-
Notifications
You must be signed in to change notification settings - Fork 4
Expand file tree
/
Copy pathveritensor.yaml
More file actions
71 lines (54 loc) · 2.35 KB
/
veritensor.yaml
File metadata and controls
71 lines (54 loc) · 2.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
# 🛡️ Veritensor Configuration File
# This file controls security policies, license checks, and scanner behavior.
# --- General Settings ---
# Minimum severity level to fail the build (Exit Code 1).
# Options: CRITICAL, HIGH, MEDIUM, LOW
# Default: CRITICAL (Blocks Remote Code Execution and Malware)
fail_on_severity: "CRITICAL"
# Output format for logs.
# Options: table (for humans), json (for scripts), sarif (for GitHub Security)
output_format: "table"
# --- License Firewall (New) ---
# Should the build fail if the model has NO license metadata?
# true = FAIL, false = WARNING (Default)
fail_on_missing_license: false
# List of restricted license patterns.
# Supports simple substrings (case-insensitive) and Regex.
custom_restricted_licenses:
- "cc-by-nc" # Blocks Non-Commercial
- "research-only" # Blocks Research Only
# Regex example: Block any version of AGPL (v1, v3, etc.)
- "regex:^agpl.*"
# --- Model Whitelist (Identity) ---
# List of repositories that are trusted regardless of their license.
# Useful for internal models or specific approved external models.
# Supports "regex:" or "pattern:" prefix for advanced matching.
allowed_models:
# Simple substring match (allows specific model)
- 'google-bert/bert-base-uncased'
# Regex match: Allow ALL models from "meta-llama" organization
- 'regex:^meta-llama/.*'
# Regex match: Allow specific version pattern (e.g., v1.0 to v1.9)
- 'pattern:my-org/internal-model-v1\.[0-9]'
# --- Security Policies (Pickle/PyTorch) ---
# List of additional Python modules that are trusted during deserialization.
# Veritensor already trusts standard ML libraries (torch, numpy, collections).
allowed_modules:
- "pandas"
- "scipy"
- "sklearn"
- "tqdm"
# Regex works here too! Allow all submodules of my_company
# - "regex:^my_company\..*"
# --- Exceptions (False Positives) ---
# Specific threats to ignore. Use with caution!
# Format matches the output string: "SEVERITY: module.function"
ignored_rules:
# Example: Allow checking if a file exists (usually safe)
# - "CRITICAL: os.path.exists"
# Example: Allow network requests (High risk, enable only if necessary)
# - "HIGH: requests.get"
# --- Registry & Identity ---
# Hugging Face Token can be set here, but it is RECOMMENDED
# to use the environment variable VERITENSOR_HF_TOKEN instead for security.
# hf_token: "hf_..."