Skip to content

Model Card #584

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Ali6x1000 wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Model Card #584

Ali6x1000 wants to merge 2 commits into from

Conversation

@Ali6x1000
Copy link

@Ali6x1000 Ali6x1000 commented Dec 6, 2025
edited
Loading

Summary

This PR introduces the ability to cryptographically bind Model Card metadata (parsed from README.md YAML front matter) to the model signature. Previously, only model artifacts were signed; this enhancement ensures that critical documentation—such as licensing, authorship, and carbon footprint data—is verified alongside the model weights.

Key Changes:

  • CLI: Added a --readme argument to all signing commands (sigstore, key, certificate, pkcs11), allowing users to specify a Model Card file.
  • Validation: Implemented strict schema validation using Pydantic to ensure metadata conforms to Hugging Face Model Card standards (e.g., enforcing numeric types for metrics like co2_emitted).
  • Core Logic: Updated the Payload class to merge validated metadata directly into the in-toto predicate during signature generation.
  • Dependencies: Added PyYAML to support front matter parsing.

Resolves #583

Signed-off-by: Ali6x1000 [email protected]

Summary

Checklist
  • All commits are signed-off, using DCO
  • All new code has docstrings and type annotations
  • All new code is covered by tests. Aim for at least 90% coverage. CI is configured to highlight lines not covered by tests.
  • Public facing changes are paired with documentation changes
  • Release note has been added to CHANGELOG.md if needed

@Ali6x1000 Ali6x1000 requested review from a team as code owners December 6, 2025 02:12
@Ali6x1000 Ali6x1000 force-pushed the main branch 4 times, most recently from 2f72786 to cd69836 Compare December 6, 2025 22:22
@Ali6x1000
Model Card
59a973b 
Model Card

This adds support for parsing and signing Model Card metadata from a
README.md file. This allows users to bind documentation (e.g., license,
author, carbon footprint) to the cryptographic signature.

Changes:
- Added `--readme` flag to all signing commands in the CLI.
- Implemented strict YAML parsing and validation using a new Pydantic
  schema in `src/model_signing/model_card.py`.
- Updated `Payload` to merge validated metadata into the in-toto
  predicate.
- Added `PyYAML` to dependencies.

-------------------------
Signed-off-by: Ali Nawaf <[email protected]>
mihaimaruseac
mihaimaruseac requested changes Dec 9, 2025
View reviewed changes
Copy link
Collaborator

@mihaimaruseac mihaimaruseac left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While this is pending for discussion, please remove any slop added by the AI. Keep only what is relevant to the PR, remove anything done extra, any comments that harm readability rather than helping it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mihaimaruseac mihaimaruseac mihaimaruseac requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Feature request: Support signing Model Card metadata

2 participants

@Ali6x1000 @mihaimaruseac