetensors","publicKey":"https://unfragile.ai/api/v1/trust-passport-public-key","spec":"https://unfragile.ai/trust","schema":"https://unfragile.ai/schema.json","docs":"https://unfragile.ai/docs"}}