Sourced from huggingface-hub's releases.

[v1.19.0] Trusted Publishers, hf:// URIs, and expose-ports for Jobs

🔐 Keyless CI/CD auth via OIDC token exchange

CI workflows can now authenticate to the Hub without storing an HF_TOKEN secret, using Trusted Publishers. Set HF_OIDC_RESOURCE to the repo (or username) you want to scope the token to, and huggingface_hub performs the OIDC exchange under the hood — no token, no setup code. GitHub Actions is supported out of the box (with permissions: id-token: write), and other providers can pass a pre-minted ID token via HF_OIDC_ID_TOKEN. Exchanged tokens are short-lived (1 hour), repo-scoped, and cached locally with automatic refresh.

# Publish a model without storing any HF_TOKEN secret
- name: Push the model
  env:
    HF_OIDC_RESOURCE: acme/awesome-model
  run: hf upload acme/awesome-model ./model .

• [Auth] Keyless CI/CD auth via OIDC token exchange by @​hanouticelina in #4326

📚 Documentation: Trusted Publishers

🖥️ hf:// URIs for upload and download

hf upload and hf download now accept an hf:// URI in place of the positional repo ID. The URI encodes repo type, revision, and file path in a single string following the grammar hf://[<TYPE>/]<ID>[@<REVISION>][/<PATH>], so you no longer need separate --repo-type and --revision flags. When a URI is provided, it is the single source of truth — passing --repo-type or --revision on top of it raises an error, and a path in the URI cannot be combined with positional filenames (download) or path_in_repo (upload).

# Download a single file from a dataset at a given revision
hf download hf://datasets/HuggingFaceM4/FineVision@refs/pr/1/data/train.parquet
Download an entire repo
hf download hf://datasets/google/fleurs
Upload a file to a dataset on a specific branch
hf upload hf://datasets/Wauplin/my-cool-dataset@my-branch/data/train.csv ./train.csv

• [CLI] Support hf:// URIs in hf upload and hf download by @​Wauplin in #4297

📚 Documentation: CLI guide — hf:// URIs · Download guide · Upload guide

🚀 Expose job ports through the jobs proxy

Jobs can now expose container ports through the public jobs proxy using --expose <port> (CLI) or expose=[8000] (Python API). Each exposed port is reachable at https://<job_id>--<port>.hf.jobs and requires an HF token with read access to the job's namespace. This works on hf jobs run, hf jobs uv run, and their scheduled variants. Job responses now surface expose_urls on JobStatus.

# Expose a web server running on port 8000
> hf jobs run --expose 8000 python:3.12 python -m http.server 8000
✓ Job started
  id: 6a2aa7cec4f53f9fc5aa4cff
  url: https://huggingface.co/jobs/Wauplin/6a2aa7cec4f53f9fc5aa4cff
Hint: Exposed ports are reachable at (requires an HF token with read access to the job):
  https://6a2aa7cec4f53f9fc5aa4cff--8000.hf.jobs
Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/) ...

... (truncated)

• b1909eb Release: v1.19.0
• fe27c47 OIDC: Include error_description in HTTP error messages (#4341)
• 68dd701 Release: v1.19.0.rc1
• 934797e Release: v1.19.0.rc0
• 69ef7d7 [Agent] Dynamic agent harness registry (#4325)
• f6b439c [fix] Transient locaion error due to CDN (#4339)
• f1f2c43 Fix ignored-pattern warning grammar in download CLI (#4337)
• 92009d4 [Tests] Add xet/no_xet pytest markers to filter Xet vs non-Xet tests (#4336)
• e3b6d5b [Auth] Keyless CI/CD auth via OIDC token exchange (#4326)
• 8e4ca5c [CI] Remove .github/workflows/python-prerelease.yml (#4335)
• Additional commits viewable in compare view