feat: add trusted orgs and flag by drbh · Pull Request #512 · huggingface/kernels

drbh · 2026-04-29T21:27:54Z

This PR adds a trust_remote_code and hardcoded list of trusted orgs

HuggingFaceDocBuilderDev · 2026-04-29T21:29:50Z

The docs for this PR live here. All of your documentation changes will be reflected on that endpoint. The docs are available until 30 days after the last update.

sayakpaul · 2026-05-01T05:05:06Z


 KNOWN_BACKENDS = {"cpu", "cuda", "metal", "neuron", "rocm", "xpu", "npu"}

+TRUSTED_KERNEL_ORGS = {"kernels-community", "kernels-test", "sglang"}


Suggested change

TRUSTED_KERNEL_ORGS = {"kernels-community", "kernels-test", "sglang"}

TRUSTED_KERNEL_ORGS = {"kernels-community", "kernels-staging", "kernels-test", "sglang"}

please rely on the hub api for this, so it's consistent with the UI:

(cc @krampstudio)

{"kernels-community", "kernels-staging", "kernels-test", "sglang"}

Can we ensure the above list is consistent with the Hub?

thanks for the feedback, i've updated _check_trust_remote_code to check the repo_info response for the trustedPublisher attribute.

full logic is:

if trust_remote_code=True, skip all checks

check the hardcoded list (just "kernels-test" for now)

fetch the repo_info and check attribute

{"kernels-community", "kernels-staging", "kernels-test", "sglang"}

Can we ensure the above list is consistent with the Hub?

Here is the list configured on the Hub:

Co-authored-by: Daniël de Kok <me@danieldk.eu>

hardcoded list

danieldk · 2026-05-04T08:10:28Z

+        )
+
+    org = repo_id.split("/", 1)[0]
+    if org in _ALWAYS_TRUSTED_ORGS:


Do we need this, since kernels-test is already a trusted org. That way, this would get properly tested during tests as well.

nope this is unneeded now (just ran into some CI issues without this special case earlier). it looks like kernels-test are returning the trustedPublisher attribute now after some spot checks.

removed in latest

ahh the issue is now we surface a untrusted publisher if the repo info cannot be fetched since the check depends on the repo info. need to revisit with a better solution

Co-authored-by: Daniël de Kok <me@danieldk.eu>

feat: add trusted orgs and flag

b0e6583

sayakpaul mentioned this pull request Apr 30, 2026

feat: implement trust_remote_code #513

Closed

fix: format changes

25f5be0

drbh temporarily deployed to testpypi April 30, 2026 19:02 — with GitHub Actions Inactive

sayakpaul previously approved these changes May 1, 2026

View reviewed changes

danieldk reviewed May 1, 2026

View reviewed changes

Comment thread kernels/src/kernels/__init__.py Outdated

Comment thread kernels/tests/test_basic.py Outdated

Comment thread kernels/tests/test_basic.py Outdated

Update kernels/tests/test_basic.py

3b27521

Co-authored-by: Daniël de Kok <me@danieldk.eu>

drbh dismissed sayakpaul’s stale review via 3b27521 May 1, 2026 14:32

drbh temporarily deployed to testpypi May 1, 2026 14:32 — with GitHub Actions Inactive

fix: remove public TRUSTED_KERNEL_ORGS and update remote code tests

bc9db75

drbh temporarily deployed to testpypi May 1, 2026 14:50 — with GitHub Actions Inactive

feat: prefer checking against the hub info response rather than

933be67

hardcoded list

drbh temporarily deployed to testpypi May 1, 2026 15:03 — with GitHub Actions Inactive

drbh added 2 commits May 1, 2026 11:07

fix: prefer using _get_hf_api

95e079c

fix: short circuit remote check for kernels-test org

21ddb7a

drbh temporarily deployed to testpypi May 1, 2026 15:08 — with GitHub Actions Inactive

danieldk reviewed May 4, 2026

View reviewed changes

fix: adjust error text in kernels/src/kernels/utils.py

9b97564

Co-authored-by: Daniël de Kok <me@danieldk.eu>

drbh temporarily deployed to testpypi May 4, 2026 12:00 — with GitHub Actions Inactive

fix: remove always trusted orgs and update test org

7820c04

drbh temporarily deployed to testpypi May 4, 2026 12:03 — with GitHub Actions Inactive

fix: add hardcoded trusted orgs for now

75590a6

drbh temporarily deployed to testpypi May 4, 2026 16:01 — with GitHub Actions Inactive

fix: avoid repo info fetch path

4a44385

drbh temporarily deployed to testpypi May 4, 2026 16:11 — with GitHub Actions Inactive

danieldk approved these changes May 4, 2026

View reviewed changes

drbh merged commit 658395e into main May 4, 2026
67 of 68 checks passed

danieldk mentioned this pull request May 6, 2026

Implement trust_remote_code for non-trusted publishers #508

Closed


		KNOWN_BACKENDS = {"cpu", "cuda", "metal", "neuron", "rocm", "xpu", "npu"}

		TRUSTED_KERNEL_ORGS = {"kernels-community", "kernels-test", "sglang"}

Conversation

drbh commented Apr 29, 2026

Uh oh!

HuggingFaceDocBuilderDev commented Apr 29, 2026

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

krampstudio May 2, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

krampstudio May 2, 2026 •

edited

Loading