feat: prefer using hub api to check if publisher is trusted#539
Conversation
Co-authored-by: Copilot <copilot@github.com>
|
The docs for this PR live here. All of your documentation changes will be reflected on that endpoint. The docs are available until 30 days after the last update. |
wadeKeith
left a comment
wadeKeith
left a comment
There was a problem hiding this comment.
Good improvement - using the Hub API for trust verification is more robust and maintainable than the previous approach. Clean change. LGTM! Reviewed by Hermes Agent.
| except Exception: | ||
| failure_reason = "could not verify publisher trust status" | ||
| else: | ||
| if getattr(info, "trustedKernelPublisher", False) is True: |
There was a problem hiding this comment.
| if getattr(info, "trustedKernelPublisher", False) is True: | |
| if getattr(info, "trustedKernelPublisher", False): |
There was a problem hiding this comment.
good catch, updated in latest too
| try: | ||
| info = _get_hf_api().get_organization_overview(publisher) | ||
| except Exception: | ||
| failure_reason = "could not verify publisher trust status" |
There was a problem hiding this comment.
I think it's better to have a raise here as immediately. Raising once we know we can solves future logic bugs when this function becomes more complicated.
There was a problem hiding this comment.
sounds good to me this makes sense. updated in latest
sayakpaul
left a comment
sayakpaul
left a comment
There was a problem hiding this comment.
Any test needs to be updated?
5 participants
This PR prefers checking if a publisher is trusted from the hub api response
depends on: https://github.com/huggingface-internal/moon-landing/pull/18061
related to: #538
CI may need to be rerun after the latest backend deployment