Hugging Face has announced that Safetensors, the model weight storage format it developed, has officially joined the PyTorch Foundation. The project will now be hosted under the foundation, standing alongside other prominent open-source technologies such as PyTorch, DeepSpeed, Ray, and vLLM.
Safetensors was originally created by Hugging Face to address long-standing security vulnerabilities in the machine learning field. Early model weights frequently relied on the Pickle format, which carries the risk of executing malicious code. As open-source models have become the backbone of the AI ecosystem, this risk has become unacceptable.
From Corporate Project to Community Asset
"We want Safetensors to truly belong to the community," Hugging Face stated in its official announcement. While the project has always been open-source, joining the PyTorch Foundation means its trademarks, codebase, and governance are now transferred to the Linux Foundation, ensuring it is no longer tied to any single company.
Hugging Face noted that this move is intended to ensure the project's long-term development reflects the needs of the broader community. Although core maintainers Luc Georges and Daniel will continue to serve on the Technical Steering Committee and handle day-to-day maintenance, the project's governance structure has now been formally codified through public documentation.
For the vast majority of developers, this change will have no functional impact. The Safetensors API, integration methods, and format standards remain unchanged. The tens of thousands of models currently hosted on the Hugging Face Hub will continue to function normally, with no compatibility issues expected.
The design of Safetensors centers on simplicity and security. It uses a JSON header to describe metadata, followed by raw tensor data. By supporting zero-copy and lazy loading, developers can read individual weights without needing to deserialize the entire checkpoint, significantly improving efficiency.
As Safetensors becomes the industry-standard format for model distribution, this transition in governance is seen as a major milestone in the technology's maturity. Looking ahead, Hugging Face plans to deepen its collaboration with the PyTorch team to further expand the format's application across a wider range of scenarios.
