MCPcopy
hub / github.com/huggingface/smolagents / loads

Method loads

src/smolagents/serialization.py:295–346  ·  view source on GitHub ↗

Deserialize string with format detection. Args: data: Serialized string (with "safe:" or "pickle:" prefix) allow_pickle: If False (default), reject pickle data (strict safe mode). If True, accept both safe and pickle formats.

(data: str, allow_pickle: bool = False)

Source from the content-addressed store, hash-verified

293
294 @staticmethod
295 def loads(data: str, allow_pickle: bool = False) -> Any:
296 """
297 Deserialize string with format detection.
298
299 Args:
300 data: Serialized string (with "safe:" or "pickle:" prefix)
301 allow_pickle: If False (default), reject pickle data (strict safe mode).
302 If True, accept both safe and pickle formats.
303
304 Returns:
305 Deserialized object
306
307 Raises:
308 SerializationError: If pickle data received but allow_pickle=False
309 """
310 if data.startswith(SafeSerializer.SAFE_PREFIX):
311 json_data = json.loads(data[len(SafeSerializer.SAFE_PREFIX) :])
312 return SafeSerializer.from_json_safe(json_data)
313 elif data.startswith("pickle:"):
314 # Explicit pickle prefix
315 if not allow_pickle:
316 raise SerializationError(
317 "Pickle data rejected: allow_pickle=False requires safe-only data. "
318 "This data is pickle-serialized. To deserialize it, set "
319 "allow_pickle=True (not recommended for untrusted data)."
320 )
321 # Warn about insecure pickle deserialization
322 import warnings
323
324 warnings.warn(
325 "Deserializing pickle data. This is a security risk if the data is untrusted.",
326 FutureWarning,
327 stacklevel=2,
328 )
329 return pickle.loads(base64.b64decode(data[7:]))
330 else:
331 # No prefix - legacy format, assume pickle
332 if not allow_pickle:
333 raise SerializationError(
334 "Pickle data rejected: allow_pickle=False requires safe-only data. "
335 "This data appears to be pickle-serialized (legacy format). To deserialize it, set "
336 "allow_pickle=True (not recommended for untrusted data)."
337 )
338 # Warn about insecure pickle deserialization
339 import warnings
340
341 warnings.warn(
342 "Deserializing pickle data. This is a security risk if the data is untrusted.",
343 FutureWarning,
344 stacklevel=2,
345 )
346 return pickle.loads(base64.b64decode(data))
347
348 @staticmethod
349 def _extract_method_body(method) -> str:

Calls 2

from_json_safeMethod · 0.80
SerializationErrorClass · 0.70