Have you ever wondered about the safety and speed of loading machine learning model weights? The answer lies in safetensors, a cutting-edge file format that provides a secure and swift method for managing tensors.

Ever been worried about the safety of your machine learning models while loading their weights? Or perhaps the slow speed of loading them is messing up your workflow? There’s a nifty solution to all these issues: safetensors! But, how do you use them? And what’s all this talk about ‘Stable Diffusion’? Let’s get you all caught up!

What are safetensors?

In the world of machine learning, we often have to save and load tensors, which are the core data structure in neural networks. Typically, PyTorch model weights are saved or pickled into a .bin file with Python’s pickle utility. But there’s a catch. Pickle isn’t secure, and pickled files may contain malicious code that can execute when loaded. Here is where safetensors come to the rescue. Safetensors are a secure alternative to pickle, perfect for sharing model weights without compromising safety.

Why Use safetensors?

Safety is the primary reason to prefer safetensors over other methods. As the open-source community and model distribution continue to grow, it’s crucial to trust that the model weights you downloaded don’t contain any harmful code. Safetensors put a stop to any such security threats.

Loading speed is another significant advantage of safetensors. They perform a zero-copy of the tensors, ensuring quick model loading, especially when compared to pickle. The loading speed becomes noticeably faster when you’re switching between models.

Installing safetensors

Before you start, ensure you have safetensors installed. If you’re working in Colab, uncomment the following line to install the necessary libraries:

pythonCopy code#!pip install safetensors

Loading .safetensor Files

When looking at a model repository, you’ll often find weights in the .safetensors format. By default, Stable Diffusion models automatically load these .safetensors files from their subfolders if available in the model repository.

For more explicit control, you can set use_safetensors=True:

pythonCopy codefrom diffusers import DiffusionPipeline

pipeline = DiffusionPipeline.from_pretrained("runwayml/stable-diffusion-v1-5", use_safetensors=True)

Model weights may also be stored in a single .safetensors file. If the weights are Stable Diffusion weights, you can load the file directly with the from_single_file() method:

pythonCopy codefrom diffusers import StableDiffusionPipeline

pipeline = StableDiffusionPipeline.from_single_file(
    "https://huggingface.co/WarriorMama777/OrangeMixs/blob/main/Models/AbyssOrangeMix/AbyssOrangeMix.safetensors"
)

Converting Other Formats to .safetensors

Sometimes, weights stored as .bin might need conversion to .safetensors. For this, use the Convert Space to convert the weights. The Convert Space downloads the pickled weights, converts them, and opens a Pull Request to upload the newly converted .safetensors file on the Hub. The Hub’s security scanner ensures that no unsafe files or suspicious pickle imports get through.

Here’s an example of loading a model with the new .safetensors weights by specifying the reference to the Pull Request:

pythonCopy codefrom diffusers import DiffusionPipeline

pipeline = DiffusionPipeline.from_pretrained("stabilityai/stable-diffusion-2-1

Conclusion

Loading safetensors in Stable Diffusion can be a straightforward process if you follow these steps. The safety and speed offered by safetensors make them an exceptional tool in your machine learning toolbox.

The steps we went over make it pretty straightforward to use safetensors, making your model work quicker and safer. Using the right tools makes the work easier, and in many cases, safetensors could be just the thing you need.