Single jar file for Java access to the intfloat/multilingual-e5-base model/data to avoid dynamic loading vulnerabilities

#19
by wnmills3 - opened

I currently use code like below to download and access the multilingual-e5-base model:

    static String DJL_MODEL = "intfloat/multilingual-e5-base";
    static String DJL_PATH = "djl://ai.djl.huggingface.pytorch/" + DJL_MODEL;
    static private HuggingFaceTokenizer huggingFaceTokenizer;
    static private HuggingFaceTokenizer getHuggingFaceTokenizer() {
        if (huggingFaceTokenizer == null) {
            huggingFaceTokenizer = HuggingFaceTokenizer.newInstance(DJL_MODEL,
                getDJLConfig());
        }
        return huggingFaceTokenizer;
    }

But running vulnerability scanning generates lots of HIGH vulnerabilities with this approach:

image.png

It would be much easier to reference this model via a jar file (including the data) from Maven in our pom.xml file.

If such a jar file exists, please provide the pom.xml dependency so I can reference it in a controlled way (the dynamic load could change/break without our knowledge).

If the jar file exists but not in Maven, we can place it in our repo using mvn validate to copy the jar from where we download it.

Thank you in advance for your help!

We do not have jar file, but you are welcome to build one for this model.

From which repo? I looked in the ~/.cache/huggingface/hub that gets downloaded dynamically, but it isn't clear to me where the APIs etc are stored and where the data are expected to be located. I'm happy to try to do this but haven't made sense of the repo layout yet.

I'm trying:
git clone https://huggingface.co./intfloat/multilingual-e5-base
to see what comes down. Perhaps that will answer my questions...

Unfortunately, didn't help me.

All I really need is to figure out how to get the newInstance call to look elsewhere for the huggingface/hub directory. It appears to be defaulting to ~/.cache/huggingface/hub, but I've tried setting HF_HUB_CACHE and HUGGINGFACE_HUB_CACHE to an alternative location, and they don't work. I'm trying to get the e5 multilingual model to load in a docker container but when trying to save the files during newInstace in the JNI layer, it fails with permissions issues.

Alternatively, if the JNI code is in a GitHub somewhere, I could read that to see how it determines the hub directory location.

I've seen ENGINE_CACHE_DIR and DJL_CACHE_DIR for the dylib loading but that is different in ~/Library/CACHE... on a MacOS

Solution: set the HF_HOME environment variable to a directory that can be written to by the default user in the container when starting the container.

wnmills3 changed discussion status to closed

Sign up or log in to comment