feat: add SHA256 model integrity check before joblib.load()

Browse source

Add verify_model_checksum() that validates model files against a
models/checksums.sha256 manifest before loading. Fails open when
manifest is missing or file not listed (backward compat), raises
HTTP 500 on hash mismatch. Created empty manifest placeholder.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

...

This commit is contained in:

Marko Djordjevic 2026-02-18 11:25:14 +01:00

parent b7f9b2e04d

commit ff15adc847

3 changed files with 71 additions and 2 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download patch file Download diff file Expand all files Collapse all files

0

models/checksums.sha256 Normal file

Unescape Escape View file